chore: sync vcluster.schema.json

loft-bot · loft-bot · commit f78e5d17c1d2 · 2025-04-25T13:24:59.000Z
diff --git a/vcluster.schema.json b/vcluster.schema.json
@@ -903,14 +903,6 @@
     },
     "DistroContainer": {
       "properties": {
-        "image": {
-          "$ref": "#/$defs/Image",
-          "description": "Image is the distro image"
-        },
-        "imagePullPolicy": {
-          "type": "string",
-          "description": "ImagePullPolicy is the pull policy for the distro image"
-        },
         "command": {
           "items": {
             "type": "string"
@@ -935,14 +927,6 @@
           "type": "boolean",
           "description": "Enabled signals this container should be enabled."
         },
-        "image": {
-          "$ref": "#/$defs/Image",
-          "description": "Image is the distro image"
-        },
-        "imagePullPolicy": {
-          "type": "string",
-          "description": "ImagePullPolicy is the pull policy for the distro image"
-        },
         "command": {
           "items": {
             "type": "string"
@@ -971,6 +955,14 @@
           "type": "string",
           "description": "Config allows you to override the k0s config passed to the k0s binary."
         },
+        "image": {
+          "$ref": "#/$defs/Image",
+          "description": "Image is the distro image"
+        },
+        "imagePullPolicy": {
+          "type": "string",
+          "description": "ImagePullPolicy is the pull policy for the distro image"
+        },
         "env": {
           "items": {
             "type": "object"
@@ -986,14 +978,6 @@
           "type": "object",
           "description": "Security options can be used for the distro init container"
         },
-        "image": {
-          "$ref": "#/$defs/Image",
-          "description": "Image is the distro image"
-        },
-        "imagePullPolicy": {
-          "type": "string",
-          "description": "ImagePullPolicy is the pull policy for the distro image"
-        },
         "command": {
           "items": {
             "type": "string"
@@ -1022,6 +1006,14 @@
           "type": "string",
           "description": "Token is the K3s token to use. If empty, vCluster will choose one."
         },
+        "image": {
+          "$ref": "#/$defs/Image",
+          "description": "Image is the distro image"
+        },
+        "imagePullPolicy": {
+          "type": "string",
+          "description": "ImagePullPolicy is the pull policy for the distro image"
+        },
         "env": {
           "items": {
             "type": "object"
@@ -1037,14 +1029,6 @@
           "type": "object",
           "description": "Security options can be used for the distro init container"
         },
-        "image": {
-          "$ref": "#/$defs/Image",
-          "description": "Image is the distro image"
-        },
-        "imagePullPolicy": {
-          "type": "string",
-          "description": "ImagePullPolicy is the pull policy for the distro image"
-        },
         "command": {
           "items": {
             "type": "string"
@@ -1071,7 +1055,7 @@
         },
         "version": {
           "type": "string",
-          "description": "Version specifies k8s components (scheduler, kube-controller-manager \u0026 apiserver) version.\nIt is a shortcut for controlPlane.distro.k8s.apiServer.image.tag,\ncontrolPlane.distro.k8s.controllerManager.image.tag and\ncontrolPlane.distro.k8s.scheduler.image.tag\nIf e.g. controlPlane.distro.k8s.version is set to v1.30.1 and\ncontrolPlane.distro.k8s.scheduler.image.tag\n(or controlPlane.distro.k8s.controllerManager.image.tag or controlPlane.distro.k8s.apiServer.image.tag)\nis set to v1.31.0,\nvalue from controlPlane.distro.k8s.(controlPlane-component).image.tag will be used\n(where controlPlane-component is apiServer, controllerManager and scheduler)."
+          "description": "Version specifies k8s components (scheduler, kube-controller-manager \u0026 apiserver) version.\nIt is a shortcut for controlPlane.distro.k8s.image.tag"
         },
         "apiServer": {
           "$ref": "#/$defs/DistroContainerEnabled",
@@ -1085,6 +1069,14 @@
           "$ref": "#/$defs/DistroContainer",
           "description": "Scheduler holds configuration specific to starting the scheduler. Enable this via controlPlane.advanced.virtualScheduler.enabled"
         },
+        "image": {
+          "$ref": "#/$defs/Image",
+          "description": "Image is the distro image"
+        },
+        "imagePullPolicy": {
+          "type": "string",
+          "description": "ImagePullPolicy is the pull policy for the distro image"
+        },
         "env": {
           "items": {
             "type": "object"
@@ -1185,6 +1177,10 @@
         "deploy": {
           "$ref": "#/$defs/EtcdDeploy",
           "description": "Deploy defines to use an external etcd that is deployed by the helm chart"
+        },
+        "external": {
+          "$ref": "#/$defs/EtcdExternal",
+          "description": "External defines to use a self-hosted external etcd that is not deployed by the helm chart"
         }
       },
       "additionalProperties": false,
@@ -1325,11 +1321,52 @@
         "migrateFromDeployedEtcd": {
           "type": "boolean",
           "description": "MigrateFromDeployedEtcd signals that vCluster should migrate from the deployed external etcd to embedded etcd."
+        },
+        "snapshotCount": {
+          "type": "integer",
+          "description": "SnapshotCount defines the number of snapshots to keep for the embedded etcd. Defaults to 10000 if less than 1."
+        }
+      },
+      "additionalProperties": false,
+      "type": "object"
+    },
+    "EtcdExternal": {
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Enabled defines if the external etcd should be used."
+        },
+        "endpoint": {
+          "type": "string",
+          "description": "Endpoint holds the endpoint of the external etcd server, e.g. my-example-service:2379"
+        },
+        "tls": {
+          "$ref": "#/$defs/EtcdExternalTLS",
+          "description": "TLS defines the tls configuration for the external etcd server"
         }
       },
       "additionalProperties": false,
       "type": "object"
     },
+    "EtcdExternalTLS": {
+      "properties": {
+        "caFile": {
+          "type": "string",
+          "description": "CaFile is the path to the ca file"
+        },
+        "certFile": {
+          "type": "string",
+          "description": "CertFile is the path to the cert file"
+        },
+        "keyFile": {
+          "type": "string",
+          "description": "KeyFile is the path to the key file"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object",
+      "description": "EtcdExternalTLS defines tls for external etcd server"
+    },
     "Experimental": {
       "properties": {
         "deploy": {
@@ -1872,15 +1909,15 @@
       "properties": {
         "externalSecrets": {
           "$ref": "#/$defs/EnableSwitch",
-          "description": "ExternalSecrets defines whether to sync external secrets or not"
+          "description": "ExternalSecrets defines if external secrets should get synced from the virtual cluster to the host cluster."
         },
         "stores": {
           "$ref": "#/$defs/EnableSwitch",
-          "description": "Stores defines whether to sync stores or not"
+          "description": "Stores defines if secret stores should get synced from the virtual cluster to the host cluster and then bi-directionally."
         },
         "clusterStores": {
           "$ref": "#/$defs/ClusterStoresSyncConfig",
-          "description": "ClusterStores defines whether to sync cluster stores or not"
+          "description": "ClusterStores defines if cluster secrets stores should get synced from the host cluster to the virtual cluster."
         }
       },
       "additionalProperties": false,
@@ -2053,17 +2090,58 @@
         },
         "externalSecrets": {
           "$ref": "#/$defs/ExternalSecrets",
-          "description": "ExternalSecrets reuses a host external secret operator and makes certain CRDs from it available inside the vCluster"
+          "description": "ExternalSecrets reuses a host external secret operator and makes certain CRDs from it available inside the vCluster.\n- ExternalSecrets will be synced from the virtual cluster to the host cluster.\n- SecretStores will be synced from the virtual cluster to the host cluster and then bi-directionally.\n- ClusterSecretStores will be synced from the host cluster to the virtual cluster."
         },
         "certManager": {
           "$ref": "#/$defs/CertManager",
           "description": "CertManager reuses a host cert-manager and makes its CRDs from it available inside the vCluster.\n- Certificates and Issuers will be synced from the virtual cluster to the host cluster.\n- ClusterIssuers will be synced from the host cluster to the virtual cluster."
+        },
+        "istio": {
+          "$ref": "#/$defs/Istio",
+          "description": "Istio syncs DestinationRules, Gateways and VirtualServices from virtual cluster to the host."
         }
       },
       "additionalProperties": false,
       "type": "object",
       "description": "Integrations holds config for vCluster integrations with other operators or tools running on the host cluster"
     },
+    "Istio": {
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Enabled defines if this option should be enabled."
+        },
+        "sync": {
+          "$ref": "#/$defs/IstioSync"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object"
+    },
+    "IstioSync": {
+      "properties": {
+        "toHost": {
+          "$ref": "#/$defs/IstioSyncToHost"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object"
+    },
+    "IstioSyncToHost": {
+      "properties": {
+        "destinationRules": {
+          "$ref": "#/$defs/EnableSwitch"
+        },
+        "gateways": {
+          "$ref": "#/$defs/EnableSwitch"
+        },
+        "virtualServices": {
+          "$ref": "#/$defs/EnableSwitch"
+        }
+      },
+      "additionalProperties": false,
+      "type": "object"
+    },
     "KubeVirt": {
       "properties": {
         "enabled": {
@@ -2310,10 +2388,26 @@
           "description": "Enabled defines if the network policy should be deployed by vCluster."
         },
         "fallbackDns": {
-          "type": "string"
+          "type": "string",
+          "description": "FallbackDNS is the fallback DNS server to use if the virtual cluster does not have a DNS server."
         },
         "outgoingConnections": {
-          "$ref": "#/$defs/OutgoingConnections"
+          "$ref": "#/$defs/OutgoingConnections",
+          "description": "OutgoingConnections are the outgoing connections options for the vCluster workloads."
+        },
+        "extraControlPlaneRules": {
+          "items": {
+            "type": "object"
+          },
+          "type": "array",
+          "description": "ExtraControlPlaneRules are extra allowed rules for the vCluster control plane."
+        },
+        "extraWorkloadRules": {
+          "items": {
+            "type": "object"
+          },
+          "type": "array",
+          "description": "ExtraWorkloadRules are extra allowed rules for the vCluster workloads."
         },
         "annotations": {
           "additionalProperties": {
