Sync kubex charts from automation-controller main @ 60e9c5d #112
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,247 @@ | ||
| --- | ||
| apiVersion: apiextensions.k8s.io/v1 | ||
| kind: CustomResourceDefinition | ||
| metadata: | ||
| annotations: | ||
| controller-gen.kubebuilder.io/version: v0.19.0 | ||
| name: podaffinities.rightsizing.kubex.ai | ||
| spec: | ||
| group: rightsizing.kubex.ai | ||
| names: | ||
| kind: PodAffinity | ||
| listKind: PodAffinityList | ||
| plural: podaffinities | ||
| singular: podaffinity | ||
| scope: Cluster | ||
| versions: | ||
| - name: v1alpha1 | ||
| schema: | ||
| openAPIV3Schema: | ||
| description: PodAffinity is the Schema for the podaffinities API. | ||
| properties: | ||
| apiVersion: | ||
| description: |- | ||
| APIVersion defines the versioned schema of this representation of an object. | ||
| Servers should convert recognized schemas to the latest internal value, and | ||
| may reject unrecognized values. | ||
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources | ||
| type: string | ||
| kind: | ||
| description: |- | ||
| Kind is a string value representing the REST resource this object represents. | ||
| Servers may infer this from the endpoint the client submits requests to. | ||
| Cannot be updated. | ||
| In CamelCase. | ||
| More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds | ||
| type: string | ||
| metadata: | ||
| type: object | ||
| spec: | ||
| description: spec defines the desired state of PodAffinity | ||
| properties: | ||
| affinity: | ||
| description: affinity describes the preferred node affinity to inject | ||
| at pod admission time. | ||
| properties: | ||
| nodes: | ||
| description: nodes lists hostname label values to prefer on replacement | ||
| pods. | ||
| items: | ||
| type: string | ||
| minItems: 1 | ||
| type: array | ||
| required: | ||
| - nodes | ||
| type: object | ||
| scope: | ||
| description: scope narrows the workloads and namespaces this policy | ||
| applies to. | ||
| properties: | ||
| labelSelector: | ||
| description: labelSelector limits the workload objects (e.g., | ||
| Deployments, CronJobs) this policy applies to. | ||
| properties: | ||
| matchExpressions: | ||
| description: matchExpressions is a list of label selector | ||
| requirements. The requirements are ANDed. | ||
| items: | ||
| description: |- | ||
| A label selector requirement is a selector that contains values, a key, and an operator that | ||
| relates the key and values. | ||
| properties: | ||
| key: | ||
| description: key is the label key that the selector | ||
| applies to. | ||
| type: string | ||
| operator: | ||
| description: |- | ||
| operator represents a key's relationship to a set of values. | ||
| Valid operators are In, NotIn, Exists and DoesNotExist. | ||
| type: string | ||
| values: | ||
| description: |- | ||
| values is an array of string values. If the operator is In or NotIn, | ||
| the values array must be non-empty. If the operator is Exists or DoesNotExist, | ||
| the values array must be empty. This array is replaced during a strategic | ||
| merge patch. | ||
| items: | ||
| type: string | ||
| type: array | ||
| x-kubernetes-list-type: atomic | ||
| required: | ||
| - key | ||
| - operator | ||
| type: object | ||
| type: array | ||
| x-kubernetes-list-type: atomic | ||
| matchLabels: | ||
| additionalProperties: | ||
| type: string | ||
| description: |- | ||
| matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels | ||
| map is equivalent to an element of matchExpressions, whose key field is "key", the | ||
| operator is "In", and the values array contains only "value". The requirements are ANDed. | ||
| type: object | ||
| type: object | ||
| x-kubernetes-map-type: atomic | ||
| namespaceSelector: | ||
| description: namespaceSelector restricts the namespaces this policy | ||
| applies to. | ||
| properties: | ||
| operator: | ||
| description: operator determines how the listed values are | ||
| evaluated. | ||
| enum: | ||
| - In | ||
| - NotIn | ||
| type: string | ||
| values: | ||
| description: values contains the namespace name patterns to | ||
| match. | ||
| items: | ||
| type: string | ||
| minItems: 1 | ||
| type: array | ||
| required: | ||
| - operator | ||
| - values | ||
| type: object | ||
| workloadTypes: | ||
| default: | ||
| - Deployment | ||
| - StatefulSet | ||
| - CronJob | ||
| - Rollout | ||
| - Job | ||
| - AnalysisRun | ||
| - DaemonSet | ||
| description: workloadTypes limits the workload kinds this policy | ||
| applies to. When omitted, all supported workload types are targeted. | ||
| items: | ||
| description: WorkloadType enumerates the workload kinds a policy | ||
| can target. | ||
| enum: | ||
| - Deployment | ||
| - StatefulSet | ||
| - DaemonSet | ||
| - CronJob | ||
| - Rollout | ||
| - Job | ||
| - AnalysisRun | ||
| type: string | ||
| type: array | ||
| required: | ||
| - namespaceSelector | ||
|
Contributor
Author
There was a problem hiding this comment. CONTENT OF THIS REVIEW IS AI GENERATED [Severity: Minor] [Confidence: High] Issue: Why it matters: Users creating a truly cluster-wide PodAffinity policy must still supply a Suggested fix: Either add an explanatory description clarifying that |
||
| type: object | ||
| weight: | ||
| default: 0 | ||
| description: |- | ||
| weight determines which policy wins when multiple PodAffinity policies match. | ||
| Higher weights take precedence. When weights are equal, older policies win. | ||
| format: int32 | ||
| minimum: 0 | ||
|
Contributor
Author
There was a problem hiding this comment. CONTENT OF THIS REVIEW IS AI GENERATED [Severity: Minor] [Confidence: Medium] Issue: Why it matters: Without an upper bound, a user could set an arbitrarily large value (e.g. Suggested fix: Add a minimum: 0
maximum: 1000 |
||
| type: integer | ||
| required: | ||
| - affinity | ||
| - scope | ||
| type: object | ||
| status: | ||
| description: status defines the observed state of PodAffinity | ||
| properties: | ||
| conditions: | ||
| description: |- | ||
| conditions represent the current state of the StaticPolicy resource. | ||
|
Contributor
Author
There was a problem hiding this comment. CONTENT OF THIS REVIEW IS AI GENERATED [Severity: Major] [Confidence: High] Issue: Copy-paste error — Why it matters: This is the machine-readable description surfaced by Suggested fix: |
||
| Each condition has a unique type and reflects the status of a specific aspect of the resource. | ||
|
|
||
| Standard condition types include: | ||
| - "Available": the resource is fully functional | ||
| - "Progressing": the resource is being created or updated | ||
| - "Degraded": the resource failed to reach or maintain its desired state | ||
|
|
||
| The status of each condition is one of True, False, or Unknown. | ||
| items: | ||
| description: Condition contains details for one aspect of the current | ||
| state of this API Resource. | ||
| properties: | ||
| lastTransitionTime: | ||
| description: |- | ||
| lastTransitionTime is the last time the condition transitioned from one status to another. | ||
| This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. | ||
| format: date-time | ||
| type: string | ||
| message: | ||
| description: |- | ||
| message is a human readable message indicating details about the transition. | ||
| This may be an empty string. | ||
| maxLength: 32768 | ||
| type: string | ||
| observedGeneration: | ||
| description: |- | ||
| observedGeneration represents the .metadata.generation that the condition was set based upon. | ||
| For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date | ||
| with respect to the current state of the instance. | ||
| format: int64 | ||
| minimum: 0 | ||
| type: integer | ||
| reason: | ||
| description: |- | ||
| reason contains a programmatic identifier indicating the reason for the condition's last transition. | ||
| Producers of specific condition types may define expected values and meanings for this field, | ||
| and whether the values are considered a guaranteed API. | ||
| The value should be a CamelCase string. | ||
| This field may not be empty. | ||
| maxLength: 1024 | ||
| minLength: 1 | ||
| pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ | ||
| type: string | ||
| status: | ||
| description: status of the condition, one of True, False, Unknown. | ||
| enum: | ||
| - "True" | ||
| - "False" | ||
| - Unknown | ||
| type: string | ||
| type: | ||
| description: type of condition in CamelCase or in foo.example.com/CamelCase. | ||
| maxLength: 316 | ||
| pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ | ||
| type: string | ||
| required: | ||
| - lastTransitionTime | ||
| - message | ||
| - reason | ||
| - status | ||
| - type | ||
| type: object | ||
| type: array | ||
| x-kubernetes-list-map-keys: | ||
| - type | ||
| x-kubernetes-list-type: map | ||
| type: object | ||
| required: | ||
| - spec | ||
| type: object | ||
| served: true | ||
| storage: true | ||
| subresources: | ||
| status: {} | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
CONTENT OF THIS REVIEW IS AI GENERATED
[Severity: Major] [Confidence: High]
Issue: The CRD
kind: PodAffinity(in therightsizing.kubex.aigroup) shadows the well-known core Kubernetes typePodAffinityused insidepod.spec.affinity.Why it matters: Many Kubernetes tools, admission webhooks, RBAC policy engines, and documentation generators match on
Kindalone. This naming collision can cause confusion in audit logs, RBAC policies, and operator tooling. It also makes code and manifests harder to reason about since readers must always qualify the group to distinguish the two.Suggested fix: Consider a disambiguating name such as
NodeAffinityPolicy,WorkloadAffinityPolicy, orPodAffinityPolicythat clearly belongs to therightsizing.kubex.aidomain and does not clash with the built-in type.