Packages:
Resource Types:
FeatureFlag is the Schema for the featureflags API
| Name | Type | Description | Required |
|---|---|---|---|
| apiVersion | string | core.openfeature.dev/v1beta1 | true |
| kind | string | FeatureFlag | true |
| metadata | object | Refer to the Kubernetes API documentation for the fields of the `metadata` field. | true |
| spec | object |
FeatureFlagSpec defines the desired state of FeatureFlag |
false |
| status | object |
FeatureFlagStatus defines the observed state of FeatureFlag |
false |
FeatureFlagSpec defines the desired state of FeatureFlag
| Name | Type | Description | Required |
|---|---|---|---|
| flagSpec | object |
FlagSpec is the structured representation of the feature flag specification |
false |
FlagSpec is the structured representation of the feature flag specification
| Name | Type | Description | Required |
|---|---|---|---|
| flags | map[string]object |
|
true |
| $evaluators | object |
|
false |
| Name | Type | Description | Required |
|---|---|---|---|
| defaultVariant | string |
|
true |
| state | enum |
Enum: ENABLED, DISABLED |
true |
| variants | object |
|
true |
| targeting | object |
Targeting is the json targeting rule |
false |
FeatureFlagSource is the Schema for the FeatureFlagSources API
| Name | Type | Description | Required |
|---|---|---|---|
| apiVersion | string | core.openfeature.dev/v1beta1 | true |
| kind | string | FeatureFlagSource | true |
| metadata | object | Refer to the Kubernetes API documentation for the fields of the `metadata` field. | true |
| spec | object |
FeatureFlagSourceSpec defines the desired state of FeatureFlagSource |
false |
| status | object |
FeatureFlagSourceStatus defines the observed state of FeatureFlagSource |
false |
FeatureFlagSourceSpec defines the desired state of FeatureFlagSource
| Name | Type | Description | Required |
|---|---|---|---|
| sources | []object |
SyncProviders define the syncProviders and associated configuration to be applied to the sidecar |
true |
| debugLogging | boolean |
DebugLogging defines whether to enable --debug flag of flagd sidecar. Default false (disabled). |
false |
| defaultSyncProvider | string |
DefaultSyncProvider defines the default sync provider |
false |
| envVarPrefix | string |
EnvVarPrefix defines the prefix to be applied to all environment variables applied to the sidecar, default FLAGD |
false |
| envVars | []object |
EnvVars define the env vars to be applied to the sidecar, any env vars in FeatureFlag CRs
are added at the lowest index, all values will have the EnvVarPrefix applied, default FLAGD |
false |
| evaluator | string |
Evaluator sets an evaluator, defaults to 'json' |
false |
| logFormat | string |
LogFormat allows for the sidecar log format to be overridden, defaults to 'json' |
false |
| managementPort | integer |
ManagemetPort defines the port to serve management on, defaults to 8014 Format: int32 |
false |
| otelCollectorUri | string |
OtelCollectorUri defines whether to enable --otel-collector-uri flag of flagd sidecar. Default false (disabled). |
false |
| port | integer |
Port defines the port to listen on, defaults to 8013 Format: int32 |
false |
| probesEnabled | boolean |
ProbesEnabled defines whether to enable liveness and readiness probes of flagd sidecar. Default true (enabled). |
false |
| resources | object |
Resources defines flagd sidecar resources. Default to operator sidecar-cpu-* and sidecar-ram-* flags. |
false |
| rolloutOnChange | boolean |
RolloutOnChange dictates whether annotated deployments will be restarted when configuration changes are
detected in this CR, defaults to false |
false |
| socketPath | string |
SocketPath defines the unix socket path to listen on |
false |
| syncProviderArgs | []string |
SyncProviderArgs are string arguments passed to all sync providers, defined as key values separated by = |
false |
| Name | Type | Description | Required |
|---|---|---|---|
| source | string |
Source is a URI of the flag sources |
true |
| certPath | string |
CertPath is a path of a certificate to be used by grpc TLS connection |
false |
| httpSyncBearerToken | string |
HttpSyncBearerToken is a bearer token. Used by http(s) sync provider only |
false |
| interval | integer |
Interval is a flag configuration interval in seconds used by http provider Format: int32 |
false |
| provider | string |
Provider type - kubernetes, http(s), grpc(s) or file |
false |
| providerID | string |
ProviderID is an identifier to be used in grpc provider |
false |
| selector | string |
Selector is a flag configuration selector used by grpc provider |
false |
| tls | boolean |
TLS - Enable/Disable secure TLS connectivity. Currently used only by GRPC sync |
false |
EnvVar represents an environment variable present in a Container.
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
Name of the environment variable. Must be a C_IDENTIFIER. |
true |
| value | string |
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "". |
false |
| valueFrom | object |
Source for the environment variable's value. Cannot be used if value is not empty. |
false |
Source for the environment variable’s value. Cannot be used if value is not empty.
| Name | Type | Description | Required |
|---|---|---|---|
| configMapKeyRef | object |
Selects a key of a ConfigMap. |
false |
| fieldRef | object |
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. |
false |
| resourceFieldRef | object |
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. |
false |
| secretKeyRef | object |
Selects a key of a secret in the pod's namespace |
false |
Selects a key of a ConfigMap.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
The key to select. |
true |
| name | string |
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid? |
false |
| optional | boolean |
Specify whether the ConfigMap or its key must be defined |
false |
Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'],
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
| Name | Type | Description | Required |
|---|---|---|---|
| fieldPath | string |
Path of the field to select in the specified API version. |
true |
| apiVersion | string |
Version of the schema the FieldPath is written in terms of, defaults to "v1". |
false |
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
| Name | Type | Description | Required |
|---|---|---|---|
| resource | string |
Required: resource to select |
true |
| containerName | string |
Container name: required for volumes, optional for env vars |
false |
| divisor | int or string |
Specifies the output format of the exposed resources, defaults to "1" |
false |
Selects a key of a secret in the pod’s namespace
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
The key of the secret to select from. Must be a valid secret key. |
true |
| name | string |
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid? |
false |
| optional | boolean |
Specify whether the Secret or its key must be defined |
false |
Resources defines flagd sidecar resources. Default to operator sidecar-cpu-* and sidecar-ram-* flags.
| Name | Type | Description | Required |
|---|---|---|---|
| claims | []object |
Claims lists the names of resources, defined in spec.resourceClaims,
that are used by this container.
This is an alpha field and requires enabling the
DynamicResourceAllocation feature gate.
This field is immutable. It can only be set for containers. |
false |
| limits | map[string]int or string |
Limits describes the maximum amount of compute resources allowed.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
| requests | map[string]int or string |
Requests describes the minimum amount of compute resources required.
If Requests is omitted for a container, it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. Requests cannot exceed Limits.
More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ |
false |
ResourceClaim references one entry in PodSpec.ResourceClaims.
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
Name must match the name of one entry in pod.spec.resourceClaims of
the Pod where this field is used. It makes that resource available
inside a container. |
true |
Flagd is the Schema for the flagds API
| Name | Type | Description | Required |
|---|---|---|---|
| apiVersion | string | core.openfeature.dev/v1beta1 | true |
| kind | string | Flagd | true |
| metadata | object | Refer to the Kubernetes API documentation for the fields of the `metadata` field. | true |
| spec | object |
FlagdSpec defines the desired state of Flagd |
false |
| status | object |
FlagdStatus defines the observed state of Flagd |
false |
FlagdSpec defines the desired state of Flagd
| Name | Type | Description | Required |
|---|---|---|---|
| featureFlagSource | string |
FeatureFlagSource references to a FeatureFlagSource from which the created flagd instance retrieves
the feature flag configurations |
true |
| ingress | object |
Ingress |
false |
| replicas | integer |
Replicas defines the number of replicas to create for the service.
Default: 1 Format: int32 Default: 1 |
false |
| serviceAccountName | string |
ServiceAccountName the service account name for the flagd deployment |
false |
| serviceType | enum |
ServiceType represents the type of Service to create.
Must be one of: ClusterIP, NodePort, LoadBalancer, and ExternalName.
Default: ClusterIP Enum: ClusterIP, NodePort, LoadBalancer, ExternalName Default: ClusterIP |
false |
Ingress
| Name | Type | Description | Required |
|---|---|---|---|
| hosts | []string |
Hosts list of hosts to be added to the ingress.
Empty string corresponds to rule with no host. |
true |
| annotations | map[string]string |
Annotations the annotations to be added to the ingress |
false |
| enabled | boolean |
Enabled enables/disables the ingress for flagd |
false |
| flagdPath | string |
FlagdPath is the path to be used for accessing the flagd flag evaluation API
Default: /flagd.evaluation.v1.Service |
false |
| ingressClassName | string |
IngressClassName defines the name if the ingress class to be used for flagd |
false |
| ofrepPath | string |
OFREPPath is the path to be used for accessing the OFREP API
Default: /ofrep |
false |
| pathType | string |
PathType is the path type to be used for the ingress rules |
false |
| syncPath | string |
SyncPath is the path to be used for accessing the sync API
Default: /flagd.sync.v1.Service |
false |
| tls | []object |
TLS configuration for the ingress |
false |
IngressTLS describes the transport layer security associated with an ingress.
| Name | Type | Description | Required |
|---|---|---|---|
| hosts | []string |
hosts is a list of hosts included in the TLS certificate. The values in
this list must match the name/s used in the tlsSecret. Defaults to the
wildcard host setting for the loadbalancer controller fulfilling this
Ingress, if left unspecified. |
false |
| secretName | string |
secretName is the name of the secret used to terminate TLS traffic on
port 443. Field is left optional to allow TLS routing based on SNI
hostname alone. If the SNI host in a listener conflicts with the "Host"
header field used by an IngressRule, the SNI host is used for termination
and value of the "Host" header is used for routing. |
false |
InProcessConfiguration is the Schema for the inprocesconfigurations API
| Name | Type | Description | Required |
|---|---|---|---|
| apiVersion | string | core.openfeature.dev/v1beta1 | true |
| kind | string | InProcessConfiguration | true |
| metadata | object | Refer to the Kubernetes API documentation for the fields of the `metadata` field. | true |
| spec | object |
InProcessConfigurationSpec defines the desired state of InProcessConfiguration |
false |
| status | object |
InProcessConfigurationStatus defines the observed state of InProcessConfiguration |
false |
InProcessConfigurationSpec defines the desired state of InProcessConfiguration
| Name | Type | Description | Required |
|---|---|---|---|
| cache | string |
Cache Default: lru |
false |
| cacheMaxSize | integer |
CacheMaxSize Default: 1000 |
false |
| envVarPrefix | string |
EnvVarPrefix defines the prefix to be applied to all environment variables applied to the sidecar, default FLAGD Default: FLAGD |
false |
| envVars | []object |
EnvVars |
false |
| host | string |
Host Default: localhost |
false |
| offlineFlagSourcePath | string |
OfflineFlagSourcePath |
false |
| port | integer |
Port defines the port to listen on, defaults to 8015 Format: int32 Default: 8015 |
false |
| selector | string |
Selector |
false |
| socketPath | string |
SocketPath defines the unix socket path to listen on |
false |
| tls | boolean |
TLS Default: false |
false |
EnvVar represents an environment variable present in a Container.
| Name | Type | Description | Required |
|---|---|---|---|
| name | string |
Name of the environment variable. Must be a C_IDENTIFIER. |
true |
| value | string |
Variable references $(VAR_NAME) are expanded
using the previously defined environment variables in the container and
any service environment variables. If a variable cannot be resolved,
the reference in the input string will be unchanged. Double $$ are reduced
to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.
"$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)".
Escaped references will never be expanded, regardless of whether the variable
exists or not.
Defaults to "". |
false |
| valueFrom | object |
Source for the environment variable's value. Cannot be used if value is not empty. |
false |
Source for the environment variable’s value. Cannot be used if value is not empty.
| Name | Type | Description | Required |
|---|---|---|---|
| configMapKeyRef | object |
Selects a key of a ConfigMap. |
false |
| fieldRef | object |
Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['<KEY>']`, `metadata.annotations['<KEY>']`,
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. |
false |
| resourceFieldRef | object |
Selects a resource of the container: only resources limits and requests
(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. |
false |
| secretKeyRef | object |
Selects a key of a secret in the pod's namespace |
false |
Selects a key of a ConfigMap.
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
The key to select. |
true |
| name | string |
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid? |
false |
| optional | boolean |
Specify whether the ConfigMap or its key must be defined |
false |
Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels['<KEY>'], metadata.annotations['<KEY>'],
spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs.
| Name | Type | Description | Required |
|---|---|---|---|
| fieldPath | string |
Path of the field to select in the specified API version. |
true |
| apiVersion | string |
Version of the schema the FieldPath is written in terms of, defaults to "v1". |
false |
Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported.
| Name | Type | Description | Required |
|---|---|---|---|
| resource | string |
Required: resource to select |
true |
| containerName | string |
Container name: required for volumes, optional for env vars |
false |
| divisor | int or string |
Specifies the output format of the exposed resources, defaults to "1" |
false |
Selects a key of a secret in the pod’s namespace
| Name | Type | Description | Required |
|---|---|---|---|
| key | string |
The key of the secret to select from. Must be a valid secret key. |
true |
| name | string |
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid? |
false |
| optional | boolean |
Specify whether the Secret or its key must be defined |
false |