Build configures the behavior of OpenShift builds for the entire cluster. This includes default settings that can be overridden in BuildConfig objects, and overrides which are applied to all builds. The canonical name is "cluster"
object
spec
Property | Type | Description |
---|---|---|
|
|
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
|
|
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
|
Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata |
|
|
|
Spec holds user-settable values for the build controller configuration |
Spec holds user-settable values for the build controller configuration
object
Property | Type | Description |
---|---|---|
|
|
AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted for image pushes and pulls during builds. The namespace for this config map is openshift-config. DEPRECATED: Additional CAs for image pull and push should be set on image.config.openshift.io/cluster instead. |
|
|
BuildDefaults controls the default information for Builds |
|
|
BuildOverrides controls override settings for builds |
AdditionalTrustedCA is a reference to a ConfigMap containing additional CAs that should be trusted for image pushes and pulls during builds. The namespace for this config map is openshift-config. DEPRECATED: Additional CAs for image pull and push should be set on image.config.openshift.io/cluster instead.
object
name
Property | Type | Description |
---|---|---|
|
|
name is the metadata.name of the referenced config map |
BuildDefaults controls the default information for Builds
object
Property | Type | Description |
---|---|---|
|
|
DefaultProxy contains the default proxy settings for all build operations, including image pull/push and source download.
Values can be overrode by setting the |
|
|
Env is a set of default environment variables that will be applied to the build if the specified variables do not exist on the build |
|
|
EnvVar represents an environment variable present in a Container. |
|
|
GitProxy contains the proxy settings for git operations only. If set, this will override any Proxy settings for all git commands, such as git clone. Values that are not set here will be inherited from DefaultProxy. |
|
|
ImageLabels is a list of docker labels that are applied to the resulting image. User can override a default label by providing a label with the same name in their Build/BuildConfig. |
|
|
|
|
|
Resources defines resource requirements to execute the build. |
DefaultProxy contains the default proxy settings for all build operations, including image pull/push and source download. Values can be overrode by setting the `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` environment variables in the build config's strategy.
object
Property | Type | Description |
---|---|---|
|
|
httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var. |
|
|
httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var. |
|
|
noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var. |
|
|
readinessEndpoints is a list of endpoints used to verify readiness of the proxy. |
|
|
trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key "ca-bundle.crt", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN certificate----- Custom CA certificate bundle. -----END certificate----- |
trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key "ca-bundle.crt", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: \| -----BEGIN certificate----- Custom CA certificate bundle. -----END certificate-----
object
name
Property | Type | Description |
---|---|---|
|
|
name is the metadata.name of the referenced config map |
Env is a set of default environment variables that will be applied to the build if the specified variables do not exist on the build
array
EnvVar represents an environment variable present in a Container.
object
name
Property | Type | Description |
---|---|---|
|
|
Name of the environment variable. Must be a C_IDENTIFIER. |
|
|
Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double , ie: (VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". |
|
|
Source for the environment variable’s value. Cannot be used if value is not empty. |
Source for the environment variable's value. Cannot be used if value is not empty.
object
Property | Type | Description |
---|---|---|
|
|
Selects a key of a ConfigMap. |
|
|
Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. |
|
|
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. |
|
|
Selects a key of a secret in the pod’s namespace |
Selects a key of a ConfigMap.
object
key
Property | Type | Description |
---|---|---|
|
|
The key to select. |
|
|
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? |
|
|
Specify whether the ConfigMap or its key must be defined |
Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels, metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
object
fieldPath
Property | Type | Description |
---|---|---|
|
|
Version of the schema the FieldPath is written in terms of, defaults to "v1". |
|
|
Path of the field to select in the specified API version. |
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
object
resource
Property | Type | Description |
---|---|---|
|
|
Container name: required for volumes, optional for env vars |
|
|
Specifies the output format of the exposed resources, defaults to "1" |
|
|
Required: resource to select |
Selects a key of a secret in the pod's namespace
object
key
Property | Type | Description |
---|---|---|
|
|
The key of the secret to select from. Must be a valid secret key. |
|
|
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? |
|
|
Specify whether the Secret or its key must be defined |
GitProxy contains the proxy settings for git operations only. If set, this will override any Proxy settings for all git commands, such as git clone. Values that are not set here will be inherited from DefaultProxy.
object
Property | Type | Description |
---|---|---|
|
|
httpProxy is the URL of the proxy for HTTP requests. Empty means unset and will not result in an env var. |
|
|
httpsProxy is the URL of the proxy for HTTPS requests. Empty means unset and will not result in an env var. |
|
|
noProxy is a comma-separated list of hostnames and/or CIDRs for which the proxy should not be used. Empty means unset and will not result in an env var. |
|
|
readinessEndpoints is a list of endpoints used to verify readiness of the proxy. |
|
|
trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key "ca-bundle.crt", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: | -----BEGIN certificate----- Custom CA certificate bundle. -----END certificate----- |
trustedCA is a reference to a ConfigMap containing a CA certificate bundle. The trustedCA field should only be consumed by a proxy validator. The validator is responsible for reading the certificate bundle from the required key "ca-bundle.crt", merging it with the system default trust bundle, and writing the merged trust bundle to a ConfigMap named "trusted-ca-bundle" in the "openshift-config-managed" namespace. Clients that expect to make proxy connections must use the trusted-ca-bundle for all HTTPS requests to the proxy, and may use the trusted-ca-bundle for non-proxy HTTPS requests as well. The namespace for the ConfigMap referenced by trustedCA is "openshift-config". Here is an example ConfigMap (in yaml): apiVersion: v1 kind: ConfigMap metadata: name: user-ca-bundle namespace: openshift-config data: ca-bundle.crt: \| -----BEGIN certificate----- Custom CA certificate bundle. -----END certificate-----
object
name
Property | Type | Description |
---|---|---|
|
|
name is the metadata.name of the referenced config map |
ImageLabels is a list of docker labels that are applied to the resulting image. User can override a default label by providing a label with the same name in their Build/BuildConfig.
array
object
Property | Type | Description |
---|---|---|
|
|
Name defines the name of the label. It must have non-zero length. |
|
|
Value defines the literal value of the label. |
Resources defines resource requirements to execute the build.
object
Property | Type | Description |
---|---|---|
|
|
Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ |
|
|
Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ |
BuildOverrides controls override settings for builds
object
Property | Type | Description |
---|---|---|
|
|
ImageLabels is a list of docker labels that are applied to the resulting image. If user provided a label in their Build/BuildConfig with the same name as one in this list, the user’s label will be overwritten. |
|
|
|
|
|
NodeSelector is a selector which must be true for the build pod to fit on a node |
|
|
Tolerations is a list of Tolerations that will override any existing tolerations set on a build pod. |
|
|
The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>. |
ImageLabels is a list of docker labels that are applied to the resulting image. If user provided a label in their Build/BuildConfig with the same name as one in this list, the user's label will be overwritten.
array
object
Property | Type | Description |
---|---|---|
|
|
Name defines the name of the label. It must have non-zero length. |
|
|
Value defines the literal value of the label. |
Tolerations is a list of Tolerations that will override any existing tolerations set on a build pod.
array
The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
object
Property | Type | Description |
---|---|---|
|
|
Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. |
|
|
Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. |
|
|
Operator represents a key’s relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. |
|
|
TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. |
|
|
Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. |
The following API endpoints are available:
/apis/config.openshift.io/v1/builds
DELETE
: delete collection of Build
GET
: list objects of kind Build
POST
: create a Build
/apis/config.openshift.io/v1/builds/{name}
DELETE
: delete a Build
GET
: read the specified Build
PATCH
: partially update the specified Build
PUT
: replace the specified Build
/apis/config.openshift.io/v1/builds/{name}/status
GET
: read status of the specified Build
PATCH
: partially update status of the specified Build
PUT
: replace status of the specified Build
Parameter | Type | Description |
---|---|---|
|
|
If 'true', then the output is pretty printed. |
DELETE
delete collection of Build
Parameter | Type | Description |
---|---|---|
|
|
allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. |
|
|
The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. |
|
|
A selector to restrict the list of returned objects by their fields. Defaults to everything. |
|
|
A selector to restrict the list of returned objects by their labels. Defaults to everything. |
|
|
limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. |
|
|
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. |
|
|
Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. |
|
|
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. |
HTTP code | Reponse body |
---|---|
200 - OK |
|
401 - Unauthorized |
Empty |
GET
list objects of kind Build
Parameter | Type | Description |
---|---|---|
|
|
allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. If the feature gate WatchBookmarks is not enabled in apiserver, this field is ignored. |
|
|
The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. |
|
|
A selector to restrict the list of returned objects by their fields. Defaults to everything. |
|
|
A selector to restrict the list of returned objects by their labels. Defaults to everything. |
|
|
limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are available. Servers may choose not to support the limit argument and will return all of the available results. If limit is specified and the continue field is empty, clients may assume that no more results are available. This field is not supported if watch is true. The server guarantees that the objects returned when using continue will be identical to issuing a single list call without a limit - that is, no objects created, modified, or deleted after the first request is issued will be included in any subsequent continued requests. This is sometimes referred to as a consistent snapshot, and ensures that a client that is using limit to receive smaller chunks of a very large result can ensure they see all possible objects. If objects are updated during a chunked list the version of the object that was present at the time the first list result was calculated is returned. |
|
|
When specified with a watch call, shows changes that occur after that particular version of a resource. Defaults to changes from the beginning of history. When specified for list: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. |
|
|
Timeout for the list/watch call. This limits the duration of the call, regardless of any activity or inactivity. |
|
|
Watch for changes to the described resources and return them as a stream of add, update, and remove notifications. Specify resourceVersion. |
HTTP code | Reponse body |
---|---|
200 - OK |
|
401 - Unauthorized |
Empty |
POST
create a Build
Parameter | Type | Description |
---|---|---|
|
|
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
|
|
fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. |
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
201 - Created |
|
202 - Accepted |
|
401 - Unauthorized |
Empty |
Parameter | Type | Description |
---|---|---|
|
|
name of the Build |
Parameter | Type | Description |
---|---|---|
|
|
If 'true', then the output is pretty printed. |
DELETE
delete a Build
Parameter | Type | Description |
---|---|---|
|
|
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
|
|
The duration in seconds before the object should be deleted. Value must be non-negative integer. The value zero indicates delete immediately. If this value is nil, the default grace period for the specified type will be used. Defaults to a per object value if not specified. zero means delete immediately. |
|
|
Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added to/removed from the object's finalizers list. Either this field or PropagationPolicy may be set, but not both. |
|
|
Whether and how garbage collection will be performed. Either this field or OrphanDependents may be set, but not both. The default policy is decided by the existing finalizer set in the metadata.finalizers and the resource-specific default policy. Acceptable values are: 'Orphan' - orphan the dependents; 'Background' - allow the garbage collector to delete the dependents in the background; 'Foreground' - a cascading policy that deletes all dependents in the foreground. |
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
202 - Accepted |
|
401 - Unauthorized |
Empty |
GET
read the specified Build
Parameter | Type | Description |
---|---|---|
|
|
When specified: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. |
HTTP code | Reponse body |
---|---|
200 - OK |
|
401 - Unauthorized |
Empty |
PATCH
partially update the specified Build
Parameter | Type | Description |
---|---|---|
|
|
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
|
|
fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. |
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
401 - Unauthorized |
Empty |
PUT
replace the specified Build
Parameter | Type | Description |
---|---|---|
|
|
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
|
|
fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. |
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
201 - Created |
|
401 - Unauthorized |
Empty |
Parameter | Type | Description |
---|---|---|
|
|
name of the Build |
Parameter | Type | Description |
---|---|---|
|
|
If 'true', then the output is pretty printed. |
GET
read status of the specified Build
Parameter | Type | Description |
---|---|---|
|
|
When specified: - if unset, then the result is returned from remote storage based on quorum-read flag; - if it's 0, then we simply return what we currently have in cache, no guarantee; - if set to non zero, then the result is at least as fresh as given rv. |
HTTP code | Reponse body |
---|---|
200 - OK |
|
401 - Unauthorized |
Empty |
PATCH
partially update status of the specified Build
Parameter | Type | Description |
---|---|---|
|
|
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
|
|
fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. |
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
401 - Unauthorized |
Empty |
PUT
replace status of the specified Build
Parameter | Type | Description |
---|---|---|
|
|
When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed |
|
|
fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. |
Parameter | Type | Description |
---|---|---|
|
HTTP code | Reponse body |
---|---|
200 - OK |
|
201 - Created |
|
401 - Unauthorized |
Empty |