Docs
PackagesKubernetes Cert Manager v0.0.5 published on Wednesday, Nov 23, 2022 by Pulumi
kubernetes-cert-manager.CertManager
Explore with Pulumi AI
Kubernetes Cert Manager v0.0.5 published on Wednesday, Nov 23, 2022 by Pulumi
Automates the management and issuance of TLS certificates from various issuing sources within Kubernetes
Create CertManager Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CertManager(name: string, args?: CertManagerArgs, opts?: CustomResourceOptions);@overload
def CertManager(resource_name: str,
args: Optional[CertManagerArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def CertManager(resource_name: str,
opts: Optional[ResourceOptions] = None,
affinity: Optional[pulumi_kubernetes.core.v1.AffinityArgs] = None,
cainjector: Optional[CertManagerCaInjectorArgs] = None,
cluster_resource_namespace: Optional[str] = None,
container_security_context: Optional[pulumi_kubernetes.core.v1.SecurityContextArgs] = None,
deployment_annotations: Optional[Mapping[str, str]] = None,
extra_args: Optional[Sequence[str]] = None,
extra_env: Optional[Sequence[pulumi_kubernetes.core.v1.EnvVarArgs]] = None,
extra_volume_mounts: Optional[Sequence[pulumi_kubernetes.core.v1.VolumeMountArgs]] = None,
extra_volumes: Optional[Sequence[pulumi_kubernetes.core.v1.VolumeArgs]] = None,
feature_gates: Optional[str] = None,
global_: Optional[CertManagerGlobalArgs] = None,
helm_options: Optional[ReleaseArgs] = None,
http_proxy: Optional[str] = None,
https_proxy: Optional[str] = None,
image: Optional[CertManagerImageArgs] = None,
ingress_shim: Optional[CertManagerIngressShimArgs] = None,
install_crds: Optional[bool] = None,
no_proxy: Optional[Sequence[str]] = None,
node_selector: Optional[pulumi_kubernetes.core.v1.NodeSelectorArgs] = None,
pod_annotations: Optional[Mapping[str, str]] = None,
pod_dns_config: Optional[pulumi_kubernetes.core.v1.PodDNSConfigArgs] = None,
pod_dns_policy: Optional[str] = None,
pod_labels: Optional[Mapping[str, str]] = None,
prometheus: Optional[CertManagerPrometheusArgs] = None,
replica_count: Optional[int] = None,
resources: Optional[pulumi_kubernetes.core.v1.ResourceRequirementsArgs] = None,
security_context: Optional[pulumi_kubernetes.core.v1.PodSecurityContextArgs] = None,
service_account: Optional[CertManagerServiceAccountArgs] = None,
service_annotations: Optional[Mapping[str, str]] = None,
service_labels: Optional[Mapping[str, str]] = None,
startupapicheck: Optional[CertManagerStartupAPICheckArgs] = None,
strategy: Optional[pulumi_kubernetes.apps.v1.DeploymentStrategyArgs] = None,
tolerations: Optional[Sequence[pulumi_kubernetes.core.v1.TolerationArgs]] = None,
webhook: Optional[CertManagerWebhookArgs] = None)func NewCertManager(ctx *Context, name string, args *CertManagerArgs, opts ...ResourceOption) (*CertManager, error)public CertManager(string name, CertManagerArgs? args = null, CustomResourceOptions? opts = null)
public CertManager(String name, CertManagerArgs args)
public CertManager(String name, CertManagerArgs args, CustomResourceOptions options)
type: kubernetes-cert-manager:CertManager
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CertManagerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CertManagerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CertManagerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CertManagerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CertManagerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var certManagerResource = new KubernetesCertManager.CertManager("certManagerResource", new()
{
Affinity = new Kubernetes.Core.Inputs.AffinityArgs
{
NodeAffinity = new Kubernetes.Core.Inputs.NodeAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PreferredSchedulingTermArgs
{
Preference = new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new Kubernetes.Core.Inputs.NodeSelectorArgs
{
NodeSelectorTerms = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
},
},
},
PodAffinity = new Kubernetes.Core.Inputs.PodAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
PodAntiAffinity = new Kubernetes.Core.Inputs.PodAntiAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
},
Cainjector = new KubernetesCertManager.Inputs.CertManagerCaInjectorArgs
{
Affinity = new Kubernetes.Core.Inputs.AffinityArgs
{
NodeAffinity = new Kubernetes.Core.Inputs.NodeAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PreferredSchedulingTermArgs
{
Preference = new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new Kubernetes.Core.Inputs.NodeSelectorArgs
{
NodeSelectorTerms = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
},
},
},
PodAffinity = new Kubernetes.Core.Inputs.PodAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
PodAntiAffinity = new Kubernetes.Core.Inputs.PodAntiAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
},
ContainerSecurityContext = new Kubernetes.Core.Inputs.SecurityContextArgs
{
AllowPrivilegeEscalation = false,
Capabilities = new Kubernetes.Core.Inputs.CapabilitiesArgs
{
Add = new[]
{
"string",
},
Drop = new[]
{
"string",
},
},
Privileged = false,
ProcMount = "string",
ReadOnlyRootFilesystem = false,
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
DeploymentAnnotations =
{
{ "string", "string" },
},
ExtraArgs = new[]
{
"string",
},
Image = new KubernetesCertManager.Inputs.CertManagerImageArgs
{
Digest = "string",
PullPolicy = "string",
Registry = "string",
Repository = "string",
Tag = "string",
},
NodeSelector =
{
{ "string", "string" },
},
PodAnnotations =
{
{ "string", "string" },
},
PodLabels =
{
{ "string", "string" },
},
PodSecurityContext = new Kubernetes.Core.Inputs.PodSecurityContextArgs
{
FsGroup = 0,
FsGroupChangePolicy = "string",
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
SupplementalGroups = new[]
{
0,
},
Sysctls = new[]
{
new Kubernetes.Core.Inputs.SysctlArgs
{
Name = "string",
Value = "string",
},
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
ReplicaCount = 0,
Resources = new Kubernetes.Core.Inputs.ResourceRequirementsArgs
{
Limits =
{
{ "string", "string" },
},
Requests =
{
{ "string", "string" },
},
},
ServiceAccount = new KubernetesCertManager.Inputs.CertManagerServiceAccountArgs
{
Annotations =
{
{ "string", "string" },
},
AutomountServiceAccountToken = false,
Create = false,
Name = "string",
},
Strategy = new Kubernetes.Apps.Inputs.DeploymentStrategyArgs
{
RollingUpdate = new Kubernetes.Apps.Inputs.RollingUpdateDeploymentArgs
{
MaxSurge = 0,
MaxUnavailable = 0,
},
Type = "string",
},
TimeoutSeconds = 0,
Tolerations = new[]
{
new Kubernetes.Core.Inputs.TolerationArgs
{
Effect = "string",
Key = "string",
Operator = "string",
TolerationSeconds = 0,
Value = "string",
},
},
},
ClusterResourceNamespace = "string",
ContainerSecurityContext = new Kubernetes.Core.Inputs.SecurityContextArgs
{
AllowPrivilegeEscalation = false,
Capabilities = new Kubernetes.Core.Inputs.CapabilitiesArgs
{
Add = new[]
{
"string",
},
Drop = new[]
{
"string",
},
},
Privileged = false,
ProcMount = "string",
ReadOnlyRootFilesystem = false,
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
DeploymentAnnotations =
{
{ "string", "string" },
},
ExtraArgs = new[]
{
"string",
},
ExtraEnv = new[]
{
new Kubernetes.Core.Inputs.EnvVarArgs
{
Name = "string",
Value = "string",
ValueFrom = new Kubernetes.Core.Inputs.EnvVarSourceArgs
{
ConfigMapKeyRef = new Kubernetes.Core.Inputs.ConfigMapKeySelectorArgs
{
Key = "string",
Name = "string",
Optional = false,
},
FieldRef = new Kubernetes.Core.Inputs.ObjectFieldSelectorArgs
{
FieldPath = "string",
ApiVersion = "string",
},
ResourceFieldRef = new Kubernetes.Core.Inputs.ResourceFieldSelectorArgs
{
Resource = "string",
ContainerName = "string",
Divisor = "string",
},
SecretKeyRef = new Kubernetes.Core.Inputs.SecretKeySelectorArgs
{
Key = "string",
Name = "string",
Optional = false,
},
},
},
},
ExtraVolumeMounts = new[]
{
new Kubernetes.Core.Inputs.VolumeMountArgs
{
MountPath = "string",
Name = "string",
MountPropagation = "string",
ReadOnly = false,
SubPath = "string",
SubPathExpr = "string",
},
},
ExtraVolumes = new[]
{
new Kubernetes.Core.Inputs.VolumeArgs
{
Name = "string",
GitRepo = new Kubernetes.Core.Inputs.GitRepoVolumeSourceArgs
{
Repository = "string",
Directory = "string",
Revision = "string",
},
ConfigMap = new Kubernetes.Core.Inputs.ConfigMapVolumeSourceArgs
{
DefaultMode = 0,
Items = new[]
{
new Kubernetes.Core.Inputs.KeyToPathArgs
{
Key = "string",
Path = "string",
Mode = 0,
},
},
Name = "string",
Optional = false,
},
Glusterfs = new Kubernetes.Core.Inputs.GlusterfsVolumeSourceArgs
{
Endpoints = "string",
Path = "string",
ReadOnly = false,
},
Cinder = new Kubernetes.Core.Inputs.CinderVolumeSourceArgs
{
VolumeID = "string",
FsType = "string",
ReadOnly = false,
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
},
HostPath = new Kubernetes.Core.Inputs.HostPathVolumeSourceArgs
{
Path = "string",
Type = "string",
},
Csi = new Kubernetes.Core.Inputs.CSIVolumeSourceArgs
{
Driver = "string",
FsType = "string",
NodePublishSecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
ReadOnly = false,
VolumeAttributes =
{
{ "string", "string" },
},
},
DownwardAPI = new Kubernetes.Core.Inputs.DownwardAPIVolumeSourceArgs
{
DefaultMode = 0,
Items = new[]
{
new Kubernetes.Core.Inputs.DownwardAPIVolumeFileArgs
{
Path = "string",
FieldRef = new Kubernetes.Core.Inputs.ObjectFieldSelectorArgs
{
FieldPath = "string",
ApiVersion = "string",
},
Mode = 0,
ResourceFieldRef = new Kubernetes.Core.Inputs.ResourceFieldSelectorArgs
{
Resource = "string",
ContainerName = "string",
Divisor = "string",
},
},
},
},
EmptyDir = new Kubernetes.Core.Inputs.EmptyDirVolumeSourceArgs
{
Medium = "string",
SizeLimit = "string",
},
Ephemeral = new Kubernetes.Core.Inputs.EphemeralVolumeSourceArgs
{
ReadOnly = false,
VolumeClaimTemplate = new Kubernetes.Core.Inputs.PersistentVolumeClaimTemplateArgs
{
Spec = new Kubernetes.Core.Inputs.PersistentVolumeClaimSpecArgs
{
AccessModes = new[]
{
"string",
},
DataSource = new Kubernetes.Core.Inputs.TypedLocalObjectReferenceArgs
{
Kind = "string",
Name = "string",
ApiGroup = "string",
},
DataSourceRef = new Kubernetes.Core.Inputs.TypedLocalObjectReferenceArgs
{
Kind = "string",
Name = "string",
ApiGroup = "string",
},
Resources = new Kubernetes.Core.Inputs.ResourceRequirementsArgs
{
Limits =
{
{ "string", "string" },
},
Requests =
{
{ "string", "string" },
},
},
Selector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
StorageClassName = "string",
VolumeMode = "string",
VolumeName = "string",
},
Metadata = new Kubernetes.Meta.Inputs.ObjectMetaArgs
{
Annotations =
{
{ "string", "string" },
},
ClusterName = "string",
CreationTimestamp = "string",
DeletionGracePeriodSeconds = 0,
DeletionTimestamp = "string",
Finalizers = new[]
{
"string",
},
GenerateName = "string",
Generation = 0,
Labels =
{
{ "string", "string" },
},
ManagedFields = new[]
{
new Kubernetes.Meta.Inputs.ManagedFieldsEntryArgs
{
ApiVersion = "string",
FieldsType = "string",
FieldsV1 = "{}",
Manager = "string",
Operation = "string",
Subresource = "string",
Time = "string",
},
},
Name = "string",
Namespace = "string",
OwnerReferences = new[]
{
new Kubernetes.Meta.Inputs.OwnerReferenceArgs
{
ApiVersion = "string",
Kind = "string",
Name = "string",
Uid = "string",
BlockOwnerDeletion = false,
Controller = false,
},
},
ResourceVersion = "string",
SelfLink = "string",
Uid = "string",
},
},
},
Fc = new Kubernetes.Core.Inputs.FCVolumeSourceArgs
{
FsType = "string",
Lun = 0,
ReadOnly = false,
TargetWWNs = new[]
{
"string",
},
Wwids = new[]
{
"string",
},
},
FlexVolume = new Kubernetes.Core.Inputs.FlexVolumeSourceArgs
{
Driver = "string",
FsType = "string",
Options =
{
{ "string", "string" },
},
ReadOnly = false,
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
},
Iscsi = new Kubernetes.Core.Inputs.ISCSIVolumeSourceArgs
{
Iqn = "string",
Lun = 0,
TargetPortal = "string",
ChapAuthDiscovery = false,
ChapAuthSession = false,
FsType = "string",
InitiatorName = "string",
IscsiInterface = "string",
Portals = new[]
{
"string",
},
ReadOnly = false,
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
},
GcePersistentDisk = new Kubernetes.Core.Inputs.GCEPersistentDiskVolumeSourceArgs
{
PdName = "string",
FsType = "string",
Partition = 0,
ReadOnly = false,
},
AwsElasticBlockStore = new Kubernetes.Core.Inputs.AWSElasticBlockStoreVolumeSourceArgs
{
VolumeID = "string",
FsType = "string",
Partition = 0,
ReadOnly = false,
},
Cephfs = new Kubernetes.Core.Inputs.CephFSVolumeSourceArgs
{
Monitors = new[]
{
"string",
},
Path = "string",
ReadOnly = false,
SecretFile = "string",
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
User = "string",
},
AzureFile = new Kubernetes.Core.Inputs.AzureFileVolumeSourceArgs
{
SecretName = "string",
ShareName = "string",
ReadOnly = false,
},
Flocker = new Kubernetes.Core.Inputs.FlockerVolumeSourceArgs
{
DatasetName = "string",
DatasetUUID = "string",
},
AzureDisk = new Kubernetes.Core.Inputs.AzureDiskVolumeSourceArgs
{
DiskName = "string",
DiskURI = "string",
CachingMode = "string",
FsType = "string",
Kind = "string",
ReadOnly = false,
},
Nfs = new Kubernetes.Core.Inputs.NFSVolumeSourceArgs
{
Path = "string",
Server = "string",
ReadOnly = false,
},
PersistentVolumeClaim = new Kubernetes.Core.Inputs.PersistentVolumeClaimVolumeSourceArgs
{
ClaimName = "string",
ReadOnly = false,
},
PhotonPersistentDisk = new Kubernetes.Core.Inputs.PhotonPersistentDiskVolumeSourceArgs
{
PdID = "string",
FsType = "string",
},
PortworxVolume = new Kubernetes.Core.Inputs.PortworxVolumeSourceArgs
{
VolumeID = "string",
FsType = "string",
ReadOnly = false,
},
Projected = new Kubernetes.Core.Inputs.ProjectedVolumeSourceArgs
{
Sources = new[]
{
new Kubernetes.Core.Inputs.VolumeProjectionArgs
{
ConfigMap = new Kubernetes.Core.Inputs.ConfigMapProjectionArgs
{
Items = new[]
{
new Kubernetes.Core.Inputs.KeyToPathArgs
{
Key = "string",
Path = "string",
Mode = 0,
},
},
Name = "string",
Optional = false,
},
DownwardAPI = new Kubernetes.Core.Inputs.DownwardAPIProjectionArgs
{
Items = new[]
{
new Kubernetes.Core.Inputs.DownwardAPIVolumeFileArgs
{
Path = "string",
FieldRef = new Kubernetes.Core.Inputs.ObjectFieldSelectorArgs
{
FieldPath = "string",
ApiVersion = "string",
},
Mode = 0,
ResourceFieldRef = new Kubernetes.Core.Inputs.ResourceFieldSelectorArgs
{
Resource = "string",
ContainerName = "string",
Divisor = "string",
},
},
},
},
Secret = new Kubernetes.Core.Inputs.SecretProjectionArgs
{
Items = new[]
{
new Kubernetes.Core.Inputs.KeyToPathArgs
{
Key = "string",
Path = "string",
Mode = 0,
},
},
Name = "string",
Optional = false,
},
ServiceAccountToken = new Kubernetes.Core.Inputs.ServiceAccountTokenProjectionArgs
{
Path = "string",
Audience = "string",
ExpirationSeconds = 0,
},
},
},
DefaultMode = 0,
},
Quobyte = new Kubernetes.Core.Inputs.QuobyteVolumeSourceArgs
{
Registry = "string",
Volume = "string",
Group = "string",
ReadOnly = false,
Tenant = "string",
User = "string",
},
Rbd = new Kubernetes.Core.Inputs.RBDVolumeSourceArgs
{
Image = "string",
Monitors = new[]
{
"string",
},
FsType = "string",
Keyring = "string",
Pool = "string",
ReadOnly = false,
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
User = "string",
},
ScaleIO = new Kubernetes.Core.Inputs.ScaleIOVolumeSourceArgs
{
Gateway = "string",
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
System = "string",
FsType = "string",
ProtectionDomain = "string",
ReadOnly = false,
SslEnabled = false,
StorageMode = "string",
StoragePool = "string",
VolumeName = "string",
},
Secret = new Kubernetes.Core.Inputs.SecretVolumeSourceArgs
{
DefaultMode = 0,
Items = new[]
{
new Kubernetes.Core.Inputs.KeyToPathArgs
{
Key = "string",
Path = "string",
Mode = 0,
},
},
Optional = false,
SecretName = "string",
},
Storageos = new Kubernetes.Core.Inputs.StorageOSVolumeSourceArgs
{
FsType = "string",
ReadOnly = false,
SecretRef = new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
VolumeName = "string",
VolumeNamespace = "string",
},
VsphereVolume = new Kubernetes.Core.Inputs.VsphereVirtualDiskVolumeSourceArgs
{
VolumePath = "string",
FsType = "string",
StoragePolicyID = "string",
StoragePolicyName = "string",
},
},
},
FeatureGates = "string",
Global = new KubernetesCertManager.Inputs.CertManagerGlobalArgs
{
ImagePullSecrets = new[]
{
new Kubernetes.Core.Inputs.LocalObjectReferenceArgs
{
Name = "string",
},
},
LeaderElection = new KubernetesCertManager.Inputs.CertManagerGlobalLeaderElectionArgs
{
LeaseDuration = "string",
Namespace = "string",
RenewDeadline = "string",
},
LogLevel = 0,
PodSecurityPolicy = new KubernetesCertManager.Inputs.CertManagerGlobalPodSecurityPolicyArgs
{
Enabled = false,
UseAppArmor = false,
},
PriorityClassName = "string",
Rbac = new KubernetesCertManager.Inputs.CertManagerGlobalRbacArgs
{
Create = false,
},
},
HelmOptions = new KubernetesCertManager.Inputs.ReleaseArgs
{
Atomic = false,
Chart = "string",
CleanupOnFail = false,
CreateNamespace = false,
DependencyUpdate = false,
Description = "string",
Devel = false,
DisableCRDHooks = false,
DisableOpenapiValidation = false,
DisableWebhooks = false,
ForceUpdate = false,
Keyring = "string",
Lint = false,
Manifest =
{
{ "string", "any" },
},
MaxHistory = 0,
Name = "string",
Namespace = "string",
Postrender = "string",
RecreatePods = false,
RenderSubchartNotes = false,
Replace = false,
RepositoryOpts = new KubernetesCertManager.Inputs.RepositoryOptsArgs
{
CaFile = "string",
CertFile = "string",
KeyFile = "string",
Password = "string",
Repo = "string",
Username = "string",
},
ResetValues = false,
ResourceNames =
{
{ "string", new[]
{
"string",
} },
},
ReuseValues = false,
SkipAwait = false,
SkipCrds = false,
Timeout = 0,
ValueYamlFiles = new[]
{
new StringAsset("content"),
},
Values =
{
{ "string", "any" },
},
Verify = false,
Version = "string",
WaitForJobs = false,
},
Http_proxy = "string",
Https_proxy = "string",
Image = new KubernetesCertManager.Inputs.CertManagerImageArgs
{
Digest = "string",
PullPolicy = "string",
Registry = "string",
Repository = "string",
Tag = "string",
},
IngressShim = new KubernetesCertManager.Inputs.CertManagerIngressShimArgs
{
DefaultIssuerGroup = "string",
DefaultIssuerKind = "string",
DefaultIssuerName = "string",
},
InstallCRDs = false,
No_proxy = new[]
{
"string",
},
NodeSelector = new Kubernetes.Core.Inputs.NodeSelectorArgs
{
NodeSelectorTerms = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
},
},
PodAnnotations =
{
{ "string", "string" },
},
PodDnsConfig = new Kubernetes.Core.Inputs.PodDNSConfigArgs
{
Nameservers = new[]
{
"string",
},
Options = new[]
{
new Kubernetes.Core.Inputs.PodDNSConfigOptionArgs
{
Name = "string",
Value = "string",
},
},
Searches = new[]
{
"string",
},
},
PodDnsPolicy = "string",
PodLabels =
{
{ "string", "string" },
},
Prometheus = new KubernetesCertManager.Inputs.CertManagerPrometheusArgs
{
Enabled = false,
ServiceMonitor = new KubernetesCertManager.Inputs.CertManagerPrometheusServiceMonitorArgs
{
Enabled = false,
Interval = "string",
Labels =
{
{ "string", "string" },
},
Path = "string",
PrometheusInstance = "string",
String = "string",
TargetPort = 0,
},
},
ReplicaCount = 0,
Resources = new Kubernetes.Core.Inputs.ResourceRequirementsArgs
{
Limits =
{
{ "string", "string" },
},
Requests =
{
{ "string", "string" },
},
},
SecurityContext = new Kubernetes.Core.Inputs.PodSecurityContextArgs
{
FsGroup = 0,
FsGroupChangePolicy = "string",
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
SupplementalGroups = new[]
{
0,
},
Sysctls = new[]
{
new Kubernetes.Core.Inputs.SysctlArgs
{
Name = "string",
Value = "string",
},
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
ServiceAccount = new KubernetesCertManager.Inputs.CertManagerServiceAccountArgs
{
Annotations =
{
{ "string", "string" },
},
AutomountServiceAccountToken = false,
Create = false,
Name = "string",
},
ServiceAnnotations =
{
{ "string", "string" },
},
ServiceLabels =
{
{ "string", "string" },
},
Startupapicheck = new KubernetesCertManager.Inputs.CertManagerStartupAPICheckArgs
{
Affinity = new Kubernetes.Core.Inputs.AffinityArgs
{
NodeAffinity = new Kubernetes.Core.Inputs.NodeAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PreferredSchedulingTermArgs
{
Preference = new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new Kubernetes.Core.Inputs.NodeSelectorArgs
{
NodeSelectorTerms = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
},
},
},
PodAffinity = new Kubernetes.Core.Inputs.PodAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
PodAntiAffinity = new Kubernetes.Core.Inputs.PodAntiAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
},
BackoffLimit = 0,
Enabled = false,
ExtraArgs = new[]
{
"string",
},
Image = new KubernetesCertManager.Inputs.CertManagerImageArgs
{
Digest = "string",
PullPolicy = "string",
Registry = "string",
Repository = "string",
Tag = "string",
},
JobAnnotations =
{
{ "string", "string" },
},
NodeSelector =
{
{ "string", "string" },
},
PodAnnotations =
{
{ "string", "string" },
},
PodLabels =
{
{ "string", "string" },
},
Rbac = new KubernetesCertManager.Inputs.CertManagerStartupAPICheckRBACArgs
{
Annotations =
{
{ "string", "string" },
},
},
Resources = new Kubernetes.Core.Inputs.ResourceRequirementsArgs
{
Limits =
{
{ "string", "string" },
},
Requests =
{
{ "string", "string" },
},
},
SecurityContext = new Kubernetes.Core.Inputs.PodSecurityContextArgs
{
FsGroup = 0,
FsGroupChangePolicy = "string",
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
SupplementalGroups = new[]
{
0,
},
Sysctls = new[]
{
new Kubernetes.Core.Inputs.SysctlArgs
{
Name = "string",
Value = "string",
},
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
ServiceAccount = new KubernetesCertManager.Inputs.CertManagerServiceAccountArgs
{
Annotations =
{
{ "string", "string" },
},
AutomountServiceAccountToken = false,
Create = false,
Name = "string",
},
Timeout = "string",
Tolerations = new[]
{
new Kubernetes.Core.Inputs.TolerationArgs
{
Effect = "string",
Key = "string",
Operator = "string",
TolerationSeconds = 0,
Value = "string",
},
},
},
Strategy = new Kubernetes.Apps.Inputs.DeploymentStrategyArgs
{
RollingUpdate = new Kubernetes.Apps.Inputs.RollingUpdateDeploymentArgs
{
MaxSurge = 0,
MaxUnavailable = 0,
},
Type = "string",
},
Tolerations = new[]
{
new Kubernetes.Core.Inputs.TolerationArgs
{
Effect = "string",
Key = "string",
Operator = "string",
TolerationSeconds = 0,
Value = "string",
},
},
Webhook = new KubernetesCertManager.Inputs.CertManagerWebhookArgs
{
Affinity = new Kubernetes.Core.Inputs.AffinityArgs
{
NodeAffinity = new Kubernetes.Core.Inputs.NodeAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PreferredSchedulingTermArgs
{
Preference = new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new Kubernetes.Core.Inputs.NodeSelectorArgs
{
NodeSelectorTerms = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorTermArgs
{
MatchExpressions = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchFields = new[]
{
new Kubernetes.Core.Inputs.NodeSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
},
},
},
PodAffinity = new Kubernetes.Core.Inputs.PodAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
PodAntiAffinity = new Kubernetes.Core.Inputs.PodAntiAffinityArgs
{
PreferredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.WeightedPodAffinityTermArgs
{
PodAffinityTerm = new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
Weight = 0,
},
},
RequiredDuringSchedulingIgnoredDuringExecution = new[]
{
new Kubernetes.Core.Inputs.PodAffinityTermArgs
{
TopologyKey = "string",
LabelSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
NamespaceSelector = new Kubernetes.Meta.Inputs.LabelSelectorArgs
{
MatchExpressions = new[]
{
new Kubernetes.Meta.Inputs.LabelSelectorRequirementArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
MatchLabels =
{
{ "string", "string" },
},
},
Namespaces = new[]
{
"string",
},
},
},
},
},
ContainerSecurityContext = new Kubernetes.Core.Inputs.SecurityContextArgs
{
AllowPrivilegeEscalation = false,
Capabilities = new Kubernetes.Core.Inputs.CapabilitiesArgs
{
Add = new[]
{
"string",
},
Drop = new[]
{
"string",
},
},
Privileged = false,
ProcMount = "string",
ReadOnlyRootFilesystem = false,
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
DeploymentAnnotations =
{
{ "string", "string" },
},
ExtraArgs = new[]
{
"string",
},
HostNetwork = false,
Image = new KubernetesCertManager.Inputs.CertManagerImageArgs
{
Digest = "string",
PullPolicy = "string",
Registry = "string",
Repository = "string",
Tag = "string",
},
LivenessProbe = new Kubernetes.Core.Inputs.ProbeArgs
{
Exec = new Kubernetes.Core.Inputs.ExecActionArgs
{
Command = new[]
{
"string",
},
},
FailureThreshold = 0,
HttpGet = new Kubernetes.Core.Inputs.HTTPGetActionArgs
{
Port = 0,
Host = "string",
HttpHeaders = new[]
{
new Kubernetes.Core.Inputs.HTTPHeaderArgs
{
Name = "string",
Value = "string",
},
},
Path = "string",
Scheme = "string",
},
InitialDelaySeconds = 0,
PeriodSeconds = 0,
SuccessThreshold = 0,
TcpSocket = new Kubernetes.Core.Inputs.TCPSocketActionArgs
{
Port = 0,
Host = "string",
},
TerminationGracePeriodSeconds = 0,
TimeoutSeconds = 0,
},
LoadBalancerIP = "string",
MutatingWebhookConfigurationAnnotations =
{
{ "string", "string" },
},
NodeSelector =
{
{ "string", "string" },
},
PodAnnotations =
{
{ "string", "string" },
},
PodLabels =
{
{ "string", "string" },
},
ReadinessProbe = new Kubernetes.Core.Inputs.ProbeArgs
{
Exec = new Kubernetes.Core.Inputs.ExecActionArgs
{
Command = new[]
{
"string",
},
},
FailureThreshold = 0,
HttpGet = new Kubernetes.Core.Inputs.HTTPGetActionArgs
{
Port = 0,
Host = "string",
HttpHeaders = new[]
{
new Kubernetes.Core.Inputs.HTTPHeaderArgs
{
Name = "string",
Value = "string",
},
},
Path = "string",
Scheme = "string",
},
InitialDelaySeconds = 0,
PeriodSeconds = 0,
SuccessThreshold = 0,
TcpSocket = new Kubernetes.Core.Inputs.TCPSocketActionArgs
{
Port = 0,
Host = "string",
},
TerminationGracePeriodSeconds = 0,
TimeoutSeconds = 0,
},
ReplicaCount = 0,
Resources = new Kubernetes.Core.Inputs.ResourceRequirementsArgs
{
Limits =
{
{ "string", "string" },
},
Requests =
{
{ "string", "string" },
},
},
SecurePort = 0,
SecurityContext = new Kubernetes.Core.Inputs.PodSecurityContextArgs
{
FsGroup = 0,
FsGroupChangePolicy = "string",
RunAsGroup = 0,
RunAsNonRoot = false,
RunAsUser = 0,
SeLinuxOptions = new Kubernetes.Core.Inputs.SELinuxOptionsArgs
{
Level = "string",
Role = "string",
Type = "string",
User = "string",
},
SeccompProfile = new Kubernetes.Core.Inputs.SeccompProfileArgs
{
Type = "string",
LocalhostProfile = "string",
},
SupplementalGroups = new[]
{
0,
},
Sysctls = new[]
{
new Kubernetes.Core.Inputs.SysctlArgs
{
Name = "string",
Value = "string",
},
},
WindowsOptions = new Kubernetes.Core.Inputs.WindowsSecurityContextOptionsArgs
{
GmsaCredentialSpec = "string",
GmsaCredentialSpecName = "string",
HostProcess = false,
RunAsUserName = "string",
},
},
ServiceAccount = new KubernetesCertManager.Inputs.CertManagerServiceAccountArgs
{
Annotations =
{
{ "string", "string" },
},
AutomountServiceAccountToken = false,
Create = false,
Name = "string",
},
ServiceAnnotations =
{
{ "string", "string" },
},
ServiceLabels =
{
{ "string", "string" },
},
ServiceType = "string",
Strategy = new Kubernetes.Apps.Inputs.DeploymentStrategyArgs
{
RollingUpdate = new Kubernetes.Apps.Inputs.RollingUpdateDeploymentArgs
{
MaxSurge = 0,
MaxUnavailable = 0,
},
Type = "string",
},
TimeoutSeconds = 0,
Tolerations = new[]
{
new Kubernetes.Core.Inputs.TolerationArgs
{
Effect = "string",
Key = "string",
Operator = "string",
TolerationSeconds = 0,
Value = "string",
},
},
Url = new KubernetesCertManager.Inputs.CertManagerWebhookURLArgs
{
Host = "string",
},
ValidatingWebhookConfigurationAnnotations =
{
{ "string", "string" },
},
},
});
example, err := kubernetescertmanager.NewCertManager(ctx, "certManagerResource", &kubernetescertmanager.CertManagerArgs{
Affinity: &corev1.AffinityArgs{
NodeAffinity: &corev1.NodeAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.PreferredSchedulingTermArray{
&corev1.PreferredSchedulingTermArgs{
Preference: &corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelectorArgs{
NodeSelectorTerms: corev1.NodeSelectorTermArray{
&corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
PodAffinity: &corev1.PodAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
PodAntiAffinity: &corev1.PodAntiAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
Cainjector: &kubernetescertmanager.CertManagerCaInjectorArgs{
Affinity: &corev1.AffinityArgs{
NodeAffinity: &corev1.NodeAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.PreferredSchedulingTermArray{
&corev1.PreferredSchedulingTermArgs{
Preference: &corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelectorArgs{
NodeSelectorTerms: corev1.NodeSelectorTermArray{
&corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
PodAffinity: &corev1.PodAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
PodAntiAffinity: &corev1.PodAntiAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
ContainerSecurityContext: &corev1.SecurityContextArgs{
AllowPrivilegeEscalation: pulumi.Bool(false),
Capabilities: &corev1.CapabilitiesArgs{
Add: pulumi.StringArray{
pulumi.String("string"),
},
Drop: pulumi.StringArray{
pulumi.String("string"),
},
},
Privileged: pulumi.Bool(false),
ProcMount: pulumi.String("string"),
ReadOnlyRootFilesystem: pulumi.Bool(false),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
DeploymentAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
ExtraArgs: pulumi.StringArray{
pulumi.String("string"),
},
Image: &kubernetescertmanager.CertManagerImageArgs{
Digest: pulumi.String("string"),
PullPolicy: pulumi.String("string"),
Registry: pulumi.String("string"),
Repository: pulumi.String("string"),
Tag: pulumi.String("string"),
},
NodeSelector: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodSecurityContext: &corev1.PodSecurityContextArgs{
FsGroup: pulumi.Int(0),
FsGroupChangePolicy: pulumi.String("string"),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
SupplementalGroups: pulumi.IntArray{
pulumi.Int(0),
},
Sysctls: corev1.SysctlArray{
&corev1.SysctlArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
ReplicaCount: pulumi.Int(0),
Resources: &corev1.ResourceRequirementsArgs{
Limits: pulumi.StringMap{
"string": pulumi.String("string"),
},
Requests: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
ServiceAccount: &kubernetescertmanager.CertManagerServiceAccountArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
AutomountServiceAccountToken: pulumi.Bool(false),
Create: pulumi.Bool(false),
Name: pulumi.String("string"),
},
Strategy: &appsv1.DeploymentStrategyArgs{
RollingUpdate: &appsv1.RollingUpdateDeploymentArgs{
MaxSurge: pulumi.Any(0),
MaxUnavailable: pulumi.Any(0),
},
Type: pulumi.String("string"),
},
TimeoutSeconds: pulumi.Int(0),
Tolerations: corev1.TolerationArray{
&corev1.TolerationArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
TolerationSeconds: pulumi.Int(0),
Value: pulumi.String("string"),
},
},
},
ClusterResourceNamespace: pulumi.String("string"),
ContainerSecurityContext: &corev1.SecurityContextArgs{
AllowPrivilegeEscalation: pulumi.Bool(false),
Capabilities: &corev1.CapabilitiesArgs{
Add: pulumi.StringArray{
pulumi.String("string"),
},
Drop: pulumi.StringArray{
pulumi.String("string"),
},
},
Privileged: pulumi.Bool(false),
ProcMount: pulumi.String("string"),
ReadOnlyRootFilesystem: pulumi.Bool(false),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
DeploymentAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
ExtraArgs: pulumi.StringArray{
pulumi.String("string"),
},
ExtraEnv: corev1.EnvVarArray{
&corev1.EnvVarArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
ValueFrom: &corev1.EnvVarSourceArgs{
ConfigMapKeyRef: &corev1.ConfigMapKeySelectorArgs{
Key: pulumi.String("string"),
Name: pulumi.String("string"),
Optional: pulumi.Bool(false),
},
FieldRef: &corev1.ObjectFieldSelectorArgs{
FieldPath: pulumi.String("string"),
ApiVersion: pulumi.String("string"),
},
ResourceFieldRef: &corev1.ResourceFieldSelectorArgs{
Resource: pulumi.String("string"),
ContainerName: pulumi.String("string"),
Divisor: pulumi.String("string"),
},
SecretKeyRef: &corev1.SecretKeySelectorArgs{
Key: pulumi.String("string"),
Name: pulumi.String("string"),
Optional: pulumi.Bool(false),
},
},
},
},
ExtraVolumeMounts: corev1.VolumeMountArray{
&corev1.VolumeMountArgs{
MountPath: pulumi.String("string"),
Name: pulumi.String("string"),
MountPropagation: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SubPath: pulumi.String("string"),
SubPathExpr: pulumi.String("string"),
},
},
ExtraVolumes: corev1.VolumeArray{
&corev1.VolumeArgs{
Name: pulumi.String("string"),
GitRepo: &corev1.GitRepoVolumeSourceArgs{
Repository: pulumi.String("string"),
Directory: pulumi.String("string"),
Revision: pulumi.String("string"),
},
ConfigMap: &corev1.ConfigMapVolumeSourceArgs{
DefaultMode: pulumi.Int(0),
Items: corev1.KeyToPathArray{
&corev1.KeyToPathArgs{
Key: pulumi.String("string"),
Path: pulumi.String("string"),
Mode: pulumi.Int(0),
},
},
Name: pulumi.String("string"),
Optional: pulumi.Bool(false),
},
Glusterfs: &corev1.GlusterfsVolumeSourceArgs{
Endpoints: pulumi.String("string"),
Path: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
},
Cinder: &corev1.CinderVolumeSourceArgs{
VolumeID: pulumi.String("string"),
FsType: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
},
HostPath: &corev1.HostPathVolumeSourceArgs{
Path: pulumi.String("string"),
Type: pulumi.String("string"),
},
Csi: &corev1.CSIVolumeSourceArgs{
Driver: pulumi.String("string"),
FsType: pulumi.String("string"),
NodePublishSecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
ReadOnly: pulumi.Bool(false),
VolumeAttributes: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
DownwardAPI: &corev1.DownwardAPIVolumeSourceArgs{
DefaultMode: pulumi.Int(0),
Items: corev1.DownwardAPIVolumeFileArray{
&corev1.DownwardAPIVolumeFileArgs{
Path: pulumi.String("string"),
FieldRef: &corev1.ObjectFieldSelectorArgs{
FieldPath: pulumi.String("string"),
ApiVersion: pulumi.String("string"),
},
Mode: pulumi.Int(0),
ResourceFieldRef: &corev1.ResourceFieldSelectorArgs{
Resource: pulumi.String("string"),
ContainerName: pulumi.String("string"),
Divisor: pulumi.String("string"),
},
},
},
},
EmptyDir: &corev1.EmptyDirVolumeSourceArgs{
Medium: pulumi.String("string"),
SizeLimit: pulumi.String("string"),
},
Ephemeral: &corev1.EphemeralVolumeSourceArgs{
ReadOnly: pulumi.Bool(false),
VolumeClaimTemplate: &corev1.PersistentVolumeClaimTemplateArgs{
Spec: &corev1.PersistentVolumeClaimSpecArgs{
AccessModes: pulumi.StringArray{
pulumi.String("string"),
},
DataSource: &corev1.TypedLocalObjectReferenceArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
ApiGroup: pulumi.String("string"),
},
DataSourceRef: &corev1.TypedLocalObjectReferenceArgs{
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
ApiGroup: pulumi.String("string"),
},
Resources: &corev1.ResourceRequirementsArgs{
Limits: pulumi.StringMap{
"string": pulumi.String("string"),
},
Requests: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Selector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
StorageClassName: pulumi.String("string"),
VolumeMode: pulumi.String("string"),
VolumeName: pulumi.String("string"),
},
Metadata: &metav1.ObjectMetaArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
ClusterName: pulumi.String("string"),
CreationTimestamp: pulumi.String("string"),
DeletionGracePeriodSeconds: pulumi.Int(0),
DeletionTimestamp: pulumi.String("string"),
Finalizers: pulumi.StringArray{
pulumi.String("string"),
},
GenerateName: pulumi.String("string"),
Generation: pulumi.Int(0),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
ManagedFields: metav1.ManagedFieldsEntryArray{
&metav1.ManagedFieldsEntryArgs{
ApiVersion: pulumi.String("string"),
FieldsType: pulumi.String("string"),
FieldsV1: pulumi.Any("{}"),
Manager: pulumi.String("string"),
Operation: pulumi.String("string"),
Subresource: pulumi.String("string"),
Time: pulumi.String("string"),
},
},
Name: pulumi.String("string"),
Namespace: pulumi.String("string"),
OwnerReferences: metav1.OwnerReferenceArray{
&metav1.OwnerReferenceArgs{
ApiVersion: pulumi.String("string"),
Kind: pulumi.String("string"),
Name: pulumi.String("string"),
Uid: pulumi.String("string"),
BlockOwnerDeletion: pulumi.Bool(false),
Controller: pulumi.Bool(false),
},
},
ResourceVersion: pulumi.String("string"),
SelfLink: pulumi.String("string"),
Uid: pulumi.String("string"),
},
},
},
Fc: &corev1.FCVolumeSourceArgs{
FsType: pulumi.String("string"),
Lun: pulumi.Int(0),
ReadOnly: pulumi.Bool(false),
TargetWWNs: pulumi.StringArray{
pulumi.String("string"),
},
Wwids: pulumi.StringArray{
pulumi.String("string"),
},
},
FlexVolume: &corev1.FlexVolumeSourceArgs{
Driver: pulumi.String("string"),
FsType: pulumi.String("string"),
Options: pulumi.StringMap{
"string": pulumi.String("string"),
},
ReadOnly: pulumi.Bool(false),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
},
Iscsi: &corev1.ISCSIVolumeSourceArgs{
Iqn: pulumi.String("string"),
Lun: pulumi.Int(0),
TargetPortal: pulumi.String("string"),
ChapAuthDiscovery: pulumi.Bool(false),
ChapAuthSession: pulumi.Bool(false),
FsType: pulumi.String("string"),
InitiatorName: pulumi.String("string"),
IscsiInterface: pulumi.String("string"),
Portals: pulumi.StringArray{
pulumi.String("string"),
},
ReadOnly: pulumi.Bool(false),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
},
GcePersistentDisk: &corev1.GCEPersistentDiskVolumeSourceArgs{
PdName: pulumi.String("string"),
FsType: pulumi.String("string"),
Partition: pulumi.Int(0),
ReadOnly: pulumi.Bool(false),
},
AwsElasticBlockStore: &corev1.AWSElasticBlockStoreVolumeSourceArgs{
VolumeID: pulumi.String("string"),
FsType: pulumi.String("string"),
Partition: pulumi.Int(0),
ReadOnly: pulumi.Bool(false),
},
Cephfs: &corev1.CephFSVolumeSourceArgs{
Monitors: pulumi.StringArray{
pulumi.String("string"),
},
Path: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SecretFile: pulumi.String("string"),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
User: pulumi.String("string"),
},
AzureFile: &corev1.AzureFileVolumeSourceArgs{
SecretName: pulumi.String("string"),
ShareName: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
},
Flocker: &corev1.FlockerVolumeSourceArgs{
DatasetName: pulumi.String("string"),
DatasetUUID: pulumi.String("string"),
},
AzureDisk: &corev1.AzureDiskVolumeSourceArgs{
DiskName: pulumi.String("string"),
DiskURI: pulumi.String("string"),
CachingMode: pulumi.String("string"),
FsType: pulumi.String("string"),
Kind: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
},
Nfs: &corev1.NFSVolumeSourceArgs{
Path: pulumi.String("string"),
Server: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
},
PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSourceArgs{
ClaimName: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
},
PhotonPersistentDisk: &corev1.PhotonPersistentDiskVolumeSourceArgs{
PdID: pulumi.String("string"),
FsType: pulumi.String("string"),
},
PortworxVolume: &corev1.PortworxVolumeSourceArgs{
VolumeID: pulumi.String("string"),
FsType: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
},
Projected: &corev1.ProjectedVolumeSourceArgs{
Sources: corev1.VolumeProjectionArray{
&corev1.VolumeProjectionArgs{
ConfigMap: &corev1.ConfigMapProjectionArgs{
Items: corev1.KeyToPathArray{
&corev1.KeyToPathArgs{
Key: pulumi.String("string"),
Path: pulumi.String("string"),
Mode: pulumi.Int(0),
},
},
Name: pulumi.String("string"),
Optional: pulumi.Bool(false),
},
DownwardAPI: &corev1.DownwardAPIProjectionArgs{
Items: corev1.DownwardAPIVolumeFileArray{
&corev1.DownwardAPIVolumeFileArgs{
Path: pulumi.String("string"),
FieldRef: &corev1.ObjectFieldSelectorArgs{
FieldPath: pulumi.String("string"),
ApiVersion: pulumi.String("string"),
},
Mode: pulumi.Int(0),
ResourceFieldRef: &corev1.ResourceFieldSelectorArgs{
Resource: pulumi.String("string"),
ContainerName: pulumi.String("string"),
Divisor: pulumi.String("string"),
},
},
},
},
Secret: &corev1.SecretProjectionArgs{
Items: corev1.KeyToPathArray{
&corev1.KeyToPathArgs{
Key: pulumi.String("string"),
Path: pulumi.String("string"),
Mode: pulumi.Int(0),
},
},
Name: pulumi.String("string"),
Optional: pulumi.Bool(false),
},
ServiceAccountToken: &corev1.ServiceAccountTokenProjectionArgs{
Path: pulumi.String("string"),
Audience: pulumi.String("string"),
ExpirationSeconds: pulumi.Int(0),
},
},
},
DefaultMode: pulumi.Int(0),
},
Quobyte: &corev1.QuobyteVolumeSourceArgs{
Registry: pulumi.String("string"),
Volume: pulumi.String("string"),
Group: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
Tenant: pulumi.String("string"),
User: pulumi.String("string"),
},
Rbd: &corev1.RBDVolumeSourceArgs{
Image: pulumi.String("string"),
Monitors: pulumi.StringArray{
pulumi.String("string"),
},
FsType: pulumi.String("string"),
Keyring: pulumi.String("string"),
Pool: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
User: pulumi.String("string"),
},
ScaleIO: &corev1.ScaleIOVolumeSourceArgs{
Gateway: pulumi.String("string"),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
System: pulumi.String("string"),
FsType: pulumi.String("string"),
ProtectionDomain: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SslEnabled: pulumi.Bool(false),
StorageMode: pulumi.String("string"),
StoragePool: pulumi.String("string"),
VolumeName: pulumi.String("string"),
},
Secret: &corev1.SecretVolumeSourceArgs{
DefaultMode: pulumi.Int(0),
Items: corev1.KeyToPathArray{
&corev1.KeyToPathArgs{
Key: pulumi.String("string"),
Path: pulumi.String("string"),
Mode: pulumi.Int(0),
},
},
Optional: pulumi.Bool(false),
SecretName: pulumi.String("string"),
},
Storageos: &corev1.StorageOSVolumeSourceArgs{
FsType: pulumi.String("string"),
ReadOnly: pulumi.Bool(false),
SecretRef: &corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
VolumeName: pulumi.String("string"),
VolumeNamespace: pulumi.String("string"),
},
VsphereVolume: &corev1.VsphereVirtualDiskVolumeSourceArgs{
VolumePath: pulumi.String("string"),
FsType: pulumi.String("string"),
StoragePolicyID: pulumi.String("string"),
StoragePolicyName: pulumi.String("string"),
},
},
},
FeatureGates: pulumi.String("string"),
Global: &kubernetescertmanager.CertManagerGlobalArgs{
ImagePullSecrets: corev1.LocalObjectReferenceArray{
&corev1.LocalObjectReferenceArgs{
Name: pulumi.String("string"),
},
},
LeaderElection: &kubernetescertmanager.CertManagerGlobalLeaderElectionArgs{
LeaseDuration: pulumi.String("string"),
Namespace: pulumi.String("string"),
RenewDeadline: pulumi.String("string"),
},
LogLevel: pulumi.Int(0),
PodSecurityPolicy: &kubernetescertmanager.CertManagerGlobalPodSecurityPolicyArgs{
Enabled: pulumi.Bool(false),
UseAppArmor: pulumi.Bool(false),
},
PriorityClassName: pulumi.String("string"),
Rbac: &kubernetescertmanager.CertManagerGlobalRbacArgs{
Create: pulumi.Bool(false),
},
},
HelmOptions: &kubernetescertmanager.ReleaseArgs{
Atomic: pulumi.Bool(false),
Chart: pulumi.String("string"),
CleanupOnFail: pulumi.Bool(false),
CreateNamespace: pulumi.Bool(false),
DependencyUpdate: pulumi.Bool(false),
Description: pulumi.String("string"),
Devel: pulumi.Bool(false),
DisableCRDHooks: pulumi.Bool(false),
DisableOpenapiValidation: pulumi.Bool(false),
DisableWebhooks: pulumi.Bool(false),
ForceUpdate: pulumi.Bool(false),
Keyring: pulumi.String("string"),
Lint: pulumi.Bool(false),
Manifest: pulumi.Map{
"string": pulumi.Any("any"),
},
MaxHistory: pulumi.Int(0),
Name: pulumi.String("string"),
Namespace: pulumi.String("string"),
Postrender: pulumi.String("string"),
RecreatePods: pulumi.Bool(false),
RenderSubchartNotes: pulumi.Bool(false),
Replace: pulumi.Bool(false),
RepositoryOpts: &kubernetescertmanager.RepositoryOptsArgs{
CaFile: pulumi.String("string"),
CertFile: pulumi.String("string"),
KeyFile: pulumi.String("string"),
Password: pulumi.String("string"),
Repo: pulumi.String("string"),
Username: pulumi.String("string"),
},
ResetValues: pulumi.Bool(false),
ResourceNames: pulumi.StringArrayMap{
"string": pulumi.StringArray{
pulumi.String("string"),
},
},
ReuseValues: pulumi.Bool(false),
SkipAwait: pulumi.Bool(false),
SkipCrds: pulumi.Bool(false),
Timeout: pulumi.Int(0),
ValueYamlFiles: pulumi.AssetOrArchiveArray{
pulumi.NewStringAsset("content"),
},
Values: pulumi.Map{
"string": pulumi.Any("any"),
},
Verify: pulumi.Bool(false),
Version: pulumi.String("string"),
WaitForJobs: pulumi.Bool(false),
},
Http_proxy: pulumi.String("string"),
Https_proxy: pulumi.String("string"),
Image: &kubernetescertmanager.CertManagerImageArgs{
Digest: pulumi.String("string"),
PullPolicy: pulumi.String("string"),
Registry: pulumi.String("string"),
Repository: pulumi.String("string"),
Tag: pulumi.String("string"),
},
IngressShim: &kubernetescertmanager.CertManagerIngressShimArgs{
DefaultIssuerGroup: pulumi.String("string"),
DefaultIssuerKind: pulumi.String("string"),
DefaultIssuerName: pulumi.String("string"),
},
InstallCRDs: pulumi.Bool(false),
No_proxy: pulumi.StringArray{
pulumi.String("string"),
},
NodeSelector: &corev1.NodeSelectorArgs{
NodeSelectorTerms: corev1.NodeSelectorTermArray{
&corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
PodAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodDnsConfig: &corev1.PodDNSConfigArgs{
Nameservers: pulumi.StringArray{
pulumi.String("string"),
},
Options: corev1.PodDNSConfigOptionArray{
&corev1.PodDNSConfigOptionArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Searches: pulumi.StringArray{
pulumi.String("string"),
},
},
PodDnsPolicy: pulumi.String("string"),
PodLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Prometheus: &kubernetescertmanager.CertManagerPrometheusArgs{
Enabled: pulumi.Bool(false),
ServiceMonitor: &kubernetescertmanager.CertManagerPrometheusServiceMonitorArgs{
Enabled: pulumi.Bool(false),
Interval: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Path: pulumi.String("string"),
PrometheusInstance: pulumi.String("string"),
String: pulumi.String("string"),
TargetPort: pulumi.Int(0),
},
},
ReplicaCount: pulumi.Int(0),
Resources: &corev1.ResourceRequirementsArgs{
Limits: pulumi.StringMap{
"string": pulumi.String("string"),
},
Requests: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
SecurityContext: &corev1.PodSecurityContextArgs{
FsGroup: pulumi.Int(0),
FsGroupChangePolicy: pulumi.String("string"),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
SupplementalGroups: pulumi.IntArray{
pulumi.Int(0),
},
Sysctls: corev1.SysctlArray{
&corev1.SysctlArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
ServiceAccount: &kubernetescertmanager.CertManagerServiceAccountArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
AutomountServiceAccountToken: pulumi.Bool(false),
Create: pulumi.Bool(false),
Name: pulumi.String("string"),
},
ServiceAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
ServiceLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Startupapicheck: &kubernetescertmanager.CertManagerStartupAPICheckArgs{
Affinity: &corev1.AffinityArgs{
NodeAffinity: &corev1.NodeAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.PreferredSchedulingTermArray{
&corev1.PreferredSchedulingTermArgs{
Preference: &corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelectorArgs{
NodeSelectorTerms: corev1.NodeSelectorTermArray{
&corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
PodAffinity: &corev1.PodAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
PodAntiAffinity: &corev1.PodAntiAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
BackoffLimit: pulumi.Int(0),
Enabled: pulumi.Bool(false),
ExtraArgs: pulumi.StringArray{
pulumi.String("string"),
},
Image: &kubernetescertmanager.CertManagerImageArgs{
Digest: pulumi.String("string"),
PullPolicy: pulumi.String("string"),
Registry: pulumi.String("string"),
Repository: pulumi.String("string"),
Tag: pulumi.String("string"),
},
JobAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
NodeSelector: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Rbac: &kubernetescertmanager.CertManagerStartupAPICheckRBACArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Resources: &corev1.ResourceRequirementsArgs{
Limits: pulumi.StringMap{
"string": pulumi.String("string"),
},
Requests: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
SecurityContext: &corev1.PodSecurityContextArgs{
FsGroup: pulumi.Int(0),
FsGroupChangePolicy: pulumi.String("string"),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
SupplementalGroups: pulumi.IntArray{
pulumi.Int(0),
},
Sysctls: corev1.SysctlArray{
&corev1.SysctlArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
ServiceAccount: &kubernetescertmanager.CertManagerServiceAccountArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
AutomountServiceAccountToken: pulumi.Bool(false),
Create: pulumi.Bool(false),
Name: pulumi.String("string"),
},
Timeout: pulumi.String("string"),
Tolerations: corev1.TolerationArray{
&corev1.TolerationArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
TolerationSeconds: pulumi.Int(0),
Value: pulumi.String("string"),
},
},
},
Strategy: &appsv1.DeploymentStrategyArgs{
RollingUpdate: &appsv1.RollingUpdateDeploymentArgs{
MaxSurge: pulumi.Any(0),
MaxUnavailable: pulumi.Any(0),
},
Type: pulumi.String("string"),
},
Tolerations: corev1.TolerationArray{
&corev1.TolerationArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
TolerationSeconds: pulumi.Int(0),
Value: pulumi.String("string"),
},
},
Webhook: &kubernetescertmanager.CertManagerWebhookArgs{
Affinity: &corev1.AffinityArgs{
NodeAffinity: &corev1.NodeAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.PreferredSchedulingTermArray{
&corev1.PreferredSchedulingTermArgs{
Preference: &corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelectorArgs{
NodeSelectorTerms: corev1.NodeSelectorTermArray{
&corev1.NodeSelectorTermArgs{
MatchExpressions: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchFields: corev1.NodeSelectorRequirementArray{
&corev1.NodeSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
},
},
PodAffinity: &corev1.PodAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
PodAntiAffinity: &corev1.PodAntiAffinityArgs{
PreferredDuringSchedulingIgnoredDuringExecution: corev1.WeightedPodAffinityTermArray{
&corev1.WeightedPodAffinityTermArgs{
PodAffinityTerm: &corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
Weight: pulumi.Int(0),
},
},
RequiredDuringSchedulingIgnoredDuringExecution: corev1.PodAffinityTermArray{
&corev1.PodAffinityTermArgs{
TopologyKey: pulumi.String("string"),
LabelSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NamespaceSelector: &metav1.LabelSelectorArgs{
MatchExpressions: metav1.LabelSelectorRequirementArray{
&metav1.LabelSelectorRequirementArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
MatchLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
Namespaces: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
},
ContainerSecurityContext: &corev1.SecurityContextArgs{
AllowPrivilegeEscalation: pulumi.Bool(false),
Capabilities: &corev1.CapabilitiesArgs{
Add: pulumi.StringArray{
pulumi.String("string"),
},
Drop: pulumi.StringArray{
pulumi.String("string"),
},
},
Privileged: pulumi.Bool(false),
ProcMount: pulumi.String("string"),
ReadOnlyRootFilesystem: pulumi.Bool(false),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
DeploymentAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
ExtraArgs: pulumi.StringArray{
pulumi.String("string"),
},
HostNetwork: pulumi.Bool(false),
Image: &kubernetescertmanager.CertManagerImageArgs{
Digest: pulumi.String("string"),
PullPolicy: pulumi.String("string"),
Registry: pulumi.String("string"),
Repository: pulumi.String("string"),
Tag: pulumi.String("string"),
},
LivenessProbe: &corev1.ProbeArgs{
Exec: &corev1.ExecActionArgs{
Command: pulumi.StringArray{
pulumi.String("string"),
},
},
FailureThreshold: pulumi.Int(0),
HttpGet: &corev1.HTTPGetActionArgs{
Port: pulumi.Any(0),
Host: pulumi.String("string"),
HttpHeaders: corev1.HTTPHeaderArray{
&corev1.HTTPHeaderArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Path: pulumi.String("string"),
Scheme: pulumi.String("string"),
},
InitialDelaySeconds: pulumi.Int(0),
PeriodSeconds: pulumi.Int(0),
SuccessThreshold: pulumi.Int(0),
TcpSocket: &corev1.TCPSocketActionArgs{
Port: pulumi.Any(0),
Host: pulumi.String("string"),
},
TerminationGracePeriodSeconds: pulumi.Int(0),
TimeoutSeconds: pulumi.Int(0),
},
LoadBalancerIP: pulumi.String("string"),
MutatingWebhookConfigurationAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
NodeSelector: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
PodLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
ReadinessProbe: &corev1.ProbeArgs{
Exec: &corev1.ExecActionArgs{
Command: pulumi.StringArray{
pulumi.String("string"),
},
},
FailureThreshold: pulumi.Int(0),
HttpGet: &corev1.HTTPGetActionArgs{
Port: pulumi.Any(0),
Host: pulumi.String("string"),
HttpHeaders: corev1.HTTPHeaderArray{
&corev1.HTTPHeaderArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
Path: pulumi.String("string"),
Scheme: pulumi.String("string"),
},
InitialDelaySeconds: pulumi.Int(0),
PeriodSeconds: pulumi.Int(0),
SuccessThreshold: pulumi.Int(0),
TcpSocket: &corev1.TCPSocketActionArgs{
Port: pulumi.Any(0),
Host: pulumi.String("string"),
},
TerminationGracePeriodSeconds: pulumi.Int(0),
TimeoutSeconds: pulumi.Int(0),
},
ReplicaCount: pulumi.Int(0),
Resources: &corev1.ResourceRequirementsArgs{
Limits: pulumi.StringMap{
"string": pulumi.String("string"),
},
Requests: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
SecurePort: pulumi.Int(0),
SecurityContext: &corev1.PodSecurityContextArgs{
FsGroup: pulumi.Int(0),
FsGroupChangePolicy: pulumi.String("string"),
RunAsGroup: pulumi.Int(0),
RunAsNonRoot: pulumi.Bool(false),
RunAsUser: pulumi.Int(0),
SeLinuxOptions: &corev1.SELinuxOptionsArgs{
Level: pulumi.String("string"),
Role: pulumi.String("string"),
Type: pulumi.String("string"),
User: pulumi.String("string"),
},
SeccompProfile: &corev1.SeccompProfileArgs{
Type: pulumi.String("string"),
LocalhostProfile: pulumi.String("string"),
},
SupplementalGroups: pulumi.IntArray{
pulumi.Int(0),
},
Sysctls: corev1.SysctlArray{
&corev1.SysctlArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WindowsOptions: &corev1.WindowsSecurityContextOptionsArgs{
GmsaCredentialSpec: pulumi.String("string"),
GmsaCredentialSpecName: pulumi.String("string"),
HostProcess: pulumi.Bool(false),
RunAsUserName: pulumi.String("string"),
},
},
ServiceAccount: &kubernetescertmanager.CertManagerServiceAccountArgs{
Annotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
AutomountServiceAccountToken: pulumi.Bool(false),
Create: pulumi.Bool(false),
Name: pulumi.String("string"),
},
ServiceAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
ServiceLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
ServiceType: pulumi.String("string"),
Strategy: &appsv1.DeploymentStrategyArgs{
RollingUpdate: &appsv1.RollingUpdateDeploymentArgs{
MaxSurge: pulumi.Any(0),
MaxUnavailable: pulumi.Any(0),
},
Type: pulumi.String("string"),
},
TimeoutSeconds: pulumi.Int(0),
Tolerations: corev1.TolerationArray{
&corev1.TolerationArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
TolerationSeconds: pulumi.Int(0),
Value: pulumi.String("string"),
},
},
Url: &kubernetescertmanager.CertManagerWebhookURLArgs{
Host: pulumi.String("string"),
},
ValidatingWebhookConfigurationAnnotations: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
})
var certManagerResource = new CertManager("certManagerResource", CertManagerArgs.builder()
.affinity(AffinityArgs.builder()
.nodeAffinity(NodeAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(PreferredSchedulingTermArgs.builder()
.preference(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(NodeSelectorArgs.builder()
.nodeSelectorTerms(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.build())
.build())
.podAffinity(PodAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.podAntiAffinity(PodAntiAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.build())
.cainjector(CertManagerCaInjectorArgs.builder()
.affinity(AffinityArgs.builder()
.nodeAffinity(NodeAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(PreferredSchedulingTermArgs.builder()
.preference(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(NodeSelectorArgs.builder()
.nodeSelectorTerms(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.build())
.build())
.podAffinity(PodAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.podAntiAffinity(PodAntiAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.build())
.containerSecurityContext(SecurityContextArgs.builder()
.allowPrivilegeEscalation(false)
.capabilities(CapabilitiesArgs.builder()
.add("string")
.drop("string")
.build())
.privileged(false)
.procMount("string")
.readOnlyRootFilesystem(false)
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.deploymentAnnotations(Map.of("string", "string"))
.extraArgs("string")
.image(CertManagerImageArgs.builder()
.digest("string")
.pullPolicy("string")
.registry("string")
.repository("string")
.tag("string")
.build())
.nodeSelector(Map.of("string", "string"))
.podAnnotations(Map.of("string", "string"))
.podLabels(Map.of("string", "string"))
.podSecurityContext(PodSecurityContextArgs.builder()
.fsGroup(0)
.fsGroupChangePolicy("string")
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.supplementalGroups(0)
.sysctls(SysctlArgs.builder()
.name("string")
.value("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.replicaCount(0)
.resources(ResourceRequirementsArgs.builder()
.limits(Map.of("string", "string"))
.requests(Map.of("string", "string"))
.build())
.serviceAccount(CertManagerServiceAccountArgs.builder()
.annotations(Map.of("string", "string"))
.automountServiceAccountToken(false)
.create(false)
.name("string")
.build())
.strategy(DeploymentStrategyArgs.builder()
.rollingUpdate(RollingUpdateDeploymentArgs.builder()
.maxSurge(0)
.maxUnavailable(0)
.build())
.type("string")
.build())
.timeoutSeconds(0)
.tolerations(TolerationArgs.builder()
.effect("string")
.key("string")
.operator("string")
.tolerationSeconds(0)
.value("string")
.build())
.build())
.clusterResourceNamespace("string")
.containerSecurityContext(SecurityContextArgs.builder()
.allowPrivilegeEscalation(false)
.capabilities(CapabilitiesArgs.builder()
.add("string")
.drop("string")
.build())
.privileged(false)
.procMount("string")
.readOnlyRootFilesystem(false)
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.deploymentAnnotations(Map.of("string", "string"))
.extraArgs("string")
.extraEnv(EnvVarArgs.builder()
.name("string")
.value("string")
.valueFrom(EnvVarSourceArgs.builder()
.configMapKeyRef(ConfigMapKeySelectorArgs.builder()
.key("string")
.name("string")
.optional(false)
.build())
.fieldRef(ObjectFieldSelectorArgs.builder()
.fieldPath("string")
.apiVersion("string")
.build())
.resourceFieldRef(ResourceFieldSelectorArgs.builder()
.resource("string")
.containerName("string")
.divisor("string")
.build())
.secretKeyRef(SecretKeySelectorArgs.builder()
.key("string")
.name("string")
.optional(false)
.build())
.build())
.build())
.extraVolumeMounts(VolumeMountArgs.builder()
.mountPath("string")
.name("string")
.mountPropagation("string")
.readOnly(false)
.subPath("string")
.subPathExpr("string")
.build())
.extraVolumes(VolumeArgs.builder()
.name("string")
.gitRepo(GitRepoVolumeSourceArgs.builder()
.repository("string")
.directory("string")
.revision("string")
.build())
.configMap(ConfigMapVolumeSourceArgs.builder()
.defaultMode(0)
.items(KeyToPathArgs.builder()
.key("string")
.path("string")
.mode(0)
.build())
.name("string")
.optional(false)
.build())
.glusterfs(GlusterfsVolumeSourceArgs.builder()
.endpoints("string")
.path("string")
.readOnly(false)
.build())
.cinder(CinderVolumeSourceArgs.builder()
.volumeID("string")
.fsType("string")
.readOnly(false)
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.build())
.hostPath(HostPathVolumeSourceArgs.builder()
.path("string")
.type("string")
.build())
.csi(CSIVolumeSourceArgs.builder()
.driver("string")
.fsType("string")
.nodePublishSecretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.readOnly(false)
.volumeAttributes(Map.of("string", "string"))
.build())
.downwardAPI(DownwardAPIVolumeSourceArgs.builder()
.defaultMode(0)
.items(DownwardAPIVolumeFileArgs.builder()
.path("string")
.fieldRef(ObjectFieldSelectorArgs.builder()
.fieldPath("string")
.apiVersion("string")
.build())
.mode(0)
.resourceFieldRef(ResourceFieldSelectorArgs.builder()
.resource("string")
.containerName("string")
.divisor("string")
.build())
.build())
.build())
.emptyDir(EmptyDirVolumeSourceArgs.builder()
.medium("string")
.sizeLimit("string")
.build())
.ephemeral(EphemeralVolumeSourceArgs.builder()
.readOnly(false)
.volumeClaimTemplate(PersistentVolumeClaimTemplateArgs.builder()
.spec(PersistentVolumeClaimSpecArgs.builder()
.accessModes("string")
.dataSource(TypedLocalObjectReferenceArgs.builder()
.kind("string")
.name("string")
.apiGroup("string")
.build())
.dataSourceRef(TypedLocalObjectReferenceArgs.builder()
.kind("string")
.name("string")
.apiGroup("string")
.build())
.resources(ResourceRequirementsArgs.builder()
.limits(Map.of("string", "string"))
.requests(Map.of("string", "string"))
.build())
.selector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.storageClassName("string")
.volumeMode("string")
.volumeName("string")
.build())
.metadata(ObjectMetaArgs.builder()
.annotations(Map.of("string", "string"))
.clusterName("string")
.creationTimestamp("string")
.deletionGracePeriodSeconds(0)
.deletionTimestamp("string")
.finalizers("string")
.generateName("string")
.generation(0)
.labels(Map.of("string", "string"))
.managedFields(ManagedFieldsEntryArgs.builder()
.apiVersion("string")
.fieldsType("string")
.fieldsV1("{}")
.manager("string")
.operation("string")
.subresource("string")
.time("string")
.build())
.name("string")
.namespace("string")
.ownerReferences(OwnerReferenceArgs.builder()
.apiVersion("string")
.kind("string")
.name("string")
.uid("string")
.blockOwnerDeletion(false)
.controller(false)
.build())
.resourceVersion("string")
.selfLink("string")
.uid("string")
.build())
.build())
.build())
.fc(FCVolumeSourceArgs.builder()
.fsType("string")
.lun(0)
.readOnly(false)
.targetWWNs("string")
.wwids("string")
.build())
.flexVolume(FlexVolumeSourceArgs.builder()
.driver("string")
.fsType("string")
.options(Map.of("string", "string"))
.readOnly(false)
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.build())
.iscsi(ISCSIVolumeSourceArgs.builder()
.iqn("string")
.lun(0)
.targetPortal("string")
.chapAuthDiscovery(false)
.chapAuthSession(false)
.fsType("string")
.initiatorName("string")
.iscsiInterface("string")
.portals("string")
.readOnly(false)
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.build())
.gcePersistentDisk(GCEPersistentDiskVolumeSourceArgs.builder()
.pdName("string")
.fsType("string")
.partition(0)
.readOnly(false)
.build())
.awsElasticBlockStore(AWSElasticBlockStoreVolumeSourceArgs.builder()
.volumeID("string")
.fsType("string")
.partition(0)
.readOnly(false)
.build())
.cephfs(CephFSVolumeSourceArgs.builder()
.monitors("string")
.path("string")
.readOnly(false)
.secretFile("string")
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.user("string")
.build())
.azureFile(AzureFileVolumeSourceArgs.builder()
.secretName("string")
.shareName("string")
.readOnly(false)
.build())
.flocker(FlockerVolumeSourceArgs.builder()
.datasetName("string")
.datasetUUID("string")
.build())
.azureDisk(AzureDiskVolumeSourceArgs.builder()
.diskName("string")
.diskURI("string")
.cachingMode("string")
.fsType("string")
.kind("string")
.readOnly(false)
.build())
.nfs(NFSVolumeSourceArgs.builder()
.path("string")
.server("string")
.readOnly(false)
.build())
.persistentVolumeClaim(PersistentVolumeClaimVolumeSourceArgs.builder()
.claimName("string")
.readOnly(false)
.build())
.photonPersistentDisk(PhotonPersistentDiskVolumeSourceArgs.builder()
.pdID("string")
.fsType("string")
.build())
.portworxVolume(PortworxVolumeSourceArgs.builder()
.volumeID("string")
.fsType("string")
.readOnly(false)
.build())
.projected(ProjectedVolumeSourceArgs.builder()
.sources(VolumeProjectionArgs.builder()
.configMap(ConfigMapProjectionArgs.builder()
.items(KeyToPathArgs.builder()
.key("string")
.path("string")
.mode(0)
.build())
.name("string")
.optional(false)
.build())
.downwardAPI(DownwardAPIProjectionArgs.builder()
.items(DownwardAPIVolumeFileArgs.builder()
.path("string")
.fieldRef(ObjectFieldSelectorArgs.builder()
.fieldPath("string")
.apiVersion("string")
.build())
.mode(0)
.resourceFieldRef(ResourceFieldSelectorArgs.builder()
.resource("string")
.containerName("string")
.divisor("string")
.build())
.build())
.build())
.secret(SecretProjectionArgs.builder()
.items(KeyToPathArgs.builder()
.key("string")
.path("string")
.mode(0)
.build())
.name("string")
.optional(false)
.build())
.serviceAccountToken(ServiceAccountTokenProjectionArgs.builder()
.path("string")
.audience("string")
.expirationSeconds(0)
.build())
.build())
.defaultMode(0)
.build())
.quobyte(QuobyteVolumeSourceArgs.builder()
.registry("string")
.volume("string")
.group("string")
.readOnly(false)
.tenant("string")
.user("string")
.build())
.rbd(RBDVolumeSourceArgs.builder()
.image("string")
.monitors("string")
.fsType("string")
.keyring("string")
.pool("string")
.readOnly(false)
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.user("string")
.build())
.scaleIO(ScaleIOVolumeSourceArgs.builder()
.gateway("string")
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.system("string")
.fsType("string")
.protectionDomain("string")
.readOnly(false)
.sslEnabled(false)
.storageMode("string")
.storagePool("string")
.volumeName("string")
.build())
.secret(SecretVolumeSourceArgs.builder()
.defaultMode(0)
.items(KeyToPathArgs.builder()
.key("string")
.path("string")
.mode(0)
.build())
.optional(false)
.secretName("string")
.build())
.storageos(StorageOSVolumeSourceArgs.builder()
.fsType("string")
.readOnly(false)
.secretRef(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.volumeName("string")
.volumeNamespace("string")
.build())
.vsphereVolume(VsphereVirtualDiskVolumeSourceArgs.builder()
.volumePath("string")
.fsType("string")
.storagePolicyID("string")
.storagePolicyName("string")
.build())
.build())
.featureGates("string")
.global(CertManagerGlobalArgs.builder()
.imagePullSecrets(LocalObjectReferenceArgs.builder()
.name("string")
.build())
.leaderElection(CertManagerGlobalLeaderElectionArgs.builder()
.leaseDuration("string")
.namespace("string")
.renewDeadline("string")
.build())
.logLevel(0)
.podSecurityPolicy(CertManagerGlobalPodSecurityPolicyArgs.builder()
.enabled(false)
.useAppArmor(false)
.build())
.priorityClassName("string")
.rbac(CertManagerGlobalRbacArgs.builder()
.create(false)
.build())
.build())
.helmOptions(ReleaseArgs.builder()
.atomic(false)
.chart("string")
.cleanupOnFail(false)
.createNamespace(false)
.dependencyUpdate(false)
.description("string")
.devel(false)
.disableCRDHooks(false)
.disableOpenapiValidation(false)
.disableWebhooks(false)
.forceUpdate(false)
.keyring("string")
.lint(false)
.manifest(Map.of("string", "any"))
.maxHistory(0)
.name("string")
.namespace("string")
.postrender("string")
.recreatePods(false)
.renderSubchartNotes(false)
.replace(false)
.repositoryOpts(RepositoryOptsArgs.builder()
.caFile("string")
.certFile("string")
.keyFile("string")
.password("string")
.repo("string")
.username("string")
.build())
.resetValues(false)
.resourceNames(Map.of("string", "string"))
.reuseValues(false)
.skipAwait(false)
.skipCrds(false)
.timeout(0)
.valueYamlFiles(new StringAsset("content"))
.values(Map.of("string", "any"))
.verify(false)
.version("string")
.waitForJobs(false)
.build())
.http_proxy("string")
.https_proxy("string")
.image(CertManagerImageArgs.builder()
.digest("string")
.pullPolicy("string")
.registry("string")
.repository("string")
.tag("string")
.build())
.ingressShim(CertManagerIngressShimArgs.builder()
.defaultIssuerGroup("string")
.defaultIssuerKind("string")
.defaultIssuerName("string")
.build())
.installCRDs(false)
.no_proxy("string")
.nodeSelector(NodeSelectorArgs.builder()
.nodeSelectorTerms(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.build())
.podAnnotations(Map.of("string", "string"))
.podDnsConfig(PodDNSConfigArgs.builder()
.nameservers("string")
.options(PodDNSConfigOptionArgs.builder()
.name("string")
.value("string")
.build())
.searches("string")
.build())
.podDnsPolicy("string")
.podLabels(Map.of("string", "string"))
.prometheus(CertManagerPrometheusArgs.builder()
.enabled(false)
.serviceMonitor(CertManagerPrometheusServiceMonitorArgs.builder()
.enabled(false)
.interval("string")
.labels(Map.of("string", "string"))
.path("string")
.prometheusInstance("string")
.string("string")
.targetPort(0)
.build())
.build())
.replicaCount(0)
.resources(ResourceRequirementsArgs.builder()
.limits(Map.of("string", "string"))
.requests(Map.of("string", "string"))
.build())
.securityContext(PodSecurityContextArgs.builder()
.fsGroup(0)
.fsGroupChangePolicy("string")
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.supplementalGroups(0)
.sysctls(SysctlArgs.builder()
.name("string")
.value("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.serviceAccount(CertManagerServiceAccountArgs.builder()
.annotations(Map.of("string", "string"))
.automountServiceAccountToken(false)
.create(false)
.name("string")
.build())
.serviceAnnotations(Map.of("string", "string"))
.serviceLabels(Map.of("string", "string"))
.startupapicheck(CertManagerStartupAPICheckArgs.builder()
.affinity(AffinityArgs.builder()
.nodeAffinity(NodeAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(PreferredSchedulingTermArgs.builder()
.preference(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(NodeSelectorArgs.builder()
.nodeSelectorTerms(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.build())
.build())
.podAffinity(PodAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.podAntiAffinity(PodAntiAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.build())
.backoffLimit(0)
.enabled(false)
.extraArgs("string")
.image(CertManagerImageArgs.builder()
.digest("string")
.pullPolicy("string")
.registry("string")
.repository("string")
.tag("string")
.build())
.jobAnnotations(Map.of("string", "string"))
.nodeSelector(Map.of("string", "string"))
.podAnnotations(Map.of("string", "string"))
.podLabels(Map.of("string", "string"))
.rbac(CertManagerStartupAPICheckRBACArgs.builder()
.annotations(Map.of("string", "string"))
.build())
.resources(ResourceRequirementsArgs.builder()
.limits(Map.of("string", "string"))
.requests(Map.of("string", "string"))
.build())
.securityContext(PodSecurityContextArgs.builder()
.fsGroup(0)
.fsGroupChangePolicy("string")
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.supplementalGroups(0)
.sysctls(SysctlArgs.builder()
.name("string")
.value("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.serviceAccount(CertManagerServiceAccountArgs.builder()
.annotations(Map.of("string", "string"))
.automountServiceAccountToken(false)
.create(false)
.name("string")
.build())
.timeout("string")
.tolerations(TolerationArgs.builder()
.effect("string")
.key("string")
.operator("string")
.tolerationSeconds(0)
.value("string")
.build())
.build())
.strategy(DeploymentStrategyArgs.builder()
.rollingUpdate(RollingUpdateDeploymentArgs.builder()
.maxSurge(0)
.maxUnavailable(0)
.build())
.type("string")
.build())
.tolerations(TolerationArgs.builder()
.effect("string")
.key("string")
.operator("string")
.tolerationSeconds(0)
.value("string")
.build())
.webhook(CertManagerWebhookArgs.builder()
.affinity(AffinityArgs.builder()
.nodeAffinity(NodeAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(PreferredSchedulingTermArgs.builder()
.preference(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(NodeSelectorArgs.builder()
.nodeSelectorTerms(NodeSelectorTermArgs.builder()
.matchExpressions(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchFields(NodeSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.build())
.build())
.podAffinity(PodAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.podAntiAffinity(PodAntiAffinityArgs.builder()
.preferredDuringSchedulingIgnoredDuringExecution(WeightedPodAffinityTermArgs.builder()
.podAffinityTerm(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.weight(0)
.build())
.requiredDuringSchedulingIgnoredDuringExecution(PodAffinityTermArgs.builder()
.topologyKey("string")
.labelSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaceSelector(LabelSelectorArgs.builder()
.matchExpressions(LabelSelectorRequirementArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.matchLabels(Map.of("string", "string"))
.build())
.namespaces("string")
.build())
.build())
.build())
.containerSecurityContext(SecurityContextArgs.builder()
.allowPrivilegeEscalation(false)
.capabilities(CapabilitiesArgs.builder()
.add("string")
.drop("string")
.build())
.privileged(false)
.procMount("string")
.readOnlyRootFilesystem(false)
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.deploymentAnnotations(Map.of("string", "string"))
.extraArgs("string")
.hostNetwork(false)
.image(CertManagerImageArgs.builder()
.digest("string")
.pullPolicy("string")
.registry("string")
.repository("string")
.tag("string")
.build())
.livenessProbe(ProbeArgs.builder()
.exec(ExecActionArgs.builder()
.command("string")
.build())
.failureThreshold(0)
.httpGet(HTTPGetActionArgs.builder()
.port(0)
.host("string")
.httpHeaders(HTTPHeaderArgs.builder()
.name("string")
.value("string")
.build())
.path("string")
.scheme("string")
.build())
.initialDelaySeconds(0)
.periodSeconds(0)
.successThreshold(0)
.tcpSocket(TCPSocketActionArgs.builder()
.port(0)
.host("string")
.build())
.terminationGracePeriodSeconds(0)
.timeoutSeconds(0)
.build())
.loadBalancerIP("string")
.mutatingWebhookConfigurationAnnotations(Map.of("string", "string"))
.nodeSelector(Map.of("string", "string"))
.podAnnotations(Map.of("string", "string"))
.podLabels(Map.of("string", "string"))
.readinessProbe(ProbeArgs.builder()
.exec(ExecActionArgs.builder()
.command("string")
.build())
.failureThreshold(0)
.httpGet(HTTPGetActionArgs.builder()
.port(0)
.host("string")
.httpHeaders(HTTPHeaderArgs.builder()
.name("string")
.value("string")
.build())
.path("string")
.scheme("string")
.build())
.initialDelaySeconds(0)
.periodSeconds(0)
.successThreshold(0)
.tcpSocket(TCPSocketActionArgs.builder()
.port(0)
.host("string")
.build())
.terminationGracePeriodSeconds(0)
.timeoutSeconds(0)
.build())
.replicaCount(0)
.resources(ResourceRequirementsArgs.builder()
.limits(Map.of("string", "string"))
.requests(Map.of("string", "string"))
.build())
.securePort(0)
.securityContext(PodSecurityContextArgs.builder()
.fsGroup(0)
.fsGroupChangePolicy("string")
.runAsGroup(0)
.runAsNonRoot(false)
.runAsUser(0)
.seLinuxOptions(SELinuxOptionsArgs.builder()
.level("string")
.role("string")
.type("string")
.user("string")
.build())
.seccompProfile(SeccompProfileArgs.builder()
.type("string")
.localhostProfile("string")
.build())
.supplementalGroups(0)
.sysctls(SysctlArgs.builder()
.name("string")
.value("string")
.build())
.windowsOptions(WindowsSecurityContextOptionsArgs.builder()
.gmsaCredentialSpec("string")
.gmsaCredentialSpecName("string")
.hostProcess(false)
.runAsUserName("string")
.build())
.build())
.serviceAccount(CertManagerServiceAccountArgs.builder()
.annotations(Map.of("string", "string"))
.automountServiceAccountToken(false)
.create(false)
.name("string")
.build())
.serviceAnnotations(Map.of("string", "string"))
.serviceLabels(Map.of("string", "string"))
.serviceType("string")
.strategy(DeploymentStrategyArgs.builder()
.rollingUpdate(RollingUpdateDeploymentArgs.builder()
.maxSurge(0)
.maxUnavailable(0)
.build())
.type("string")
.build())
.timeoutSeconds(0)
.tolerations(TolerationArgs.builder()
.effect("string")
.key("string")
.operator("string")
.tolerationSeconds(0)
.value("string")
.build())
.url(CertManagerWebhookURLArgs.builder()
.host("string")
.build())
.validatingWebhookConfigurationAnnotations(Map.of("string", "string"))
.build())
.build());
cert_manager_resource = kubernetes_cert_manager.CertManager("certManagerResource",
affinity=kubernetes.core.v1.AffinityArgs(
node_affinity=kubernetes.core.v1.NodeAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PreferredSchedulingTermArgs(
preference=kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=kubernetes.core.v1.NodeSelectorArgs(
node_selector_terms=[kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
)],
),
),
pod_affinity=kubernetes.core.v1.PodAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
pod_anti_affinity=kubernetes.core.v1.PodAntiAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
),
cainjector=kubernetes_cert_manager.CertManagerCaInjectorArgs(
affinity=kubernetes.core.v1.AffinityArgs(
node_affinity=kubernetes.core.v1.NodeAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PreferredSchedulingTermArgs(
preference=kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=kubernetes.core.v1.NodeSelectorArgs(
node_selector_terms=[kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
)],
),
),
pod_affinity=kubernetes.core.v1.PodAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
pod_anti_affinity=kubernetes.core.v1.PodAntiAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
),
container_security_context=kubernetes.core.v1.SecurityContextArgs(
allow_privilege_escalation=False,
capabilities=kubernetes.core.v1.CapabilitiesArgs(
add=["string"],
drop=["string"],
),
privileged=False,
proc_mount="string",
read_only_root_filesystem=False,
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
deployment_annotations={
"string": "string",
},
extra_args=["string"],
image=kubernetes_cert_manager.CertManagerImageArgs(
digest="string",
pull_policy="string",
registry="string",
repository="string",
tag="string",
),
node_selector={
"string": "string",
},
pod_annotations={
"string": "string",
},
pod_labels={
"string": "string",
},
pod_security_context=kubernetes.core.v1.PodSecurityContextArgs(
fs_group=0,
fs_group_change_policy="string",
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
supplemental_groups=[0],
sysctls=[kubernetes.core.v1.SysctlArgs(
name="string",
value="string",
)],
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
replica_count=0,
resources=kubernetes.core.v1.ResourceRequirementsArgs(
limits={
"string": "string",
},
requests={
"string": "string",
},
),
service_account=kubernetes_cert_manager.CertManagerServiceAccountArgs(
annotations={
"string": "string",
},
automount_service_account_token=False,
create=False,
name="string",
),
strategy=kubernetes.apps.v1.DeploymentStrategyArgs(
rolling_update=kubernetes.apps.v1.RollingUpdateDeploymentArgs(
max_surge=0,
max_unavailable=0,
),
type="string",
),
timeout_seconds=0,
tolerations=[kubernetes.core.v1.TolerationArgs(
effect="string",
key="string",
operator="string",
toleration_seconds=0,
value="string",
)],
),
cluster_resource_namespace="string",
container_security_context=kubernetes.core.v1.SecurityContextArgs(
allow_privilege_escalation=False,
capabilities=kubernetes.core.v1.CapabilitiesArgs(
add=["string"],
drop=["string"],
),
privileged=False,
proc_mount="string",
read_only_root_filesystem=False,
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
deployment_annotations={
"string": "string",
},
extra_args=["string"],
extra_env=[kubernetes.core.v1.EnvVarArgs(
name="string",
value="string",
value_from=kubernetes.core.v1.EnvVarSourceArgs(
config_map_key_ref=kubernetes.core.v1.ConfigMapKeySelectorArgs(
key="string",
name="string",
optional=False,
),
field_ref=kubernetes.core.v1.ObjectFieldSelectorArgs(
field_path="string",
api_version="string",
),
resource_field_ref=kubernetes.core.v1.ResourceFieldSelectorArgs(
resource="string",
container_name="string",
divisor="string",
),
secret_key_ref=kubernetes.core.v1.SecretKeySelectorArgs(
key="string",
name="string",
optional=False,
),
),
)],
extra_volume_mounts=[kubernetes.core.v1.VolumeMountArgs(
mount_path="string",
name="string",
mount_propagation="string",
read_only=False,
sub_path="string",
sub_path_expr="string",
)],
extra_volumes=[kubernetes.core.v1.VolumeArgs(
name="string",
git_repo=kubernetes.core.v1.GitRepoVolumeSourceArgs(
repository="string",
directory="string",
revision="string",
),
config_map=kubernetes.core.v1.ConfigMapVolumeSourceArgs(
default_mode=0,
items=[kubernetes.core.v1.KeyToPathArgs(
key="string",
path="string",
mode=0,
)],
name="string",
optional=False,
),
glusterfs=kubernetes.core.v1.GlusterfsVolumeSourceArgs(
endpoints="string",
path="string",
read_only=False,
),
cinder=kubernetes.core.v1.CinderVolumeSourceArgs(
volume_id="string",
fs_type="string",
read_only=False,
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
),
host_path=kubernetes.core.v1.HostPathVolumeSourceArgs(
path="string",
type="string",
),
csi=kubernetes.core.v1.CSIVolumeSourceArgs(
driver="string",
fs_type="string",
node_publish_secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
read_only=False,
volume_attributes={
"string": "string",
},
),
downward_api=kubernetes.core.v1.DownwardAPIVolumeSourceArgs(
default_mode=0,
items=[kubernetes.core.v1.DownwardAPIVolumeFileArgs(
path="string",
field_ref=kubernetes.core.v1.ObjectFieldSelectorArgs(
field_path="string",
api_version="string",
),
mode=0,
resource_field_ref=kubernetes.core.v1.ResourceFieldSelectorArgs(
resource="string",
container_name="string",
divisor="string",
),
)],
),
empty_dir=kubernetes.core.v1.EmptyDirVolumeSourceArgs(
medium="string",
size_limit="string",
),
ephemeral=kubernetes.core.v1.EphemeralVolumeSourceArgs(
read_only=False,
volume_claim_template=kubernetes.core.v1.PersistentVolumeClaimTemplateArgs(
spec=kubernetes.core.v1.PersistentVolumeClaimSpecArgs(
access_modes=["string"],
data_source=kubernetes.core.v1.TypedLocalObjectReferenceArgs(
kind="string",
name="string",
api_group="string",
),
data_source_ref=kubernetes.core.v1.TypedLocalObjectReferenceArgs(
kind="string",
name="string",
api_group="string",
),
resources=kubernetes.core.v1.ResourceRequirementsArgs(
limits={
"string": "string",
},
requests={
"string": "string",
},
),
selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
storage_class_name="string",
volume_mode="string",
volume_name="string",
),
metadata=kubernetes.meta.v1.ObjectMetaArgs(
annotations={
"string": "string",
},
cluster_name="string",
creation_timestamp="string",
deletion_grace_period_seconds=0,
deletion_timestamp="string",
finalizers=["string"],
generate_name="string",
generation=0,
labels={
"string": "string",
},
managed_fields=[kubernetes.meta.v1.ManagedFieldsEntryArgs(
api_version="string",
fields_type="string",
fields_v1="{}",
manager="string",
operation="string",
subresource="string",
time="string",
)],
name="string",
namespace="string",
owner_references=[kubernetes.meta.v1.OwnerReferenceArgs(
api_version="string",
kind="string",
name="string",
uid="string",
block_owner_deletion=False,
controller=False,
)],
resource_version="string",
self_link="string",
uid="string",
),
),
),
fc=kubernetes.core.v1.FCVolumeSourceArgs(
fs_type="string",
lun=0,
read_only=False,
target_wwns=["string"],
wwids=["string"],
),
flex_volume=kubernetes.core.v1.FlexVolumeSourceArgs(
driver="string",
fs_type="string",
options={
"string": "string",
},
read_only=False,
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
),
iscsi=kubernetes.core.v1.ISCSIVolumeSourceArgs(
iqn="string",
lun=0,
target_portal="string",
chap_auth_discovery=False,
chap_auth_session=False,
fs_type="string",
initiator_name="string",
iscsi_interface="string",
portals=["string"],
read_only=False,
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
),
gce_persistent_disk=kubernetes.core.v1.GCEPersistentDiskVolumeSourceArgs(
pd_name="string",
fs_type="string",
partition=0,
read_only=False,
),
aws_elastic_block_store=kubernetes.core.v1.AWSElasticBlockStoreVolumeSourceArgs(
volume_id="string",
fs_type="string",
partition=0,
read_only=False,
),
cephfs=kubernetes.core.v1.CephFSVolumeSourceArgs(
monitors=["string"],
path="string",
read_only=False,
secret_file="string",
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
user="string",
),
azure_file=kubernetes.core.v1.AzureFileVolumeSourceArgs(
secret_name="string",
share_name="string",
read_only=False,
),
flocker=kubernetes.core.v1.FlockerVolumeSourceArgs(
dataset_name="string",
dataset_uuid="string",
),
azure_disk=kubernetes.core.v1.AzureDiskVolumeSourceArgs(
disk_name="string",
disk_uri="string",
caching_mode="string",
fs_type="string",
kind="string",
read_only=False,
),
nfs=kubernetes.core.v1.NFSVolumeSourceArgs(
path="string",
server="string",
read_only=False,
),
persistent_volume_claim=kubernetes.core.v1.PersistentVolumeClaimVolumeSourceArgs(
claim_name="string",
read_only=False,
),
photon_persistent_disk=kubernetes.core.v1.PhotonPersistentDiskVolumeSourceArgs(
pd_id="string",
fs_type="string",
),
portworx_volume=kubernetes.core.v1.PortworxVolumeSourceArgs(
volume_id="string",
fs_type="string",
read_only=False,
),
projected=kubernetes.core.v1.ProjectedVolumeSourceArgs(
sources=[kubernetes.core.v1.VolumeProjectionArgs(
config_map=kubernetes.core.v1.ConfigMapProjectionArgs(
items=[kubernetes.core.v1.KeyToPathArgs(
key="string",
path="string",
mode=0,
)],
name="string",
optional=False,
),
downward_api=kubernetes.core.v1.DownwardAPIProjectionArgs(
items=[kubernetes.core.v1.DownwardAPIVolumeFileArgs(
path="string",
field_ref=kubernetes.core.v1.ObjectFieldSelectorArgs(
field_path="string",
api_version="string",
),
mode=0,
resource_field_ref=kubernetes.core.v1.ResourceFieldSelectorArgs(
resource="string",
container_name="string",
divisor="string",
),
)],
),
secret=kubernetes.core.v1.SecretProjectionArgs(
items=[kubernetes.core.v1.KeyToPathArgs(
key="string",
path="string",
mode=0,
)],
name="string",
optional=False,
),
service_account_token=kubernetes.core.v1.ServiceAccountTokenProjectionArgs(
path="string",
audience="string",
expiration_seconds=0,
),
)],
default_mode=0,
),
quobyte=kubernetes.core.v1.QuobyteVolumeSourceArgs(
registry="string",
volume="string",
group="string",
read_only=False,
tenant="string",
user="string",
),
rbd=kubernetes.core.v1.RBDVolumeSourceArgs(
image="string",
monitors=["string"],
fs_type="string",
keyring="string",
pool="string",
read_only=False,
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
user="string",
),
scale_io=kubernetes.core.v1.ScaleIOVolumeSourceArgs(
gateway="string",
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
system="string",
fs_type="string",
protection_domain="string",
read_only=False,
ssl_enabled=False,
storage_mode="string",
storage_pool="string",
volume_name="string",
),
secret=kubernetes.core.v1.SecretVolumeSourceArgs(
default_mode=0,
items=[kubernetes.core.v1.KeyToPathArgs(
key="string",
path="string",
mode=0,
)],
optional=False,
secret_name="string",
),
storageos=kubernetes.core.v1.StorageOSVolumeSourceArgs(
fs_type="string",
read_only=False,
secret_ref=kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
),
volume_name="string",
volume_namespace="string",
),
vsphere_volume=kubernetes.core.v1.VsphereVirtualDiskVolumeSourceArgs(
volume_path="string",
fs_type="string",
storage_policy_id="string",
storage_policy_name="string",
),
)],
feature_gates="string",
global_=kubernetes_cert_manager.CertManagerGlobalArgs(
image_pull_secrets=[kubernetes.core.v1.LocalObjectReferenceArgs(
name="string",
)],
leader_election=kubernetes_cert_manager.CertManagerGlobalLeaderElectionArgs(
lease_duration="string",
namespace="string",
renew_deadline="string",
),
log_level=0,
pod_security_policy=kubernetes_cert_manager.CertManagerGlobalPodSecurityPolicyArgs(
enabled=False,
use_app_armor=False,
),
priority_class_name="string",
rbac=kubernetes_cert_manager.CertManagerGlobalRbacArgs(
create=False,
),
),
helm_options=kubernetes_cert_manager.ReleaseArgs(
atomic=False,
chart="string",
cleanup_on_fail=False,
create_namespace=False,
dependency_update=False,
description="string",
devel=False,
disable_crd_hooks=False,
disable_openapi_validation=False,
disable_webhooks=False,
force_update=False,
keyring="string",
lint=False,
manifest={
"string": "any",
},
max_history=0,
name="string",
namespace="string",
postrender="string",
recreate_pods=False,
render_subchart_notes=False,
replace=False,
repository_opts=kubernetes_cert_manager.RepositoryOptsArgs(
ca_file="string",
cert_file="string",
key_file="string",
password="string",
repo="string",
username="string",
),
reset_values=False,
resource_names={
"string": ["string"],
},
reuse_values=False,
skip_await=False,
skip_crds=False,
timeout=0,
value_yaml_files=[pulumi.StringAsset("content")],
values={
"string": "any",
},
verify=False,
version="string",
wait_for_jobs=False,
),
http_proxy="string",
https_proxy="string",
image=kubernetes_cert_manager.CertManagerImageArgs(
digest="string",
pull_policy="string",
registry="string",
repository="string",
tag="string",
),
ingress_shim=kubernetes_cert_manager.CertManagerIngressShimArgs(
default_issuer_group="string",
default_issuer_kind="string",
default_issuer_name="string",
),
install_crds=False,
no_proxy=["string"],
node_selector=kubernetes.core.v1.NodeSelectorArgs(
node_selector_terms=[kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
)],
),
pod_annotations={
"string": "string",
},
pod_dns_config=kubernetes.core.v1.PodDNSConfigArgs(
nameservers=["string"],
options=[kubernetes.core.v1.PodDNSConfigOptionArgs(
name="string",
value="string",
)],
searches=["string"],
),
pod_dns_policy="string",
pod_labels={
"string": "string",
},
prometheus=kubernetes_cert_manager.CertManagerPrometheusArgs(
enabled=False,
service_monitor=kubernetes_cert_manager.CertManagerPrometheusServiceMonitorArgs(
enabled=False,
interval="string",
labels={
"string": "string",
},
path="string",
prometheus_instance="string",
string="string",
target_port=0,
),
),
replica_count=0,
resources=kubernetes.core.v1.ResourceRequirementsArgs(
limits={
"string": "string",
},
requests={
"string": "string",
},
),
security_context=kubernetes.core.v1.PodSecurityContextArgs(
fs_group=0,
fs_group_change_policy="string",
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
supplemental_groups=[0],
sysctls=[kubernetes.core.v1.SysctlArgs(
name="string",
value="string",
)],
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
service_account=kubernetes_cert_manager.CertManagerServiceAccountArgs(
annotations={
"string": "string",
},
automount_service_account_token=False,
create=False,
name="string",
),
service_annotations={
"string": "string",
},
service_labels={
"string": "string",
},
startupapicheck=kubernetes_cert_manager.CertManagerStartupAPICheckArgs(
affinity=kubernetes.core.v1.AffinityArgs(
node_affinity=kubernetes.core.v1.NodeAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PreferredSchedulingTermArgs(
preference=kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=kubernetes.core.v1.NodeSelectorArgs(
node_selector_terms=[kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
)],
),
),
pod_affinity=kubernetes.core.v1.PodAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
pod_anti_affinity=kubernetes.core.v1.PodAntiAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
),
backoff_limit=0,
enabled=False,
extra_args=["string"],
image=kubernetes_cert_manager.CertManagerImageArgs(
digest="string",
pull_policy="string",
registry="string",
repository="string",
tag="string",
),
job_annotations={
"string": "string",
},
node_selector={
"string": "string",
},
pod_annotations={
"string": "string",
},
pod_labels={
"string": "string",
},
rbac=kubernetes_cert_manager.CertManagerStartupAPICheckRBACArgs(
annotations={
"string": "string",
},
),
resources=kubernetes.core.v1.ResourceRequirementsArgs(
limits={
"string": "string",
},
requests={
"string": "string",
},
),
security_context=kubernetes.core.v1.PodSecurityContextArgs(
fs_group=0,
fs_group_change_policy="string",
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
supplemental_groups=[0],
sysctls=[kubernetes.core.v1.SysctlArgs(
name="string",
value="string",
)],
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
service_account=kubernetes_cert_manager.CertManagerServiceAccountArgs(
annotations={
"string": "string",
},
automount_service_account_token=False,
create=False,
name="string",
),
timeout="string",
tolerations=[kubernetes.core.v1.TolerationArgs(
effect="string",
key="string",
operator="string",
toleration_seconds=0,
value="string",
)],
),
strategy=kubernetes.apps.v1.DeploymentStrategyArgs(
rolling_update=kubernetes.apps.v1.RollingUpdateDeploymentArgs(
max_surge=0,
max_unavailable=0,
),
type="string",
),
tolerations=[kubernetes.core.v1.TolerationArgs(
effect="string",
key="string",
operator="string",
toleration_seconds=0,
value="string",
)],
webhook=kubernetes_cert_manager.CertManagerWebhookArgs(
affinity=kubernetes.core.v1.AffinityArgs(
node_affinity=kubernetes.core.v1.NodeAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PreferredSchedulingTermArgs(
preference=kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=kubernetes.core.v1.NodeSelectorArgs(
node_selector_terms=[kubernetes.core.v1.NodeSelectorTermArgs(
match_expressions=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_fields=[kubernetes.core.v1.NodeSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
)],
),
),
pod_affinity=kubernetes.core.v1.PodAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
pod_anti_affinity=kubernetes.core.v1.PodAntiAffinityArgs(
preferred_during_scheduling_ignored_during_execution=[kubernetes.core.v1.WeightedPodAffinityTermArgs(
pod_affinity_term=kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
),
weight=0,
)],
required_during_scheduling_ignored_during_execution=[kubernetes.core.v1.PodAffinityTermArgs(
topology_key="string",
label_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespace_selector=kubernetes.meta.v1.LabelSelectorArgs(
match_expressions=[kubernetes.meta.v1.LabelSelectorRequirementArgs(
key="string",
operator="string",
values=["string"],
)],
match_labels={
"string": "string",
},
),
namespaces=["string"],
)],
),
),
container_security_context=kubernetes.core.v1.SecurityContextArgs(
allow_privilege_escalation=False,
capabilities=kubernetes.core.v1.CapabilitiesArgs(
add=["string"],
drop=["string"],
),
privileged=False,
proc_mount="string",
read_only_root_filesystem=False,
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
deployment_annotations={
"string": "string",
},
extra_args=["string"],
host_network=False,
image=kubernetes_cert_manager.CertManagerImageArgs(
digest="string",
pull_policy="string",
registry="string",
repository="string",
tag="string",
),
liveness_probe=kubernetes.core.v1.ProbeArgs(
exec_=kubernetes.core.v1.ExecActionArgs(
command=["string"],
),
failure_threshold=0,
http_get=kubernetes.core.v1.HTTPGetActionArgs(
port=0,
host="string",
http_headers=[kubernetes.core.v1.HTTPHeaderArgs(
name="string",
value="string",
)],
path="string",
scheme="string",
),
initial_delay_seconds=0,
period_seconds=0,
success_threshold=0,
tcp_socket=kubernetes.core.v1.TCPSocketActionArgs(
port=0,
host="string",
),
termination_grace_period_seconds=0,
timeout_seconds=0,
),
load_balancer_ip="string",
mutating_webhook_configuration_annotations={
"string": "string",
},
node_selector={
"string": "string",
},
pod_annotations={
"string": "string",
},
pod_labels={
"string": "string",
},
readiness_probe=kubernetes.core.v1.ProbeArgs(
exec_=kubernetes.core.v1.ExecActionArgs(
command=["string"],
),
failure_threshold=0,
http_get=kubernetes.core.v1.HTTPGetActionArgs(
port=0,
host="string",
http_headers=[kubernetes.core.v1.HTTPHeaderArgs(
name="string",
value="string",
)],
path="string",
scheme="string",
),
initial_delay_seconds=0,
period_seconds=0,
success_threshold=0,
tcp_socket=kubernetes.core.v1.TCPSocketActionArgs(
port=0,
host="string",
),
termination_grace_period_seconds=0,
timeout_seconds=0,
),
replica_count=0,
resources=kubernetes.core.v1.ResourceRequirementsArgs(
limits={
"string": "string",
},
requests={
"string": "string",
},
),
secure_port=0,
security_context=kubernetes.core.v1.PodSecurityContextArgs(
fs_group=0,
fs_group_change_policy="string",
run_as_group=0,
run_as_non_root=False,
run_as_user=0,
se_linux_options=kubernetes.core.v1.SELinuxOptionsArgs(
level="string",
role="string",
type="string",
user="string",
),
seccomp_profile=kubernetes.core.v1.SeccompProfileArgs(
type="string",
localhost_profile="string",
),
supplemental_groups=[0],
sysctls=[kubernetes.core.v1.SysctlArgs(
name="string",
value="string",
)],
windows_options=kubernetes.core.v1.WindowsSecurityContextOptionsArgs(
gmsa_credential_spec="string",
gmsa_credential_spec_name="string",
host_process=False,
run_as_user_name="string",
),
),
service_account=kubernetes_cert_manager.CertManagerServiceAccountArgs(
annotations={
"string": "string",
},
automount_service_account_token=False,
create=False,
name="string",
),
service_annotations={
"string": "string",
},
service_labels={
"string": "string",
},
service_type="string",
strategy=kubernetes.apps.v1.DeploymentStrategyArgs(
rolling_update=kubernetes.apps.v1.RollingUpdateDeploymentArgs(
max_surge=0,
max_unavailable=0,
),
type="string",
),
timeout_seconds=0,
tolerations=[kubernetes.core.v1.TolerationArgs(
effect="string",
key="string",
operator="string",
toleration_seconds=0,
value="string",
)],
url=kubernetes_cert_manager.CertManagerWebhookURLArgs(
host="string",
),
validating_webhook_configuration_annotations={
"string": "string",
},
))
const certManagerResource = new kubernetes_cert_manager.CertManager("certManagerResource", {
affinity: {
nodeAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
preference: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: {
nodeSelectorTerms: [{
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
}],
},
},
podAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
podAntiAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
},
cainjector: {
affinity: {
nodeAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
preference: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: {
nodeSelectorTerms: [{
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
}],
},
},
podAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
podAntiAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
},
containerSecurityContext: {
allowPrivilegeEscalation: false,
capabilities: {
add: ["string"],
drop: ["string"],
},
privileged: false,
procMount: "string",
readOnlyRootFilesystem: false,
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
deploymentAnnotations: {
string: "string",
},
extraArgs: ["string"],
image: {
digest: "string",
pullPolicy: "string",
registry: "string",
repository: "string",
tag: "string",
},
nodeSelector: {
string: "string",
},
podAnnotations: {
string: "string",
},
podLabels: {
string: "string",
},
podSecurityContext: {
fsGroup: 0,
fsGroupChangePolicy: "string",
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
supplementalGroups: [0],
sysctls: [{
name: "string",
value: "string",
}],
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
replicaCount: 0,
resources: {
limits: {
string: "string",
},
requests: {
string: "string",
},
},
serviceAccount: {
annotations: {
string: "string",
},
automountServiceAccountToken: false,
create: false,
name: "string",
},
strategy: {
rollingUpdate: {
maxSurge: 0,
maxUnavailable: 0,
},
type: "string",
},
timeoutSeconds: 0,
tolerations: [{
effect: "string",
key: "string",
operator: "string",
tolerationSeconds: 0,
value: "string",
}],
},
clusterResourceNamespace: "string",
containerSecurityContext: {
allowPrivilegeEscalation: false,
capabilities: {
add: ["string"],
drop: ["string"],
},
privileged: false,
procMount: "string",
readOnlyRootFilesystem: false,
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
deploymentAnnotations: {
string: "string",
},
extraArgs: ["string"],
extraEnv: [{
name: "string",
value: "string",
valueFrom: {
configMapKeyRef: {
key: "string",
name: "string",
optional: false,
},
fieldRef: {
fieldPath: "string",
apiVersion: "string",
},
resourceFieldRef: {
resource: "string",
containerName: "string",
divisor: "string",
},
secretKeyRef: {
key: "string",
name: "string",
optional: false,
},
},
}],
extraVolumeMounts: [{
mountPath: "string",
name: "string",
mountPropagation: "string",
readOnly: false,
subPath: "string",
subPathExpr: "string",
}],
extraVolumes: [{
name: "string",
gitRepo: {
repository: "string",
directory: "string",
revision: "string",
},
configMap: {
defaultMode: 0,
items: [{
key: "string",
path: "string",
mode: 0,
}],
name: "string",
optional: false,
},
glusterfs: {
endpoints: "string",
path: "string",
readOnly: false,
},
cinder: {
volumeID: "string",
fsType: "string",
readOnly: false,
secretRef: {
name: "string",
},
},
hostPath: {
path: "string",
type: "string",
},
csi: {
driver: "string",
fsType: "string",
nodePublishSecretRef: {
name: "string",
},
readOnly: false,
volumeAttributes: {
string: "string",
},
},
downwardAPI: {
defaultMode: 0,
items: [{
path: "string",
fieldRef: {
fieldPath: "string",
apiVersion: "string",
},
mode: 0,
resourceFieldRef: {
resource: "string",
containerName: "string",
divisor: "string",
},
}],
},
emptyDir: {
medium: "string",
sizeLimit: "string",
},
ephemeral: {
readOnly: false,
volumeClaimTemplate: {
spec: {
accessModes: ["string"],
dataSource: {
kind: "string",
name: "string",
apiGroup: "string",
},
dataSourceRef: {
kind: "string",
name: "string",
apiGroup: "string",
},
resources: {
limits: {
string: "string",
},
requests: {
string: "string",
},
},
selector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
storageClassName: "string",
volumeMode: "string",
volumeName: "string",
},
metadata: {
annotations: {
string: "string",
},
clusterName: "string",
creationTimestamp: "string",
deletionGracePeriodSeconds: 0,
deletionTimestamp: "string",
finalizers: ["string"],
generateName: "string",
generation: 0,
labels: {
string: "string",
},
managedFields: [{
apiVersion: "string",
fieldsType: "string",
fieldsV1: "{}",
manager: "string",
operation: "string",
subresource: "string",
time: "string",
}],
name: "string",
namespace: "string",
ownerReferences: [{
apiVersion: "string",
kind: "string",
name: "string",
uid: "string",
blockOwnerDeletion: false,
controller: false,
}],
resourceVersion: "string",
selfLink: "string",
uid: "string",
},
},
},
fc: {
fsType: "string",
lun: 0,
readOnly: false,
targetWWNs: ["string"],
wwids: ["string"],
},
flexVolume: {
driver: "string",
fsType: "string",
options: {
string: "string",
},
readOnly: false,
secretRef: {
name: "string",
},
},
iscsi: {
iqn: "string",
lun: 0,
targetPortal: "string",
chapAuthDiscovery: false,
chapAuthSession: false,
fsType: "string",
initiatorName: "string",
iscsiInterface: "string",
portals: ["string"],
readOnly: false,
secretRef: {
name: "string",
},
},
gcePersistentDisk: {
pdName: "string",
fsType: "string",
partition: 0,
readOnly: false,
},
awsElasticBlockStore: {
volumeID: "string",
fsType: "string",
partition: 0,
readOnly: false,
},
cephfs: {
monitors: ["string"],
path: "string",
readOnly: false,
secretFile: "string",
secretRef: {
name: "string",
},
user: "string",
},
azureFile: {
secretName: "string",
shareName: "string",
readOnly: false,
},
flocker: {
datasetName: "string",
datasetUUID: "string",
},
azureDisk: {
diskName: "string",
diskURI: "string",
cachingMode: "string",
fsType: "string",
kind: "string",
readOnly: false,
},
nfs: {
path: "string",
server: "string",
readOnly: false,
},
persistentVolumeClaim: {
claimName: "string",
readOnly: false,
},
photonPersistentDisk: {
pdID: "string",
fsType: "string",
},
portworxVolume: {
volumeID: "string",
fsType: "string",
readOnly: false,
},
projected: {
sources: [{
configMap: {
items: [{
key: "string",
path: "string",
mode: 0,
}],
name: "string",
optional: false,
},
downwardAPI: {
items: [{
path: "string",
fieldRef: {
fieldPath: "string",
apiVersion: "string",
},
mode: 0,
resourceFieldRef: {
resource: "string",
containerName: "string",
divisor: "string",
},
}],
},
secret: {
items: [{
key: "string",
path: "string",
mode: 0,
}],
name: "string",
optional: false,
},
serviceAccountToken: {
path: "string",
audience: "string",
expirationSeconds: 0,
},
}],
defaultMode: 0,
},
quobyte: {
registry: "string",
volume: "string",
group: "string",
readOnly: false,
tenant: "string",
user: "string",
},
rbd: {
image: "string",
monitors: ["string"],
fsType: "string",
keyring: "string",
pool: "string",
readOnly: false,
secretRef: {
name: "string",
},
user: "string",
},
scaleIO: {
gateway: "string",
secretRef: {
name: "string",
},
system: "string",
fsType: "string",
protectionDomain: "string",
readOnly: false,
sslEnabled: false,
storageMode: "string",
storagePool: "string",
volumeName: "string",
},
secret: {
defaultMode: 0,
items: [{
key: "string",
path: "string",
mode: 0,
}],
optional: false,
secretName: "string",
},
storageos: {
fsType: "string",
readOnly: false,
secretRef: {
name: "string",
},
volumeName: "string",
volumeNamespace: "string",
},
vsphereVolume: {
volumePath: "string",
fsType: "string",
storagePolicyID: "string",
storagePolicyName: "string",
},
}],
featureGates: "string",
global: {
imagePullSecrets: [{
name: "string",
}],
leaderElection: {
leaseDuration: "string",
namespace: "string",
renewDeadline: "string",
},
logLevel: 0,
podSecurityPolicy: {
enabled: false,
useAppArmor: false,
},
priorityClassName: "string",
rbac: {
create: false,
},
},
helmOptions: {
atomic: false,
chart: "string",
cleanupOnFail: false,
createNamespace: false,
dependencyUpdate: false,
description: "string",
devel: false,
disableCRDHooks: false,
disableOpenapiValidation: false,
disableWebhooks: false,
forceUpdate: false,
keyring: "string",
lint: false,
manifest: {
string: "any",
},
maxHistory: 0,
name: "string",
namespace: "string",
postrender: "string",
recreatePods: false,
renderSubchartNotes: false,
replace: false,
repositoryOpts: {
caFile: "string",
certFile: "string",
keyFile: "string",
password: "string",
repo: "string",
username: "string",
},
resetValues: false,
resourceNames: {
string: ["string"],
},
reuseValues: false,
skipAwait: false,
skipCrds: false,
timeout: 0,
valueYamlFiles: [new pulumi.asset.StringAsset("content")],
values: {
string: "any",
},
verify: false,
version: "string",
waitForJobs: false,
},
http_proxy: "string",
https_proxy: "string",
image: {
digest: "string",
pullPolicy: "string",
registry: "string",
repository: "string",
tag: "string",
},
ingressShim: {
defaultIssuerGroup: "string",
defaultIssuerKind: "string",
defaultIssuerName: "string",
},
installCRDs: false,
no_proxy: ["string"],
nodeSelector: {
nodeSelectorTerms: [{
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
}],
},
podAnnotations: {
string: "string",
},
podDnsConfig: {
nameservers: ["string"],
options: [{
name: "string",
value: "string",
}],
searches: ["string"],
},
podDnsPolicy: "string",
podLabels: {
string: "string",
},
prometheus: {
enabled: false,
serviceMonitor: {
enabled: false,
interval: "string",
labels: {
string: "string",
},
path: "string",
prometheusInstance: "string",
string: "string",
targetPort: 0,
},
},
replicaCount: 0,
resources: {
limits: {
string: "string",
},
requests: {
string: "string",
},
},
securityContext: {
fsGroup: 0,
fsGroupChangePolicy: "string",
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
supplementalGroups: [0],
sysctls: [{
name: "string",
value: "string",
}],
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
serviceAccount: {
annotations: {
string: "string",
},
automountServiceAccountToken: false,
create: false,
name: "string",
},
serviceAnnotations: {
string: "string",
},
serviceLabels: {
string: "string",
},
startupapicheck: {
affinity: {
nodeAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
preference: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: {
nodeSelectorTerms: [{
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
}],
},
},
podAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
podAntiAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
},
backoffLimit: 0,
enabled: false,
extraArgs: ["string"],
image: {
digest: "string",
pullPolicy: "string",
registry: "string",
repository: "string",
tag: "string",
},
jobAnnotations: {
string: "string",
},
nodeSelector: {
string: "string",
},
podAnnotations: {
string: "string",
},
podLabels: {
string: "string",
},
rbac: {
annotations: {
string: "string",
},
},
resources: {
limits: {
string: "string",
},
requests: {
string: "string",
},
},
securityContext: {
fsGroup: 0,
fsGroupChangePolicy: "string",
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
supplementalGroups: [0],
sysctls: [{
name: "string",
value: "string",
}],
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
serviceAccount: {
annotations: {
string: "string",
},
automountServiceAccountToken: false,
create: false,
name: "string",
},
timeout: "string",
tolerations: [{
effect: "string",
key: "string",
operator: "string",
tolerationSeconds: 0,
value: "string",
}],
},
strategy: {
rollingUpdate: {
maxSurge: 0,
maxUnavailable: 0,
},
type: "string",
},
tolerations: [{
effect: "string",
key: "string",
operator: "string",
tolerationSeconds: 0,
value: "string",
}],
webhook: {
affinity: {
nodeAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
preference: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: {
nodeSelectorTerms: [{
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchFields: [{
key: "string",
operator: "string",
values: ["string"],
}],
}],
},
},
podAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
podAntiAffinity: {
preferredDuringSchedulingIgnoredDuringExecution: [{
podAffinityTerm: {
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
},
weight: 0,
}],
requiredDuringSchedulingIgnoredDuringExecution: [{
topologyKey: "string",
labelSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaceSelector: {
matchExpressions: [{
key: "string",
operator: "string",
values: ["string"],
}],
matchLabels: {
string: "string",
},
},
namespaces: ["string"],
}],
},
},
containerSecurityContext: {
allowPrivilegeEscalation: false,
capabilities: {
add: ["string"],
drop: ["string"],
},
privileged: false,
procMount: "string",
readOnlyRootFilesystem: false,
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
deploymentAnnotations: {
string: "string",
},
extraArgs: ["string"],
hostNetwork: false,
image: {
digest: "string",
pullPolicy: "string",
registry: "string",
repository: "string",
tag: "string",
},
livenessProbe: {
exec: {
command: ["string"],
},
failureThreshold: 0,
httpGet: {
port: 0,
host: "string",
httpHeaders: [{
name: "string",
value: "string",
}],
path: "string",
scheme: "string",
},
initialDelaySeconds: 0,
periodSeconds: 0,
successThreshold: 0,
tcpSocket: {
port: 0,
host: "string",
},
terminationGracePeriodSeconds: 0,
timeoutSeconds: 0,
},
loadBalancerIP: "string",
mutatingWebhookConfigurationAnnotations: {
string: "string",
},
nodeSelector: {
string: "string",
},
podAnnotations: {
string: "string",
},
podLabels: {
string: "string",
},
readinessProbe: {
exec: {
command: ["string"],
},
failureThreshold: 0,
httpGet: {
port: 0,
host: "string",
httpHeaders: [{
name: "string",
value: "string",
}],
path: "string",
scheme: "string",
},
initialDelaySeconds: 0,
periodSeconds: 0,
successThreshold: 0,
tcpSocket: {
port: 0,
host: "string",
},
terminationGracePeriodSeconds: 0,
timeoutSeconds: 0,
},
replicaCount: 0,
resources: {
limits: {
string: "string",
},
requests: {
string: "string",
},
},
securePort: 0,
securityContext: {
fsGroup: 0,
fsGroupChangePolicy: "string",
runAsGroup: 0,
runAsNonRoot: false,
runAsUser: 0,
seLinuxOptions: {
level: "string",
role: "string",
type: "string",
user: "string",
},
seccompProfile: {
type: "string",
localhostProfile: "string",
},
supplementalGroups: [0],
sysctls: [{
name: "string",
value: "string",
}],
windowsOptions: {
gmsaCredentialSpec: "string",
gmsaCredentialSpecName: "string",
hostProcess: false,
runAsUserName: "string",
},
},
serviceAccount: {
annotations: {
string: "string",
},
automountServiceAccountToken: false,
create: false,
name: "string",
},
serviceAnnotations: {
string: "string",
},
serviceLabels: {
string: "string",
},
serviceType: "string",
strategy: {
rollingUpdate: {
maxSurge: 0,
maxUnavailable: 0,
},
type: "string",
},
timeoutSeconds: 0,
tolerations: [{
effect: "string",
key: "string",
operator: "string",
tolerationSeconds: 0,
value: "string",
}],
url: {
host: "string",
},
validatingWebhookConfigurationAnnotations: {
string: "string",
},
},
});
type: kubernetes-cert-manager:CertManager
properties:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
cainjector:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- string
drop:
- string
privileged: false
procMount: string
readOnlyRootFilesystem: false
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
deploymentAnnotations:
string: string
extraArgs:
- string
image:
digest: string
pullPolicy: string
registry: string
repository: string
tag: string
nodeSelector:
string: string
podAnnotations:
string: string
podLabels:
string: string
podSecurityContext:
fsGroup: 0
fsGroupChangePolicy: string
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
supplementalGroups:
- 0
sysctls:
- name: string
value: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
replicaCount: 0
resources:
limits:
string: string
requests:
string: string
serviceAccount:
annotations:
string: string
automountServiceAccountToken: false
create: false
name: string
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 0
type: string
timeoutSeconds: 0
tolerations:
- effect: string
key: string
operator: string
tolerationSeconds: 0
value: string
clusterResourceNamespace: string
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- string
drop:
- string
privileged: false
procMount: string
readOnlyRootFilesystem: false
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
deploymentAnnotations:
string: string
extraArgs:
- string
extraEnv:
- name: string
value: string
valueFrom:
configMapKeyRef:
key: string
name: string
optional: false
fieldRef:
apiVersion: string
fieldPath: string
resourceFieldRef:
containerName: string
divisor: string
resource: string
secretKeyRef:
key: string
name: string
optional: false
extraVolumeMounts:
- mountPath: string
mountPropagation: string
name: string
readOnly: false
subPath: string
subPathExpr: string
extraVolumes:
- awsElasticBlockStore:
fsType: string
partition: 0
readOnly: false
volumeID: string
azureDisk:
cachingMode: string
diskName: string
diskURI: string
fsType: string
kind: string
readOnly: false
azureFile:
readOnly: false
secretName: string
shareName: string
cephfs:
monitors:
- string
path: string
readOnly: false
secretFile: string
secretRef:
name: string
user: string
cinder:
fsType: string
readOnly: false
secretRef:
name: string
volumeID: string
configMap:
defaultMode: 0
items:
- key: string
mode: 0
path: string
name: string
optional: false
csi:
driver: string
fsType: string
nodePublishSecretRef:
name: string
readOnly: false
volumeAttributes:
string: string
downwardAPI:
defaultMode: 0
items:
- fieldRef:
apiVersion: string
fieldPath: string
mode: 0
path: string
resourceFieldRef:
containerName: string
divisor: string
resource: string
emptyDir:
medium: string
sizeLimit: string
ephemeral:
readOnly: false
volumeClaimTemplate:
metadata:
annotations:
string: string
clusterName: string
creationTimestamp: string
deletionGracePeriodSeconds: 0
deletionTimestamp: string
finalizers:
- string
generateName: string
generation: 0
labels:
string: string
managedFields:
- apiVersion: string
fieldsType: string
fieldsV1: '{}'
manager: string
operation: string
subresource: string
time: string
name: string
namespace: string
ownerReferences:
- apiVersion: string
blockOwnerDeletion: false
controller: false
kind: string
name: string
uid: string
resourceVersion: string
selfLink: string
uid: string
spec:
accessModes:
- string
dataSource:
apiGroup: string
kind: string
name: string
dataSourceRef:
apiGroup: string
kind: string
name: string
resources:
limits:
string: string
requests:
string: string
selector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
storageClassName: string
volumeMode: string
volumeName: string
fc:
fsType: string
lun: 0
readOnly: false
targetWWNs:
- string
wwids:
- string
flexVolume:
driver: string
fsType: string
options:
string: string
readOnly: false
secretRef:
name: string
flocker:
datasetName: string
datasetUUID: string
gcePersistentDisk:
fsType: string
partition: 0
pdName: string
readOnly: false
gitRepo:
directory: string
repository: string
revision: string
glusterfs:
endpoints: string
path: string
readOnly: false
hostPath:
path: string
type: string
iscsi:
chapAuthDiscovery: false
chapAuthSession: false
fsType: string
initiatorName: string
iqn: string
iscsiInterface: string
lun: 0
portals:
- string
readOnly: false
secretRef:
name: string
targetPortal: string
name: string
nfs:
path: string
readOnly: false
server: string
persistentVolumeClaim:
claimName: string
readOnly: false
photonPersistentDisk:
fsType: string
pdID: string
portworxVolume:
fsType: string
readOnly: false
volumeID: string
projected:
defaultMode: 0
sources:
- configMap:
items:
- key: string
mode: 0
path: string
name: string
optional: false
downwardAPI:
items:
- fieldRef:
apiVersion: string
fieldPath: string
mode: 0
path: string
resourceFieldRef:
containerName: string
divisor: string
resource: string
secret:
items:
- key: string
mode: 0
path: string
name: string
optional: false
serviceAccountToken:
audience: string
expirationSeconds: 0
path: string
quobyte:
group: string
readOnly: false
registry: string
tenant: string
user: string
volume: string
rbd:
fsType: string
image: string
keyring: string
monitors:
- string
pool: string
readOnly: false
secretRef:
name: string
user: string
scaleIO:
fsType: string
gateway: string
protectionDomain: string
readOnly: false
secretRef:
name: string
sslEnabled: false
storageMode: string
storagePool: string
system: string
volumeName: string
secret:
defaultMode: 0
items:
- key: string
mode: 0
path: string
optional: false
secretName: string
storageos:
fsType: string
readOnly: false
secretRef:
name: string
volumeName: string
volumeNamespace: string
vsphereVolume:
fsType: string
storagePolicyID: string
storagePolicyName: string
volumePath: string
featureGates: string
global:
imagePullSecrets:
- name: string
leaderElection:
leaseDuration: string
namespace: string
renewDeadline: string
logLevel: 0
podSecurityPolicy:
enabled: false
useAppArmor: false
priorityClassName: string
rbac:
create: false
helmOptions:
atomic: false
chart: string
cleanupOnFail: false
createNamespace: false
dependencyUpdate: false
description: string
devel: false
disableCRDHooks: false
disableOpenapiValidation: false
disableWebhooks: false
forceUpdate: false
keyring: string
lint: false
manifest:
string: any
maxHistory: 0
name: string
namespace: string
postrender: string
recreatePods: false
renderSubchartNotes: false
replace: false
repositoryOpts:
caFile: string
certFile: string
keyFile: string
password: string
repo: string
username: string
resetValues: false
resourceNames:
string:
- string
reuseValues: false
skipAwait: false
skipCrds: false
timeout: 0
valueYamlFiles:
- fn::StringAsset: content
values:
string: any
verify: false
version: string
waitForJobs: false
http_proxy: string
https_proxy: string
image:
digest: string
pullPolicy: string
registry: string
repository: string
tag: string
ingressShim:
defaultIssuerGroup: string
defaultIssuerKind: string
defaultIssuerName: string
installCRDs: false
no_proxy:
- string
nodeSelector:
nodeSelectorTerms:
- matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
podAnnotations:
string: string
podDnsConfig:
nameservers:
- string
options:
- name: string
value: string
searches:
- string
podDnsPolicy: string
podLabels:
string: string
prometheus:
enabled: false
serviceMonitor:
enabled: false
interval: string
labels:
string: string
path: string
prometheusInstance: string
string: string
targetPort: 0
replicaCount: 0
resources:
limits:
string: string
requests:
string: string
securityContext:
fsGroup: 0
fsGroupChangePolicy: string
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
supplementalGroups:
- 0
sysctls:
- name: string
value: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
serviceAccount:
annotations:
string: string
automountServiceAccountToken: false
create: false
name: string
serviceAnnotations:
string: string
serviceLabels:
string: string
startupapicheck:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
backoffLimit: 0
enabled: false
extraArgs:
- string
image:
digest: string
pullPolicy: string
registry: string
repository: string
tag: string
jobAnnotations:
string: string
nodeSelector:
string: string
podAnnotations:
string: string
podLabels:
string: string
rbac:
annotations:
string: string
resources:
limits:
string: string
requests:
string: string
securityContext:
fsGroup: 0
fsGroupChangePolicy: string
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
supplementalGroups:
- 0
sysctls:
- name: string
value: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
serviceAccount:
annotations:
string: string
automountServiceAccountToken: false
create: false
name: string
timeout: string
tolerations:
- effect: string
key: string
operator: string
tolerationSeconds: 0
value: string
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 0
type: string
tolerations:
- effect: string
key: string
operator: string
tolerationSeconds: 0
value: string
webhook:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- preference:
matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: string
operator: string
values:
- string
matchFields:
- key: string
operator: string
values:
- string
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
weight: 0
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaceSelector:
matchExpressions:
- key: string
operator: string
values:
- string
matchLabels:
string: string
namespaces:
- string
topologyKey: string
containerSecurityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- string
drop:
- string
privileged: false
procMount: string
readOnlyRootFilesystem: false
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
deploymentAnnotations:
string: string
extraArgs:
- string
hostNetwork: false
image:
digest: string
pullPolicy: string
registry: string
repository: string
tag: string
livenessProbe:
exec:
command:
- string
failureThreshold: 0
httpGet:
host: string
httpHeaders:
- name: string
value: string
path: string
port: 0
scheme: string
initialDelaySeconds: 0
periodSeconds: 0
successThreshold: 0
tcpSocket:
host: string
port: 0
terminationGracePeriodSeconds: 0
timeoutSeconds: 0
loadBalancerIP: string
mutatingWebhookConfigurationAnnotations:
string: string
nodeSelector:
string: string
podAnnotations:
string: string
podLabels:
string: string
readinessProbe:
exec:
command:
- string
failureThreshold: 0
httpGet:
host: string
httpHeaders:
- name: string
value: string
path: string
port: 0
scheme: string
initialDelaySeconds: 0
periodSeconds: 0
successThreshold: 0
tcpSocket:
host: string
port: 0
terminationGracePeriodSeconds: 0
timeoutSeconds: 0
replicaCount: 0
resources:
limits:
string: string
requests:
string: string
securePort: 0
securityContext:
fsGroup: 0
fsGroupChangePolicy: string
runAsGroup: 0
runAsNonRoot: false
runAsUser: 0
seLinuxOptions:
level: string
role: string
type: string
user: string
seccompProfile:
localhostProfile: string
type: string
supplementalGroups:
- 0
sysctls:
- name: string
value: string
windowsOptions:
gmsaCredentialSpec: string
gmsaCredentialSpecName: string
hostProcess: false
runAsUserName: string
serviceAccount:
annotations:
string: string
automountServiceAccountToken: false
create: false
name: string
serviceAnnotations:
string: string
serviceLabels:
string: string
serviceType: string
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 0
type: string
timeoutSeconds: 0
tolerations:
- effect: string
key: string
operator: string
tolerationSeconds: 0
value: string
url:
host: string
validatingWebhookConfigurationAnnotations:
string: string
CertManager Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The CertManager resource accepts the following input properties:
- Affinity
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Affinity - This type is defined in the Kubernetes package.
- Cainjector
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Ca Injector - Cluster
Resource stringNamespace - Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.
- Container
Security Pulumi.Context Kubernetes. Types. Inputs. Core. V1. Security Context - Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Deployment
Annotations Dictionary<string, string> - Optional additional annotations to add to the controller Deployment
- Extra
Args List<string> - Optional additional arguments.
- Extra
Env List<Pulumi.Kubernetes. Types. Inputs. Core. V1. Env Var> - Extra
Volume List<Pulumi.Mounts Kubernetes. Types. Inputs. Core. V1. Volume Mount> - Extra
Volumes List<Pulumi.Kubernetes. Types. Inputs. Core. V1. Volume> - Feature
Gates string - Comma separated list of feature gates that should be enabled on the controller pod.
- Global
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Global - Helm
Options Pulumi.Kubernetes Cert Manager. Inputs. Release - HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.
- Http_
proxy string - Https_
proxy string - Image
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Image - Ingress
Shim Pulumi.Kubernetes Cert Manager. Inputs. Cert Manager Ingress Shim - Install
CRDs bool - No_
proxy List<string> - Node
Selector Pulumi.Kubernetes. Types. Inputs. Core. V1. Node Selector - This type is defined in the Kubernetes package.
- Pod
Annotations Dictionary<string, string> - Optional additional annotations to add to the controller Pods
- Pod
Dns Pulumi.Config Kubernetes. Types. Inputs. Core. V1. Pod DNSConfig - This type is defined in the Kubernetes package.
- Pod
Dns stringPolicy - Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or
CustomPodDNSfeature gate enabled for the cluster to work. - Pod
Labels Dictionary<string, string> - Prometheus
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Prometheus - Replica
Count int - Resources
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Resource Requirements - This type is defined in the Kubernetes package.
- Security
Context Pulumi.Kubernetes. Types. Inputs. Core. V1. Pod Security Context - Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Service
Account Pulumi.Kubernetes Cert Manager. Inputs. Cert Manager Service Account - Service
Annotations Dictionary<string, string> - Optional additional annotations to add to the controller service
- Service
Labels Dictionary<string, string> - Optional additional labels to add to the controller Service
- Startupapicheck
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Startup APICheck - Strategy
Pulumi.
Kubernetes. Types. Inputs. Apps. V1. Deployment Strategy - This type is defined in the Kubernetes package.
- Tolerations
List<Pulumi.
Kubernetes. Types. Inputs. Core. V1. Toleration> - Webhook
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Webhook
- Affinity
Affinity
Args - This type is defined in the Kubernetes package.
- Cainjector
Cert
Manager Ca Injector Args - Cluster
Resource stringNamespace - Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.
- Container
Security SecurityContext Context Args - Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Deployment
Annotations map[string]string - Optional additional annotations to add to the controller Deployment
- Extra
Args []string - Optional additional arguments.
- Extra
Env EnvVar Args - Extra
Volume VolumeMounts Mount Args - Extra
Volumes VolumeArgs - Feature
Gates string - Comma separated list of feature gates that should be enabled on the controller pod.
- Global
Cert
Manager Global Args - Helm
Options ReleaseArgs - HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.
- Http_
proxy string - Https_
proxy string - Image
Cert
Manager Image Args - Ingress
Shim CertManager Ingress Shim Args - Install
CRDs bool - No_
proxy []string - Node
Selector NodeSelector Args - This type is defined in the Kubernetes package.
- Pod
Annotations map[string]string - Optional additional annotations to add to the controller Pods
- Pod
Dns PodConfig DNSConfig Args - This type is defined in the Kubernetes package.
- Pod
Dns stringPolicy - Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or
CustomPodDNSfeature gate enabled for the cluster to work. - Pod
Labels map[string]string - Prometheus
Cert
Manager Prometheus Args - Replica
Count int - Resources
Resource
Requirements Args - This type is defined in the Kubernetes package.
- Security
Context PodSecurity Context Args - Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Service
Account CertManager Service Account Args - Service
Annotations map[string]string - Optional additional annotations to add to the controller service
- Service
Labels map[string]string - Optional additional labels to add to the controller Service
- Startupapicheck
Cert
Manager Startup APICheck Args - Strategy
Deployment
Strategy Args - This type is defined in the Kubernetes package.
- Tolerations
Toleration
Args - Webhook
Cert
Manager Webhook Args
- affinity Affinity
- This type is defined in the Kubernetes package.
- cainjector
Cert
Manager Ca Injector - cluster
Resource StringNamespace - Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.
- container
Security SecurityContext Context - Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations Map<String,String> - Optional additional annotations to add to the controller Deployment
- extra
Args List<String> - Optional additional arguments.
- extra
Env List<EnvVar> - extra
Volume List<VolumeMounts Mount> - extra
Volumes List<Volume> - feature
Gates String - Comma separated list of feature gates that should be enabled on the controller pod.
- global
Cert
Manager Global - helm
Options Release - HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.
- http_
proxy String - https_
proxy String - image
Cert
Manager Image - ingress
Shim CertManager Ingress Shim - install
CRDs Boolean - no_
proxy List<String> - node
Selector NodeSelector - This type is defined in the Kubernetes package.
- pod
Annotations Map<String,String> - Optional additional annotations to add to the controller Pods
- pod
Dns PodConfig DNSConfig - This type is defined in the Kubernetes package.
- pod
Dns StringPolicy - Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or
CustomPodDNSfeature gate enabled for the cluster to work. - pod
Labels Map<String,String> - prometheus
Cert
Manager Prometheus - replica
Count Integer - resources
Resource
Requirements - This type is defined in the Kubernetes package.
- security
Context PodSecurity Context - Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - service
Annotations Map<String,String> - Optional additional annotations to add to the controller service
- service
Labels Map<String,String> - Optional additional labels to add to the controller Service
- startupapicheck
Cert
Manager Startup APICheck - strategy
Deployment
Strategy - This type is defined in the Kubernetes package.
- tolerations List<Toleration>
- webhook
Cert
Manager Webhook
- affinity
pulumi
Kubernetestypesinputcorev1Affinity - This type is defined in the Kubernetes package.
- cainjector
Cert
Manager Ca Injector - cluster
Resource stringNamespace - Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.
- container
Security pulumiContext Kubernetestypesinputcorev1Security Context - Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations {[key: string]: string} - Optional additional annotations to add to the controller Deployment
- extra
Args string[] - Optional additional arguments.
- extra
Env pulumiKubernetestypesinputcorev1Env Var[] - extra
Volume pulumiMounts Kubernetestypesinputcorev1Volume Mount[] - extra
Volumes pulumiKubernetestypesinputcorev1Volume[] - feature
Gates string - Comma separated list of feature gates that should be enabled on the controller pod.
- global
Cert
Manager Global - helm
Options Release - HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.
- http_
proxy string - https_
proxy string - image
Cert
Manager Image - ingress
Shim CertManager Ingress Shim - install
CRDs boolean - no_
proxy string[] - node
Selector pulumiKubernetestypesinputcorev1Node Selector - This type is defined in the Kubernetes package.
- pod
Annotations {[key: string]: string} - Optional additional annotations to add to the controller Pods
- pod
Dns pulumiConfig Kubernetestypesinputcorev1Pod DNSConfig - This type is defined in the Kubernetes package.
- pod
Dns stringPolicy - Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or
CustomPodDNSfeature gate enabled for the cluster to work. - pod
Labels {[key: string]: string} - prometheus
Cert
Manager Prometheus - replica
Count number - resources
pulumi
Kubernetestypesinputcorev1Resource Requirements - This type is defined in the Kubernetes package.
- security
Context pulumiKubernetestypesinputcorev1Pod Security Context - Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - service
Annotations {[key: string]: string} - Optional additional annotations to add to the controller service
- service
Labels {[key: string]: string} - Optional additional labels to add to the controller Service
- startupapicheck
Cert
Manager Startup APICheck - strategy
pulumi
Kubernetestypesinputappsv1Deployment Strategy - This type is defined in the Kubernetes package.
- tolerations
pulumi
Kubernetestypesinputcorev1Toleration[] - webhook
Cert
Manager Webhook
- affinity
pulumi_
kubernetes.core.v1. Affinity Args - This type is defined in the Kubernetes package.
- cainjector
Cert
Manager Ca Injector Args - cluster_
resource_ strnamespace - Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.
- container_
security_ pulumi_context kubernetes.core.v1. Security Context Args - Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment_
annotations Mapping[str, str] - Optional additional annotations to add to the controller Deployment
- extra_
args Sequence[str] - Optional additional arguments.
- extra_
env Sequence[pulumi_kubernetes.core.v1. Env Var Args] - extra_
volume_ Sequence[pulumi_mounts kubernetes.core.v1. Volume Mount Args] - extra_
volumes Sequence[pulumi_kubernetes.core.v1. Volume Args] - feature_
gates str - Comma separated list of feature gates that should be enabled on the controller pod.
- global_
Cert
Manager Global Args - helm_
options ReleaseArgs - HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.
- http_
proxy str - https_
proxy str - image
Cert
Manager Image Args - ingress_
shim CertManager Ingress Shim Args - install_
crds bool - no_
proxy Sequence[str] - node_
selector pulumi_kubernetes.core.v1. Node Selector Args - This type is defined in the Kubernetes package.
- pod_
annotations Mapping[str, str] - Optional additional annotations to add to the controller Pods
- pod_
dns_ pulumi_config kubernetes.core.v1. Pod DNSConfig Args - This type is defined in the Kubernetes package.
- pod_
dns_ strpolicy - Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or
CustomPodDNSfeature gate enabled for the cluster to work. - pod_
labels Mapping[str, str] - prometheus
Cert
Manager Prometheus Args - replica_
count int - resources
pulumi_
kubernetes.core.v1. Resource Requirements Args - This type is defined in the Kubernetes package.
- security_
context pulumi_kubernetes.core.v1. Pod Security Context Args - Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service_
account CertManager Service Account Args - service_
annotations Mapping[str, str] - Optional additional annotations to add to the controller service
- service_
labels Mapping[str, str] - Optional additional labels to add to the controller Service
- startupapicheck
Cert
Manager Startup APICheck Args - strategy
pulumi_
kubernetes.apps.v1. Deployment Strategy Args - This type is defined in the Kubernetes package.
- tolerations
Sequence[pulumi_
kubernetes.core.v1. Toleration Args] - webhook
Cert
Manager Webhook Args
- affinity Property Map
- This type is defined in the Kubernetes package.
- cainjector Property Map
- cluster
Resource StringNamespace - Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources. By default, the same namespace as cert-manager is deployed within is used. This namespace will not be automatically created by the Helm chart.
- container
Security Property MapContext - Container Security Context to be set on the controller component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations Map<String> - Optional additional annotations to add to the controller Deployment
- extra
Args List<String> - Optional additional arguments.
- extra
Env List<Property Map> - extra
Volume List<Property Map>Mounts - extra
Volumes List<Property Map> - feature
Gates String - Comma separated list of feature gates that should be enabled on the controller pod.
- global Property Map
- helm
Options Property Map - HelmOptions is an escape hatch that lets the end user control any aspect of the Helm deployment. This exposes the entirety of the underlying Helm Release component args.
- http_
proxy String - https_
proxy String - image Property Map
- ingress
Shim Property Map - install
CRDs Boolean - no_
proxy List<String> - node
Selector Property Map - This type is defined in the Kubernetes package.
- pod
Annotations Map<String> - Optional additional annotations to add to the controller Pods
- pod
Dns Property MapConfig - This type is defined in the Kubernetes package.
- pod
Dns StringPolicy - Optional DNS settings, useful if you have a public and private DNS zone for the same domain on Route 53. What follows is an example of ensuring cert-manager can access an ingress or DNS TXT records at all times. NOTE: This requires Kubernetes 1.10 or
CustomPodDNSfeature gate enabled for the cluster to work. - pod
Labels Map<String> - prometheus Property Map
- replica
Count Number - resources Property Map
- This type is defined in the Kubernetes package.
- security
Context Property Map - Pod Security Context. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account Property Map - service
Annotations Map<String> - Optional additional annotations to add to the controller service
- service
Labels Map<String> - Optional additional labels to add to the controller Service
- startupapicheck Property Map
- strategy Property Map
- This type is defined in the Kubernetes package.
- tolerations List<Property Map>
- webhook Property Map
Outputs
All input properties are implicitly available as output properties. Additionally, the CertManager resource produces the following output properties:
- Status
Pulumi.
Kubernetes Cert Manager. Outputs. Release Status - Detailed information about the status of the underlying Helm deployment.
- Status
Release
Status - Detailed information about the status of the underlying Helm deployment.
- status
Release
Status - Detailed information about the status of the underlying Helm deployment.
- status
Release
Status - Detailed information about the status of the underlying Helm deployment.
- status
Release
Status - Detailed information about the status of the underlying Helm deployment.
- status Property Map
- Detailed information about the status of the underlying Helm deployment.
Supporting Types
CertManagerCaInjector, CertManagerCaInjectorArgs
- Affinity
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Affinity - This type is defined in the Kubernetes package.
- Container
Security Pulumi.Context Kubernetes. Types. Inputs. Core. V1. Security Context - Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Deployment
Annotations Dictionary<string, string> - Optional additional annotations to add to the cainjector Deployment
- Extra
Args List<string> - Optional additional arguments for cainjector
- Image
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Image - Node
Selector Dictionary<string, string> - Pod
Annotations Dictionary<string, string> - Optional additional annotations to add to the cainjector Pods
- Pod
Labels Dictionary<string, string> - Optional additional labels to add to the Webhook Pods
- Pod
Security Pulumi.Context Kubernetes. Types. Inputs. Core. V1. Pod Security Context - Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Replica
Count int - Resources
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Resource Requirements - This type is defined in the Kubernetes package.
- Service
Account Pulumi.Kubernetes Cert Manager. Inputs. Cert Manager Service Account - Strategy
Pulumi.
Kubernetes. Types. Inputs. Apps. V1. Deployment Strategy - This type is defined in the Kubernetes package.
- Timeout
Seconds int - Tolerations
List<Pulumi.
Kubernetes. Types. Inputs. Core. V1. Toleration>
- Affinity Affinity
- This type is defined in the Kubernetes package.
- Container
Security SecurityContext Context - Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Deployment
Annotations map[string]string - Optional additional annotations to add to the cainjector Deployment
- Extra
Args []string - Optional additional arguments for cainjector
- Image
Cert
Manager Image - Node
Selector map[string]string - Pod
Annotations map[string]string - Optional additional annotations to add to the cainjector Pods
- Pod
Labels map[string]string - Optional additional labels to add to the Webhook Pods
- Pod
Security PodContext Security Context - Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Replica
Count int - Resources
Resource
Requirements - This type is defined in the Kubernetes package.
- Service
Account CertManager Service Account - Strategy
Deployment
Strategy - This type is defined in the Kubernetes package.
- Timeout
Seconds int - Tolerations Toleration
- affinity Affinity
- This type is defined in the Kubernetes package.
- container
Security SecurityContext Context - Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations Map<String,String> - Optional additional annotations to add to the cainjector Deployment
- extra
Args List<String> - Optional additional arguments for cainjector
- image
Cert
Manager Image - node
Selector Map<String,String> - pod
Annotations Map<String,String> - Optional additional annotations to add to the cainjector Pods
- pod
Labels Map<String,String> - Optional additional labels to add to the Webhook Pods
- pod
Security PodContext Security Context - Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- replica
Count Integer - resources
Resource
Requirements - This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - strategy
Deployment
Strategy - This type is defined in the Kubernetes package.
- timeout
Seconds Integer - tolerations List<Toleration>
- affinity
pulumi
Kubernetestypesinputcorev1Affinity - This type is defined in the Kubernetes package.
- container
Security pulumiContext Kubernetestypesinputcorev1Security Context - Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations {[key: string]: string} - Optional additional annotations to add to the cainjector Deployment
- extra
Args string[] - Optional additional arguments for cainjector
- image
Cert
Manager Image - node
Selector {[key: string]: string} - pod
Annotations {[key: string]: string} - Optional additional annotations to add to the cainjector Pods
- pod
Labels {[key: string]: string} - Optional additional labels to add to the Webhook Pods
- pod
Security pulumiContext Kubernetestypesinputcorev1Pod Security Context - Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- replica
Count number - resources
pulumi
Kubernetestypesinputcorev1Resource Requirements - This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - strategy
pulumi
Kubernetestypesinputappsv1Deployment Strategy - This type is defined in the Kubernetes package.
- timeout
Seconds number - tolerations
pulumi
Kubernetestypesinputcorev1Toleration[]
- affinity
pulumi_
kubernetes.core.v1. Affinity Args - This type is defined in the Kubernetes package.
- container_
security_ pulumi_context kubernetes.core.v1. Security Context Args - Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment_
annotations Mapping[str, str] - Optional additional annotations to add to the cainjector Deployment
- extra_
args Sequence[str] - Optional additional arguments for cainjector
- image
Cert
Manager Image - node_
selector Mapping[str, str] - pod_
annotations Mapping[str, str] - Optional additional annotations to add to the cainjector Pods
- pod_
labels Mapping[str, str] - Optional additional labels to add to the Webhook Pods
- pod_
security_ pulumi_context kubernetes.core.v1. Pod Security Context Args - Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- replica_
count int - resources
pulumi_
kubernetes.core.v1. Resource Requirements Args - This type is defined in the Kubernetes package.
- service_
account CertManager Service Account - strategy
pulumi_
kubernetes.apps.v1. Deployment Strategy Args - This type is defined in the Kubernetes package.
- timeout_
seconds int - tolerations
Sequence[pulumi_
kubernetes.core.v1. Toleration Args]
- affinity Property Map
- This type is defined in the Kubernetes package.
- container
Security Property MapContext - Container Security Context to be set on the cainjector component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations Map<String> - Optional additional annotations to add to the cainjector Deployment
- extra
Args List<String> - Optional additional arguments for cainjector
- image Property Map
- node
Selector Map<String> - pod
Annotations Map<String> - Optional additional annotations to add to the cainjector Pods
- pod
Labels Map<String> - Optional additional labels to add to the Webhook Pods
- pod
Security Property MapContext - Pod Security Context to be set on the cainjector component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- replica
Count Number - resources Property Map
- This type is defined in the Kubernetes package.
- service
Account Property Map - strategy Property Map
- This type is defined in the Kubernetes package.
- timeout
Seconds Number - tolerations List<Property Map>
CertManagerGlobal, CertManagerGlobalArgs
- Image
Pull List<Pulumi.Secrets Kubernetes. Types. Inputs. Core. V1. Local Object Reference> - Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- Leader
Election Pulumi.Kubernetes Cert Manager. Inputs. Cert Manager Global Leader Election - Log
Level int - Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.
- Pod
Security Pulumi.Policy Kubernetes Cert Manager. Inputs. Cert Manager Global Pod Security Policy - Priority
Class stringName - Optional priority class to be used for the cert-manager pods.
- Rbac
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Global Rbac
- Image
Pull LocalSecrets Object Reference - Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- Leader
Election CertManager Global Leader Election - Log
Level int - Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.
- Pod
Security CertPolicy Manager Global Pod Security Policy - Priority
Class stringName - Optional priority class to be used for the cert-manager pods.
- Rbac
Cert
Manager Global Rbac
- image
Pull List<LocalSecrets Object Reference> - Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- leader
Election CertManager Global Leader Election - log
Level Integer - Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.
- pod
Security CertPolicy Manager Global Pod Security Policy - priority
Class StringName - Optional priority class to be used for the cert-manager pods.
- rbac
Cert
Manager Global Rbac
- image
Pull pulumiSecrets Kubernetestypesinputcorev1Local Object Reference[] - Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- leader
Election CertManager Global Leader Election - log
Level number - Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.
- pod
Security CertPolicy Manager Global Pod Security Policy - priority
Class stringName - Optional priority class to be used for the cert-manager pods.
- rbac
Cert
Manager Global Rbac
- image_
pull_ Sequence[pulumi_secrets kubernetes.core.v1. Local Object Reference Args] - Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- leader_
election CertManager Global Leader Election - log_
level int - Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.
- pod_
security_ Certpolicy Manager Global Pod Security Policy - priority_
class_ strname - Optional priority class to be used for the cert-manager pods.
- rbac
Cert
Manager Global Rbac
- image
Pull List<Property Map>Secrets - Reference to one or more secrets to be used when pulling images. ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
- leader
Election Property Map - log
Level Number - Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose.
- pod
Security Property MapPolicy - priority
Class StringName - Optional priority class to be used for the cert-manager pods.
- rbac Property Map
CertManagerGlobalLeaderElection, CertManagerGlobalLeaderElectionArgs
- Lease
Duration string - The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.
- Namespace string
- Override the namespace used to store the ConfigMap for leader election.
- Renew
Deadline string - The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.
- Lease
Duration string - The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.
- Namespace string
- Override the namespace used to store the ConfigMap for leader election.
- Renew
Deadline string - The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.
- lease
Duration String - The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.
- namespace String
- Override the namespace used to store the ConfigMap for leader election.
- renew
Deadline String - The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.
- lease
Duration string - The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.
- namespace string
- Override the namespace used to store the ConfigMap for leader election.
- renew
Deadline string - The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.
- lease_
duration str - The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.
- namespace str
- Override the namespace used to store the ConfigMap for leader election.
- renew_
deadline str - The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.
- lease
Duration String - The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate.
- namespace String
- Override the namespace used to store the ConfigMap for leader election.
- renew
Deadline String - The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration.
CertManagerGlobalPodSecurityPolicy, CertManagerGlobalPodSecurityPolicyArgs
- Enabled bool
- Use
App boolArmor
- Enabled bool
- Use
App boolArmor
- enabled Boolean
- use
App BooleanArmor
- enabled boolean
- use
App booleanArmor
- enabled bool
- use_
app_ boolarmor
- enabled Boolean
- use
App BooleanArmor
CertManagerGlobalRbac, CertManagerGlobalRbacArgs
- Create bool
- Create bool
- create Boolean
- create boolean
- create bool
- create Boolean
CertManagerImage, CertManagerImageArgs
- Digest string
- Setting a digest will override any tag, e.g.
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20. - Pull
Policy string - Registry string
- You can manage a registry with
registry: quay.io. - Repository string
- You can manage a registry with
repository: jetstack/cert-manager-controller. - Tag string
- Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.
- Digest string
- Setting a digest will override any tag, e.g.
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20. - Pull
Policy string - Registry string
- You can manage a registry with
registry: quay.io. - Repository string
- You can manage a registry with
repository: jetstack/cert-manager-controller. - Tag string
- Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.
- digest String
- Setting a digest will override any tag, e.g.
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20. - pull
Policy String - registry String
- You can manage a registry with
registry: quay.io. - repository String
- You can manage a registry with
repository: jetstack/cert-manager-controller. - tag String
- Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.
- digest string
- Setting a digest will override any tag, e.g.
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20. - pull
Policy string - registry string
- You can manage a registry with
registry: quay.io. - repository string
- You can manage a registry with
repository: jetstack/cert-manager-controller. - tag string
- Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.
- digest str
- Setting a digest will override any tag, e.g.
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20. - pull_
policy str - registry str
- You can manage a registry with
registry: quay.io. - repository str
- You can manage a registry with
repository: jetstack/cert-manager-controller. - tag str
- Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.
- digest String
- Setting a digest will override any tag, e.g.
digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20. - pull
Policy String - registry String
- You can manage a registry with
registry: quay.io. - repository String
- You can manage a registry with
repository: jetstack/cert-manager-controller. - tag String
- Override the image tag to deploy by setting this variable. If no value is set, the chart's appVersion will be used.
CertManagerIngressShim, CertManagerIngressShimArgs
- Default
Issuer stringGroup - Default
Issuer stringKind - Default
Issuer stringName
- Default
Issuer stringGroup - Default
Issuer stringKind - Default
Issuer stringName
- default
Issuer StringGroup - default
Issuer StringKind - default
Issuer StringName
- default
Issuer stringGroup - default
Issuer stringKind - default
Issuer stringName
- default
Issuer StringGroup - default
Issuer StringKind - default
Issuer StringName
CertManagerPrometheus, CertManagerPrometheusArgs
- enabled Boolean
- service
Monitor Property Map
CertManagerPrometheusServiceMonitor, CertManagerPrometheusServiceMonitorArgs
- Enabled bool
- Interval string
- Labels Dictionary<string, string>
- Path string
- Prometheus
Instance string - String string
- Target
Port int
- Enabled bool
- Interval string
- Labels map[string]string
- Path string
- Prometheus
Instance string - String string
- Target
Port int
- enabled Boolean
- interval String
- labels Map<String,String>
- path String
- prometheus
Instance String - string String
- target
Port Integer
- enabled boolean
- interval string
- labels {[key: string]: string}
- path string
- prometheus
Instance string - string string
- target
Port number
- enabled bool
- interval str
- labels Mapping[str, str]
- path str
- prometheus_
instance str - string str
- target_
port int
- enabled Boolean
- interval String
- labels Map<String>
- path String
- prometheus
Instance String - string String
- target
Port Number
CertManagerServiceAccount, CertManagerServiceAccountArgs
- Annotations Dictionary<string, string>
- Optional additional annotations to add to the controller's ServiceAccount.
- Automount
Service boolAccount Token - Automount API credentials for a Service Account.
- Create bool
- Specifies whether a service account should be created
- Name string
- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
- Annotations map[string]string
- Optional additional annotations to add to the controller's ServiceAccount.
- Automount
Service boolAccount Token - Automount API credentials for a Service Account.
- Create bool
- Specifies whether a service account should be created
- Name string
- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
- annotations Map<String,String>
- Optional additional annotations to add to the controller's ServiceAccount.
- automount
Service BooleanAccount Token - Automount API credentials for a Service Account.
- create Boolean
- Specifies whether a service account should be created
- name String
- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
- annotations {[key: string]: string}
- Optional additional annotations to add to the controller's ServiceAccount.
- automount
Service booleanAccount Token - Automount API credentials for a Service Account.
- create boolean
- Specifies whether a service account should be created
- name string
- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
- annotations Mapping[str, str]
- Optional additional annotations to add to the controller's ServiceAccount.
- automount_
service_ boolaccount_ token - Automount API credentials for a Service Account.
- create bool
- Specifies whether a service account should be created
- name str
- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
- annotations Map<String>
- Optional additional annotations to add to the controller's ServiceAccount.
- automount
Service BooleanAccount Token - Automount API credentials for a Service Account.
- create Boolean
- Specifies whether a service account should be created
- name String
- The name of the service account to use. If not set and create is true, a name is generated using the fullname template.
CertManagerStartupAPICheck, CertManagerStartupAPICheckArgs
- Affinity
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Affinity - This type is defined in the Kubernetes package.
- Backoff
Limit int - Job backoffLimit
- Enabled bool
- Extra
Args List<string> - Optional additional arguments for startupapicheck
- Image
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Image - Job
Annotations Dictionary<string, string> - Optional additional annotations to add to the startupapicheck Job
- Node
Selector Dictionary<string, string> - Pod
Annotations Dictionary<string, string> - Optional additional annotations to add to the startupapicheck Pods
- Pod
Labels Dictionary<string, string> - Optional additional labels to add to the startupapicheck Pods
- Rbac
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Startup APICheck RBAC - Resources
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Resource Requirements - This type is defined in the Kubernetes package.
- Security
Context Pulumi.Kubernetes. Types. Inputs. Core. V1. Pod Security Context - Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Service
Account Pulumi.Kubernetes Cert Manager. Inputs. Cert Manager Service Account - Timeout string
- Timeout for 'kubectl check api' command
- Tolerations
List<Pulumi.
Kubernetes. Types. Inputs. Core. V1. Toleration>
- Affinity Affinity
- This type is defined in the Kubernetes package.
- Backoff
Limit int - Job backoffLimit
- Enabled bool
- Extra
Args []string - Optional additional arguments for startupapicheck
- Image
Cert
Manager Image - Job
Annotations map[string]string - Optional additional annotations to add to the startupapicheck Job
- Node
Selector map[string]string - Pod
Annotations map[string]string - Optional additional annotations to add to the startupapicheck Pods
- Pod
Labels map[string]string - Optional additional labels to add to the startupapicheck Pods
- Rbac
Cert
Manager Startup APICheck RBAC - Resources
Resource
Requirements - This type is defined in the Kubernetes package.
- Security
Context PodSecurity Context - Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Service
Account CertManager Service Account - Timeout string
- Timeout for 'kubectl check api' command
- Tolerations Toleration
- affinity Affinity
- This type is defined in the Kubernetes package.
- backoff
Limit Integer - Job backoffLimit
- enabled Boolean
- extra
Args List<String> - Optional additional arguments for startupapicheck
- image
Cert
Manager Image - job
Annotations Map<String,String> - Optional additional annotations to add to the startupapicheck Job
- node
Selector Map<String,String> - pod
Annotations Map<String,String> - Optional additional annotations to add to the startupapicheck Pods
- pod
Labels Map<String,String> - Optional additional labels to add to the startupapicheck Pods
- rbac
Cert
Manager Startup APICheck RBAC - resources
Resource
Requirements - This type is defined in the Kubernetes package.
- security
Context PodSecurity Context - Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - timeout String
- Timeout for 'kubectl check api' command
- tolerations List<Toleration>
- affinity
pulumi
Kubernetestypesinputcorev1Affinity - This type is defined in the Kubernetes package.
- backoff
Limit number - Job backoffLimit
- enabled boolean
- extra
Args string[] - Optional additional arguments for startupapicheck
- image
Cert
Manager Image - job
Annotations {[key: string]: string} - Optional additional annotations to add to the startupapicheck Job
- node
Selector {[key: string]: string} - pod
Annotations {[key: string]: string} - Optional additional annotations to add to the startupapicheck Pods
- pod
Labels {[key: string]: string} - Optional additional labels to add to the startupapicheck Pods
- rbac
Cert
Manager Startup APICheck RBAC - resources
pulumi
Kubernetestypesinputcorev1Resource Requirements - This type is defined in the Kubernetes package.
- security
Context pulumiKubernetestypesinputcorev1Pod Security Context - Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - timeout string
- Timeout for 'kubectl check api' command
- tolerations
pulumi
Kubernetestypesinputcorev1Toleration[]
- affinity
pulumi_
kubernetes.core.v1. Affinity Args - This type is defined in the Kubernetes package.
- backoff_
limit int - Job backoffLimit
- enabled bool
- extra_
args Sequence[str] - Optional additional arguments for startupapicheck
- image
Cert
Manager Image - job_
annotations Mapping[str, str] - Optional additional annotations to add to the startupapicheck Job
- node_
selector Mapping[str, str] - pod_
annotations Mapping[str, str] - Optional additional annotations to add to the startupapicheck Pods
- pod_
labels Mapping[str, str] - Optional additional labels to add to the startupapicheck Pods
- rbac
Cert
Manager Startup APICheck RBAC - resources
pulumi_
kubernetes.core.v1. Resource Requirements Args - This type is defined in the Kubernetes package.
- security_
context pulumi_kubernetes.core.v1. Pod Security Context Args - Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service_
account CertManager Service Account - timeout str
- Timeout for 'kubectl check api' command
- tolerations
Sequence[pulumi_
kubernetes.core.v1. Toleration Args]
- affinity Property Map
- This type is defined in the Kubernetes package.
- backoff
Limit Number - Job backoffLimit
- enabled Boolean
- extra
Args List<String> - Optional additional arguments for startupapicheck
- image Property Map
- job
Annotations Map<String> - Optional additional annotations to add to the startupapicheck Job
- node
Selector Map<String> - pod
Annotations Map<String> - Optional additional annotations to add to the startupapicheck Pods
- pod
Labels Map<String> - Optional additional labels to add to the startupapicheck Pods
- rbac Property Map
- resources Property Map
- This type is defined in the Kubernetes package.
- security
Context Property Map - Pod Security Context to be set on the startupapicheck component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account Property Map - timeout String
- Timeout for 'kubectl check api' command
- tolerations List<Property Map>
CertManagerStartupAPICheckRBAC, CertManagerStartupAPICheckRBACArgs
- Annotations Dictionary<string, string>
- annotations for the startup API Check job RBAC and PSP resources
- Annotations map[string]string
- annotations for the startup API Check job RBAC and PSP resources
- annotations Map<String,String>
- annotations for the startup API Check job RBAC and PSP resources
- annotations {[key: string]: string}
- annotations for the startup API Check job RBAC and PSP resources
- annotations Mapping[str, str]
- annotations for the startup API Check job RBAC and PSP resources
- annotations Map<String>
- annotations for the startup API Check job RBAC and PSP resources
CertManagerWebhook, CertManagerWebhookArgs
- Affinity
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Affinity - This type is defined in the Kubernetes package.
- Container
Security Pulumi.Context Kubernetes. Types. Inputs. Core. V1. Security Context - Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Deployment
Annotations Dictionary<string, string> - Optional additional annotations to add to the webhook Deployment
- Extra
Args List<string> - Optional additional arguments for webhook
- Host
Network bool - Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network,
webhook.securePortshould be changed to an available port if running in hostNetwork mode. - Image
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Image - Liveness
Probe Pulumi.Kubernetes. Types. Inputs. Core. V1. Probe - Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- Load
Balancer stringIP - Mutating
Webhook Dictionary<string, string>Configuration Annotations - Optional additional annotations to add to the webhook MutatingWebhookConfiguration
- Node
Selector Dictionary<string, string> - Pod
Annotations Dictionary<string, string> - Optional additional annotations to add to the webhook Pods
- Pod
Labels Dictionary<string, string> - Optional additional labels to add to the Webhook Pods
- Readiness
Probe Pulumi.Kubernetes. Types. Inputs. Core. V1. Probe - Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- Replica
Count int - Resources
Pulumi.
Kubernetes. Types. Inputs. Core. V1. Resource Requirements - This type is defined in the Kubernetes package.
- Secure
Port int - The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000
- Security
Context Pulumi.Kubernetes. Types. Inputs. Core. V1. Pod Security Context - Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Service
Account Pulumi.Kubernetes Cert Manager. Inputs. Cert Manager Service Account - Service
Annotations Dictionary<string, string> - Optional additional annotations to add to the webhook service
- Service
Labels Dictionary<string, string> - Optional additional labels to add to the Webhook Service
- Service
Type string - Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.
- Strategy
Pulumi.
Kubernetes. Types. Inputs. Apps. V1. Deployment Strategy - This type is defined in the Kubernetes package.
- Timeout
Seconds int - Tolerations
List<Pulumi.
Kubernetes. Types. Inputs. Core. V1. Toleration> - Url
Pulumi.
Kubernetes Cert Manager. Inputs. Cert Manager Webhook URL - Overrides the mutating webhook and validating webhook so they reach the webhook service using the
urlfield instead of a service. - Validating
Webhook Dictionary<string, string>Configuration Annotations - Optional additional annotations to add to the webhook ValidatingWebhookConfiguration
- Affinity Affinity
- This type is defined in the Kubernetes package.
- Container
Security SecurityContext Context - Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Deployment
Annotations map[string]string - Optional additional annotations to add to the webhook Deployment
- Extra
Args []string - Optional additional arguments for webhook
- Host
Network bool - Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network,
webhook.securePortshould be changed to an available port if running in hostNetwork mode. - Image
Cert
Manager Image - Liveness
Probe Probe - Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- Load
Balancer stringIP - Mutating
Webhook map[string]stringConfiguration Annotations - Optional additional annotations to add to the webhook MutatingWebhookConfiguration
- Node
Selector map[string]string - Pod
Annotations map[string]string - Optional additional annotations to add to the webhook Pods
- Pod
Labels map[string]string - Optional additional labels to add to the Webhook Pods
- Readiness
Probe Probe - Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- Replica
Count int - Resources
Resource
Requirements - This type is defined in the Kubernetes package.
- Secure
Port int - The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000
- Security
Context PodSecurity Context - Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- Service
Account CertManager Service Account - Service
Annotations map[string]string - Optional additional annotations to add to the webhook service
- Service
Labels map[string]string - Optional additional labels to add to the Webhook Service
- Service
Type string - Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.
- Strategy
Deployment
Strategy - This type is defined in the Kubernetes package.
- Timeout
Seconds int - Tolerations Toleration
- Url
Cert
Manager Webhook URL - Overrides the mutating webhook and validating webhook so they reach the webhook service using the
urlfield instead of a service. - Validating
Webhook map[string]stringConfiguration Annotations - Optional additional annotations to add to the webhook ValidatingWebhookConfiguration
- affinity Affinity
- This type is defined in the Kubernetes package.
- container
Security SecurityContext Context - Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations Map<String,String> - Optional additional annotations to add to the webhook Deployment
- extra
Args List<String> - Optional additional arguments for webhook
- host
Network Boolean - Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network,
webhook.securePortshould be changed to an available port if running in hostNetwork mode. - image
Cert
Manager Image - liveness
Probe Probe - Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- load
Balancer StringIP - mutating
Webhook Map<String,String>Configuration Annotations - Optional additional annotations to add to the webhook MutatingWebhookConfiguration
- node
Selector Map<String,String> - pod
Annotations Map<String,String> - Optional additional annotations to add to the webhook Pods
- pod
Labels Map<String,String> - Optional additional labels to add to the Webhook Pods
- readiness
Probe Probe - Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- replica
Count Integer - resources
Resource
Requirements - This type is defined in the Kubernetes package.
- secure
Port Integer - The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000
- security
Context PodSecurity Context - Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - service
Annotations Map<String,String> - Optional additional annotations to add to the webhook service
- service
Labels Map<String,String> - Optional additional labels to add to the Webhook Service
- service
Type String - Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.
- strategy
Deployment
Strategy - This type is defined in the Kubernetes package.
- timeout
Seconds Integer - tolerations List<Toleration>
- url
Cert
Manager Webhook URL - Overrides the mutating webhook and validating webhook so they reach the webhook service using the
urlfield instead of a service. - validating
Webhook Map<String,String>Configuration Annotations - Optional additional annotations to add to the webhook ValidatingWebhookConfiguration
- affinity
pulumi
Kubernetestypesinputcorev1Affinity - This type is defined in the Kubernetes package.
- container
Security pulumiContext Kubernetestypesinputcorev1Security Context - Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations {[key: string]: string} - Optional additional annotations to add to the webhook Deployment
- extra
Args string[] - Optional additional arguments for webhook
- host
Network boolean - Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network,
webhook.securePortshould be changed to an available port if running in hostNetwork mode. - image
Cert
Manager Image - liveness
Probe pulumiKubernetestypesinputcorev1Probe - Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- load
Balancer stringIP - mutating
Webhook {[key: string]: string}Configuration Annotations - Optional additional annotations to add to the webhook MutatingWebhookConfiguration
- node
Selector {[key: string]: string} - pod
Annotations {[key: string]: string} - Optional additional annotations to add to the webhook Pods
- pod
Labels {[key: string]: string} - Optional additional labels to add to the Webhook Pods
- readiness
Probe pulumiKubernetestypesinputcorev1Probe - Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- replica
Count number - resources
pulumi
Kubernetestypesinputcorev1Resource Requirements - This type is defined in the Kubernetes package.
- secure
Port number - The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000
- security
Context pulumiKubernetestypesinputcorev1Pod Security Context - Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account CertManager Service Account - service
Annotations {[key: string]: string} - Optional additional annotations to add to the webhook service
- service
Labels {[key: string]: string} - Optional additional labels to add to the Webhook Service
- service
Type string - Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.
- strategy
pulumi
Kubernetestypesinputappsv1Deployment Strategy - This type is defined in the Kubernetes package.
- timeout
Seconds number - tolerations
pulumi
Kubernetestypesinputcorev1Toleration[] - url
Cert
Manager Webhook URL - Overrides the mutating webhook and validating webhook so they reach the webhook service using the
urlfield instead of a service. - validating
Webhook {[key: string]: string}Configuration Annotations - Optional additional annotations to add to the webhook ValidatingWebhookConfiguration
- affinity
pulumi_
kubernetes.core.v1. Affinity Args - This type is defined in the Kubernetes package.
- container_
security_ pulumi_context kubernetes.core.v1. Security Context Args - Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment_
annotations Mapping[str, str] - Optional additional annotations to add to the webhook Deployment
- extra_
args Sequence[str] - Optional additional arguments for webhook
- host_
network bool - Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network,
webhook.securePortshould be changed to an available port if running in hostNetwork mode. - image
Cert
Manager Image - liveness_
probe pulumi_kubernetes.core.v1. Probe Args - Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- load_
balancer_ strip - mutating_
webhook_ Mapping[str, str]configuration_ annotations - Optional additional annotations to add to the webhook MutatingWebhookConfiguration
- node_
selector Mapping[str, str] - pod_
annotations Mapping[str, str] - Optional additional annotations to add to the webhook Pods
- pod_
labels Mapping[str, str] - Optional additional labels to add to the Webhook Pods
- readiness_
probe pulumi_kubernetes.core.v1. Probe Args - Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- replica_
count int - resources
pulumi_
kubernetes.core.v1. Resource Requirements Args - This type is defined in the Kubernetes package.
- secure_
port int - The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000
- security_
context pulumi_kubernetes.core.v1. Pod Security Context Args - Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service_
account CertManager Service Account - service_
annotations Mapping[str, str] - Optional additional annotations to add to the webhook service
- service_
labels Mapping[str, str] - Optional additional labels to add to the Webhook Service
- service_
type str - Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.
- strategy
pulumi_
kubernetes.apps.v1. Deployment Strategy Args - This type is defined in the Kubernetes package.
- timeout_
seconds int - tolerations
Sequence[pulumi_
kubernetes.core.v1. Toleration Args] - url
Cert
Manager Webhook URL - Overrides the mutating webhook and validating webhook so they reach the webhook service using the
urlfield instead of a service. - validating_
webhook_ Mapping[str, str]configuration_ annotations - Optional additional annotations to add to the webhook ValidatingWebhookConfiguration
- affinity Property Map
- This type is defined in the Kubernetes package.
- container
Security Property MapContext - Container Security Context to be set on the webhook component container. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- deployment
Annotations Map<String> - Optional additional annotations to add to the webhook Deployment
- extra
Args List<String> - Optional additional arguments for webhook
- host
Network Boolean - Specifies if the webhook should be started in hostNetwork mode. Required for use in some managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working Since the default port for the webhook conflicts with kubelet on the host network,
webhook.securePortshould be changed to an available port if running in hostNetwork mode. - image Property Map
- liveness
Probe Property Map - Liveness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- load
Balancer StringIP - mutating
Webhook Map<String>Configuration Annotations - Optional additional annotations to add to the webhook MutatingWebhookConfiguration
- node
Selector Map<String> - pod
Annotations Map<String> - Optional additional annotations to add to the webhook Pods
- pod
Labels Map<String> - Optional additional labels to add to the Webhook Pods
- readiness
Probe Property Map - Readiness probe values. Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes This type is defined in the Kubernetes package.
- replica
Count Number - resources Property Map
- This type is defined in the Kubernetes package.
- secure
Port Number - The port that the webhook should listen on for requests. In GKE private clusters, by default kubernetes apiservers are allowed to talk to the cluster nodes only on 443 and 10250. so configuring securePort: 10250, will work out of the box without needing to add firewall rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000
- security
Context Property Map - Pod Security Context to be set on the webhook component Pod. ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ This type is defined in the Kubernetes package.
- service
Account Property Map - service
Annotations Map<String> - Optional additional annotations to add to the webhook service
- service
Labels Map<String> - Optional additional labels to add to the Webhook Service
- service
Type String - Specifies how the service should be handled. Useful if you want to expose the webhook to outside of the cluster. In some cases, the control plane cannot reach internal services.
- strategy Property Map
- This type is defined in the Kubernetes package.
- timeout
Seconds Number - tolerations List<Property Map>
- url Property Map
- Overrides the mutating webhook and validating webhook so they reach the webhook service using the
urlfield instead of a service. - validating
Webhook Map<String>Configuration Annotations - Optional additional annotations to add to the webhook ValidatingWebhookConfiguration
CertManagerWebhookURL, CertManagerWebhookURLArgs
- Host string
- Host string
- host String
- host string
- host str
- host String
Release, ReleaseArgs
- Atomic bool
- If set, installation process purges chart on fail.
skipAwaitwill be disabled automatically if atomic is used. - Chart string
- Chart name to be installed. A path may be used.
- Cleanup
On boolFail - Allow deletion of new resources created in this upgrade when upgrade fails.
- Create
Namespace bool - Create the namespace if it does not exist.
- Dependency
Update bool - Run helm dependency update before installing the chart.
- Description string
- Add a custom description
- Devel bool
- Use chart development versions, too. Equivalent to version '>0.0.0-0'. If
versionis set, this is ignored. - Disable
CRDHooks bool - Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook
- Disable
Openapi boolValidation - If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
- Disable
Webhooks bool - Prevent hooks from running.
- Force
Update bool - Force resource update through delete/recreate if needed.
- Keyring string
- Location of public keys used for verification. Used only if
verifyis true - Lint bool
- Run helm lint when planning.
- Manifest Dictionary<string, object>
- The rendered manifests as JSON. Not yet supported.
- Max
History int - Limit the maximum number of revisions saved per release. Use 0 for no limit.
- Name string
- Release name.
- Namespace string
- Namespace to install the release into.
- Postrender string
- Postrender command to run.
- Recreate
Pods bool - Perform pods restart during upgrade/rollback.
- Render
Subchart boolNotes - If set, render subchart notes along with the parent.
- Replace bool
- Re-use the given name, even if that name is already used. This is unsafe in production
- Repository
Opts Pulumi.Kubernetes Cert Manager. Inputs. Repository Opts - Specification defining the Helm chart repository to use.
- Reset
Values bool - When upgrading, reset the values to the ones built into the chart.
- Resource
Names Dictionary<string, ImmutableArray<string>> - Names of resources created by the release grouped by "kind/version".
- Reuse
Values bool - When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored
- Skip
Await bool - By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.
- Skip
Crds bool - If set, no CRDs will be installed. By default, CRDs are installed if not already present.
- Timeout int
- Time in seconds to wait for any individual kubernetes operation.
- Value
Yaml List<AssetFiles Or Archive> - List of assets (raw yaml files). Content is read and merged with values. Not yet supported.
- Values Dictionary<string, object>
- Custom values set for the release.
- Verify bool
- Verify the package before installing it.
- Version string
- Specify the exact chart version to install. If this is not specified, the latest version is installed.
- Wait
For boolJobs - Will wait until all Jobs have been completed before marking the release as successful. This is ignored if
skipAwaitis enabled.
- Atomic bool
- If set, installation process purges chart on fail.
skipAwaitwill be disabled automatically if atomic is used. - Chart string
- Chart name to be installed. A path may be used.
- Cleanup
On boolFail - Allow deletion of new resources created in this upgrade when upgrade fails.
- Create
Namespace bool - Create the namespace if it does not exist.
- Dependency
Update bool - Run helm dependency update before installing the chart.
- Description string
- Add a custom description
- Devel bool
- Use chart development versions, too. Equivalent to version '>0.0.0-0'. If
versionis set, this is ignored. - Disable
CRDHooks bool - Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook
- Disable
Openapi boolValidation - If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
- Disable
Webhooks bool - Prevent hooks from running.
- Force
Update bool - Force resource update through delete/recreate if needed.
- Keyring string
- Location of public keys used for verification. Used only if
verifyis true - Lint bool
- Run helm lint when planning.
- Manifest map[string]interface{}
- The rendered manifests as JSON. Not yet supported.
- Max
History int - Limit the maximum number of revisions saved per release. Use 0 for no limit.
- Name string
- Release name.
- Namespace string
- Namespace to install the release into.
- Postrender string
- Postrender command to run.
- Recreate
Pods bool - Perform pods restart during upgrade/rollback.
- Render
Subchart boolNotes - If set, render subchart notes along with the parent.
- Replace bool
- Re-use the given name, even if that name is already used. This is unsafe in production
- Repository
Opts RepositoryOpts - Specification defining the Helm chart repository to use.
- Reset
Values bool - When upgrading, reset the values to the ones built into the chart.
- Resource
Names map[string][]string - Names of resources created by the release grouped by "kind/version".
- Reuse
Values bool - When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored
- Skip
Await bool - By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.
- Skip
Crds bool - If set, no CRDs will be installed. By default, CRDs are installed if not already present.
- Timeout int
- Time in seconds to wait for any individual kubernetes operation.
- Value
Yaml AssetFiles Or Archive - List of assets (raw yaml files). Content is read and merged with values. Not yet supported.
- Values map[string]interface{}
- Custom values set for the release.
- Verify bool
- Verify the package before installing it.
- Version string
- Specify the exact chart version to install. If this is not specified, the latest version is installed.
- Wait
For boolJobs - Will wait until all Jobs have been completed before marking the release as successful. This is ignored if
skipAwaitis enabled.
- atomic Boolean
- If set, installation process purges chart on fail.
skipAwaitwill be disabled automatically if atomic is used. - chart String
- Chart name to be installed. A path may be used.
- cleanup
On BooleanFail - Allow deletion of new resources created in this upgrade when upgrade fails.
- create
Namespace Boolean - Create the namespace if it does not exist.
- dependency
Update Boolean - Run helm dependency update before installing the chart.
- description String
- Add a custom description
- devel Boolean
- Use chart development versions, too. Equivalent to version '>0.0.0-0'. If
versionis set, this is ignored. - disable
CRDHooks Boolean - Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook
- disable
Openapi BooleanValidation - If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
- disable
Webhooks Boolean - Prevent hooks from running.
- force
Update Boolean - Force resource update through delete/recreate if needed.
- keyring String
- Location of public keys used for verification. Used only if
verifyis true - lint Boolean
- Run helm lint when planning.
- manifest Map<String,Object>
- The rendered manifests as JSON. Not yet supported.
- max
History Integer - Limit the maximum number of revisions saved per release. Use 0 for no limit.
- name String
- Release name.
- namespace String
- Namespace to install the release into.
- postrender String
- Postrender command to run.
- recreate
Pods Boolean - Perform pods restart during upgrade/rollback.
- render
Subchart BooleanNotes - If set, render subchart notes along with the parent.
- replace Boolean
- Re-use the given name, even if that name is already used. This is unsafe in production
- repository
Opts RepositoryOpts - Specification defining the Helm chart repository to use.
- reset
Values Boolean - When upgrading, reset the values to the ones built into the chart.
- resource
Names Map<String,List<String>> - Names of resources created by the release grouped by "kind/version".
- reuse
Values Boolean - When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored
- skip
Await Boolean - By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.
- skip
Crds Boolean - If set, no CRDs will be installed. By default, CRDs are installed if not already present.
- timeout Integer
- Time in seconds to wait for any individual kubernetes operation.
- value
Yaml List<AssetFiles Or Archive> - List of assets (raw yaml files). Content is read and merged with values. Not yet supported.
- values Map<String,Object>
- Custom values set for the release.
- verify Boolean
- Verify the package before installing it.
- version String
- Specify the exact chart version to install. If this is not specified, the latest version is installed.
- wait
For BooleanJobs - Will wait until all Jobs have been completed before marking the release as successful. This is ignored if
skipAwaitis enabled.
- atomic boolean
- If set, installation process purges chart on fail.
skipAwaitwill be disabled automatically if atomic is used. - chart string
- Chart name to be installed. A path may be used.
- cleanup
On booleanFail - Allow deletion of new resources created in this upgrade when upgrade fails.
- create
Namespace boolean - Create the namespace if it does not exist.
- dependency
Update boolean - Run helm dependency update before installing the chart.
- description string
- Add a custom description
- devel boolean
- Use chart development versions, too. Equivalent to version '>0.0.0-0'. If
versionis set, this is ignored. - disable
CRDHooks boolean - Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook
- disable
Openapi booleanValidation - If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
- disable
Webhooks boolean - Prevent hooks from running.
- force
Update boolean - Force resource update through delete/recreate if needed.
- keyring string
- Location of public keys used for verification. Used only if
verifyis true - lint boolean
- Run helm lint when planning.
- manifest {[key: string]: any}
- The rendered manifests as JSON. Not yet supported.
- max
History number - Limit the maximum number of revisions saved per release. Use 0 for no limit.
- name string
- Release name.
- namespace string
- Namespace to install the release into.
- postrender string
- Postrender command to run.
- recreate
Pods boolean - Perform pods restart during upgrade/rollback.
- render
Subchart booleanNotes - If set, render subchart notes along with the parent.
- replace boolean
- Re-use the given name, even if that name is already used. This is unsafe in production
- repository
Opts RepositoryOpts - Specification defining the Helm chart repository to use.
- reset
Values boolean - When upgrading, reset the values to the ones built into the chart.
- resource
Names {[key: string]: string[]} - Names of resources created by the release grouped by "kind/version".
- reuse
Values boolean - When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored
- skip
Await boolean - By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.
- skip
Crds boolean - If set, no CRDs will be installed. By default, CRDs are installed if not already present.
- timeout number
- Time in seconds to wait for any individual kubernetes operation.
- value
Yaml (pulumiassetFiles Asset | pulumiasset Archive)[] - List of assets (raw yaml files). Content is read and merged with values. Not yet supported.
- values {[key: string]: any}
- Custom values set for the release.
- verify boolean
- Verify the package before installing it.
- version string
- Specify the exact chart version to install. If this is not specified, the latest version is installed.
- wait
For booleanJobs - Will wait until all Jobs have been completed before marking the release as successful. This is ignored if
skipAwaitis enabled.
- atomic bool
- If set, installation process purges chart on fail.
skipAwaitwill be disabled automatically if atomic is used. - chart str
- Chart name to be installed. A path may be used.
- cleanup_
on_ boolfail - Allow deletion of new resources created in this upgrade when upgrade fails.
- create_
namespace bool - Create the namespace if it does not exist.
- dependency_
update bool - Run helm dependency update before installing the chart.
- description str
- Add a custom description
- devel bool
- Use chart development versions, too. Equivalent to version '>0.0.0-0'. If
versionis set, this is ignored. - disable_
crd_ boolhooks - Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook
- disable_
openapi_ boolvalidation - If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
- disable_
webhooks bool - Prevent hooks from running.
- force_
update bool - Force resource update through delete/recreate if needed.
- keyring str
- Location of public keys used for verification. Used only if
verifyis true - lint bool
- Run helm lint when planning.
- manifest Mapping[str, Any]
- The rendered manifests as JSON. Not yet supported.
- max_
history int - Limit the maximum number of revisions saved per release. Use 0 for no limit.
- name str
- Release name.
- namespace str
- Namespace to install the release into.
- postrender str
- Postrender command to run.
- recreate_
pods bool - Perform pods restart during upgrade/rollback.
- render_
subchart_ boolnotes - If set, render subchart notes along with the parent.
- replace bool
- Re-use the given name, even if that name is already used. This is unsafe in production
- repository_
opts RepositoryOpts - Specification defining the Helm chart repository to use.
- reset_
values bool - When upgrading, reset the values to the ones built into the chart.
- resource_
names Mapping[str, Sequence[str]] - Names of resources created by the release grouped by "kind/version".
- reuse_
values bool - When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored
- skip_
await bool - By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.
- skip_
crds bool - If set, no CRDs will be installed. By default, CRDs are installed if not already present.
- timeout int
- Time in seconds to wait for any individual kubernetes operation.
- value_
yaml_ Sequence[Union[pulumi.files Asset, pulumi. Archive]] - List of assets (raw yaml files). Content is read and merged with values. Not yet supported.
- values Mapping[str, Any]
- Custom values set for the release.
- verify bool
- Verify the package before installing it.
- version str
- Specify the exact chart version to install. If this is not specified, the latest version is installed.
- wait_
for_ booljobs - Will wait until all Jobs have been completed before marking the release as successful. This is ignored if
skipAwaitis enabled.
- atomic Boolean
- If set, installation process purges chart on fail.
skipAwaitwill be disabled automatically if atomic is used. - chart String
- Chart name to be installed. A path may be used.
- cleanup
On BooleanFail - Allow deletion of new resources created in this upgrade when upgrade fails.
- create
Namespace Boolean - Create the namespace if it does not exist.
- dependency
Update Boolean - Run helm dependency update before installing the chart.
- description String
- Add a custom description
- devel Boolean
- Use chart development versions, too. Equivalent to version '>0.0.0-0'. If
versionis set, this is ignored. - disable
CRDHooks Boolean - Prevent CRD hooks from, running, but run other hooks. See helm install --no-crd-hook
- disable
Openapi BooleanValidation - If set, the installation process will not validate rendered templates against the Kubernetes OpenAPI Schema
- disable
Webhooks Boolean - Prevent hooks from running.
- force
Update Boolean - Force resource update through delete/recreate if needed.
- keyring String
- Location of public keys used for verification. Used only if
verifyis true - lint Boolean
- Run helm lint when planning.
- manifest Map<Any>
- The rendered manifests as JSON. Not yet supported.
- max
History Number - Limit the maximum number of revisions saved per release. Use 0 for no limit.
- name String
- Release name.
- namespace String
- Namespace to install the release into.
- postrender String
- Postrender command to run.
- recreate
Pods Boolean - Perform pods restart during upgrade/rollback.
- render
Subchart BooleanNotes - If set, render subchart notes along with the parent.
- replace Boolean
- Re-use the given name, even if that name is already used. This is unsafe in production
- repository
Opts Property Map - Specification defining the Helm chart repository to use.
- reset
Values Boolean - When upgrading, reset the values to the ones built into the chart.
- resource
Names Map<List<String>> - Names of resources created by the release grouped by "kind/version".
- reuse
Values Boolean - When upgrading, reuse the last release's values and merge in any overrides. If 'resetValues' is specified, this is ignored
- skip
Await Boolean - By default, the provider waits until all resources are in a ready state before marking the release as successful. Setting this to true will skip such await logic.
- skip
Crds Boolean - If set, no CRDs will be installed. By default, CRDs are installed if not already present.
- timeout Number
- Time in seconds to wait for any individual kubernetes operation.
- value
Yaml List<Asset>Files - List of assets (raw yaml files). Content is read and merged with values. Not yet supported.
- values Map<Any>
- Custom values set for the release.
- verify Boolean
- Verify the package before installing it.
- version String
- Specify the exact chart version to install. If this is not specified, the latest version is installed.
- wait
For BooleanJobs - Will wait until all Jobs have been completed before marking the release as successful. This is ignored if
skipAwaitis enabled.
ReleaseStatus, ReleaseStatusArgs
- App
Version string - The version number of the application being deployed.
- Chart string
- The name of the chart.
- Name string
- Name is the name of the release.
- Namespace string
- Namespace is the kubernetes namespace of the release.
- Revision int
- Version is an int32 which represents the version of the release.
- Status string
- Status of the release.
- Version string
- A SemVer 2 conformant version string of the chart.
- App
Version string - The version number of the application being deployed.
- Chart string
- The name of the chart.
- Name string
- Name is the name of the release.
- Namespace string
- Namespace is the kubernetes namespace of the release.
- Revision int
- Version is an int32 which represents the version of the release.
- Status string
- Status of the release.
- Version string
- A SemVer 2 conformant version string of the chart.
- app
Version String - The version number of the application being deployed.
- chart String
- The name of the chart.
- name String
- Name is the name of the release.
- namespace String
- Namespace is the kubernetes namespace of the release.
- revision Integer
- Version is an int32 which represents the version of the release.
- status String
- Status of the release.
- version String
- A SemVer 2 conformant version string of the chart.
- app
Version string - The version number of the application being deployed.
- chart string
- The name of the chart.
- name string
- Name is the name of the release.
- namespace string
- Namespace is the kubernetes namespace of the release.
- revision number
- Version is an int32 which represents the version of the release.
- status string
- Status of the release.
- version string
- A SemVer 2 conformant version string of the chart.
- app_
version str - The version number of the application being deployed.
- chart str
- The name of the chart.
- name str
- Name is the name of the release.
- namespace str
- Namespace is the kubernetes namespace of the release.
- revision int
- Version is an int32 which represents the version of the release.
- status str
- Status of the release.
- version str
- A SemVer 2 conformant version string of the chart.
- app
Version String - The version number of the application being deployed.
- chart String
- The name of the chart.
- name String
- Name is the name of the release.
- namespace String
- Namespace is the kubernetes namespace of the release.
- revision Number
- Version is an int32 which represents the version of the release.
- status String
- Status of the release.
- version String
- A SemVer 2 conformant version string of the chart.
RepositoryOpts, RepositoryOptsArgs
- Ca
File string - The Repository's CA File
- Cert
File string - The repository's cert file
- Key
File string - The repository's cert key file
- Password string
- Password for HTTP basic authentication
- Repo string
- Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.
- Username string
- Username for HTTP basic authentication
- Ca
File string - The Repository's CA File
- Cert
File string - The repository's cert file
- Key
File string - The repository's cert key file
- Password string
- Password for HTTP basic authentication
- Repo string
- Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.
- Username string
- Username for HTTP basic authentication
- ca
File String - The Repository's CA File
- cert
File String - The repository's cert file
- key
File String - The repository's cert key file
- password String
- Password for HTTP basic authentication
- repo String
- Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.
- username String
- Username for HTTP basic authentication
- ca
File string - The Repository's CA File
- cert
File string - The repository's cert file
- key
File string - The repository's cert key file
- password string
- Password for HTTP basic authentication
- repo string
- Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.
- username string
- Username for HTTP basic authentication
- ca_
file str - The Repository's CA File
- cert_
file str - The repository's cert file
- key_
file str - The repository's cert key file
- password str
- Password for HTTP basic authentication
- repo str
- Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.
- username str
- Username for HTTP basic authentication
- ca
File String - The Repository's CA File
- cert
File String - The repository's cert file
- key
File String - The repository's cert key file
- password String
- Password for HTTP basic authentication
- repo String
- Repository where to locate the requested chart. If is a URL the chart is installed without installing the repository.
- username String
- Username for HTTP basic authentication
Package Details
- Repository
- Jetstack Cert Manager (Helm)
- License
Kubernetes Cert Manager v0.0.5 published on Wednesday, Nov 23, 2022 by Pulumi