Home
Products
Red Hat Advanced Cluster Security for Kubernetes
4.5
API reference
Chapter 21. DeploymentService

Chapter 21. DeploymentService

21.1. CountDeployments
Copy link

GET /v1/deploymentscount

CountDeployments returns the number of deployments.

21.1.2. Parameters
Copy link

21.1.2.1. Query Parameters
Copy link

Expand

Name	Required	Default
query	-	null
pagination.limit	-	null
pagination.offset	-	null
pagination.sortOption.field	-	null
pagination.sortOption.reversed	-	null
pagination.sortOption.aggregateBy.aggrFunc	-	UNSET
pagination.sortOption.aggregateBy.distinct	-	null

21.1.4. Content Type
Copy link

application/json

21.1.5. Responses
Copy link

Expand

Table 21.1. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1CountDeploymentsResponse
0	An unexpected error response.	RuntimeError

21.1.7. Common object reference
Copy link

21.1.7.1. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".

21.1.7.1.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

If the embedded message type is well-known and has a custom JSON representation, that representation will be embedded adding a field value which holds the custom JSON in addition to the @type field. Example (for message [google.protobuf.Duration][]):

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.1.7.2. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.1.7.3. V1CountDeploymentsResponse
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
count			Integer		int32

21.2. ListDeployments
Copy link

GET /v1/deployments

ListDeployments returns the list of deployments.

21.2.1. Description
Copy link

21.2.2. Parameters
Copy link

21.2.2.1. Query Parameters
Copy link

Expand

Name	Required	Default
query	-	null
pagination.limit	-	null
pagination.offset	-	null
pagination.sortOption.field	-	null
pagination.sortOption.reversed	-	null
pagination.sortOption.aggregateBy.aggrFunc	-	UNSET
pagination.sortOption.aggregateBy.distinct	-	null

21.2.3. Return Type
Copy link

V1ListDeploymentsResponse

21.2.4. Content Type
Copy link

application/json

21.2.5. Responses
Copy link

Expand

Table 21.2. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1ListDeploymentsResponse
0	An unexpected error response.	RuntimeError

21.2.6. Samples
Copy link

21.2.7. Common object reference
Copy link

21.2.7.1. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

21.2.7.1.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.2.7.2. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.2.7.3. StorageListDeployment
Copy link

Next available tag: 9

Expand

Field Name	Type	Format
id	String
hash	String	uint64
name	String
cluster	String
clusterId	String
namespace	String
created	Date	date-time
priority	String	int64

21.2.7.4. V1ListDeploymentsResponse
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
deployments			List of StorageListDeployment

21.3. GetDeployment
Copy link

GET /v1/deployments/{id}

GetDeployment returns a deployment given its ID.

21.3.1. Description
Copy link

21.3.2. Parameters
Copy link

21.3.2.1. Path Parameters
Copy link

Expand

Name	Description	Required	Default	Pattern
id		X	null

21.3.3. Return Type
Copy link

StorageDeployment

21.3.4. Content Type
Copy link

application/json

21.3.5. Responses
Copy link

Expand

Table 21.3. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	StorageDeployment
0	An unexpected error response.	RuntimeError

21.3.6. Samples
Copy link

21.3.7. Common object reference
Copy link

21.3.7.1. ContainerConfigEnvironmentConfig
Copy link

Expand

Field Name	Type	Format
key	String
value	String
envVarSource	EnvironmentConfigEnvVarSource	UNSET, RAW, SECRET_KEY, CONFIG_MAP_KEY, FIELD, RESOURCE_FIELD, UNKNOWN,

21.3.7.2. EnvironmentConfigEnvVarSource
Copy link

For any update to EnvVarSource, please also update 'ui/src/messages/common.js'

Expand

Enum Values
UNSET
RAW
SECRET_KEY
CONFIG_MAP_KEY
FIELD
RESOURCE_FIELD
UNKNOWN

21.3.7.3. PortConfigExposureInfo
Copy link

Expand

Field Name	Type	Format
level	PortConfigExposureLevel	UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE,
serviceName	String
serviceId	String
serviceClusterIp	String
servicePort	Integer	int32
nodePort	Integer	int32
externalIps	List of `string`
externalHostnames	List of `string`

21.3.7.4. PortConfigExposureLevel
Copy link

Expand

Enum Values
UNSET
EXTERNAL
NODE
INTERNAL
HOST
ROUTE

21.3.7.5. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

21.3.7.5.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.3.7.6. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.3.7.7. SeccompProfileProfileType
Copy link

Expand

Enum Values
UNCONFINED
RUNTIME_DEFAULT
LOCALHOST

21.3.7.8. SecurityContextSELinux
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
user			String
role			String
type			String
level			String

21.3.7.9. SecurityContextSeccompProfile
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
type			SeccompProfileProfileType		UNCONFINED, RUNTIME_DEFAULT, LOCALHOST,
localhostProfile			String

21.3.7.10. StorageContainer
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
id			String
config			StorageContainerConfig
image			StorageContainerImage
securityContext			StorageSecurityContext
volumes			List of StorageVolume
ports			List of StoragePortConfig
secrets			List of StorageEmbeddedSecret
resources			StorageResources
name			String
livenessProbe			StorageLivenessProbe
readinessProbe			StorageReadinessProbe

21.3.7.11. StorageContainerConfig
Copy link

Expand

Field Name	Type	Format
env	List of ContainerConfigEnvironmentConfig
command	List of `string`
args	List of `string`
directory	String
user	String
uid	String	int64
appArmorProfile	String

21.3.7.12. StorageContainerImage
Copy link

Next tag: 12

Expand

Field Name	Required	Nullable	Type	Description	Format
id			String
name			StorageImageName
notPullable			Boolean
isClusterLocal			Boolean

21.3.7.13. StorageDeployment
Copy link

Next available tag: 35

Expand

Field Name	Type	Format
id	String
name	String
hash	String	uint64
type	String
namespace	String
namespaceId	String
orchestratorComponent	Boolean
replicas	String	int64
labels	Map of `string`
podLabels	Map of `string`
labelSelector	StorageLabelSelector
created	Date	date-time
clusterId	String
clusterName	String
containers	List of StorageContainer
annotations	Map of `string`
priority	String	int64
inactive	Boolean
imagePullSecrets	List of `string`
serviceAccount	String
serviceAccountPermissionLevel	StoragePermissionLevel	UNSET, NONE, DEFAULT, ELEVATED_IN_NAMESPACE, ELEVATED_CLUSTER_WIDE, CLUSTER_ADMIN,
automountServiceAccountToken	Boolean
hostNetwork	Boolean
hostPid	Boolean
hostIpc	Boolean
runtimeClass	String
tolerations	List of StorageToleration
ports	List of StoragePortConfig
stateTimestamp	String	int64
riskScore	Float	float

21.3.7.14. StorageEmbeddedSecret
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
name			String
path			String

21.3.7.15. StorageImageName
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
registry			String
remote			String
tag			String
fullName			String

21.3.7.16. StorageLabelSelector
Copy link

Label selector components are joined with logical AND, see     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

Next available tag: 3

Expand

Field Name	Required	Nullable	Type	Description	Format
matchLabels			Map of `string`	This is actually a oneof, but we can’t make it one due to backwards compatibility constraints.
requirements			List of StorageLabelSelectorRequirement

21.3.7.17. StorageLabelSelectorOperator
Copy link

Expand

Enum Values
UNKNOWN
IN
NOT_IN
EXISTS
NOT_EXISTS

21.3.7.18. StorageLabelSelectorRequirement
Copy link

Next available tag: 4

Expand

Field Name	Type	Format
key	String
op	StorageLabelSelectorOperator	UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS,
values	List of `string`

21.3.7.19. StorageLivenessProbe
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
defined			Boolean

21.3.7.20. StoragePermissionLevel
Copy link

For any update to PermissionLevel, also update: - pkg/searchbasedpolicies/builders/k8s_rbac.go - ui/src/messages/common.js

Expand

Enum Values
UNSET
NONE
DEFAULT
ELEVATED_IN_NAMESPACE
ELEVATED_CLUSTER_WIDE
CLUSTER_ADMIN

21.3.7.21. StoragePortConfig
Copy link

Next Available Tag: 6

Expand

Field Name	Type	Format
name	String
containerPort	Integer	int32
protocol	String
exposure	PortConfigExposureLevel	UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE,
exposedPort	Integer	int32
exposureInfos	List of PortConfigExposureInfo

21.3.7.22. StorageReadinessProbe
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
defined			Boolean

21.3.7.23. StorageResources
Copy link

Expand

Field Name	Type	Format
cpuCoresRequest	Float	float
cpuCoresLimit	Float	float
memoryMbRequest	Float	float
memoryMbLimit	Float	float

21.3.7.24. StorageSecurityContext
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
privileged			Boolean
selinux			SecurityContextSELinux
dropCapabilities			List of `string`
addCapabilities			List of `string`
readOnlyRootFilesystem			Boolean
seccompProfile			SecurityContextSeccompProfile
allowPrivilegeEscalation			Boolean

21.3.7.25. StorageTaintEffect
Copy link

Expand

Enum Values
UNKNOWN_TAINT_EFFECT
NO_SCHEDULE_TAINT_EFFECT
PREFER_NO_SCHEDULE_TAINT_EFFECT
NO_EXECUTE_TAINT_EFFECT

21.3.7.26. StorageToleration
Copy link

Expand

Field Name	Type	Format
key	String
operator	StorageTolerationOperator	TOLERATION_OPERATION_UNKNOWN, TOLERATION_OPERATOR_EXISTS, TOLERATION_OPERATOR_EQUAL,
value	String
taintEffect	StorageTaintEffect	UNKNOWN_TAINT_EFFECT, NO_SCHEDULE_TAINT_EFFECT, PREFER_NO_SCHEDULE_TAINT_EFFECT, NO_EXECUTE_TAINT_EFFECT,

21.3.7.27. StorageTolerationOperator
Copy link

Expand

Enum Values
TOLERATION_OPERATION_UNKNOWN
TOLERATION_OPERATOR_EXISTS
TOLERATION_OPERATOR_EQUAL

21.3.7.28. StorageVolume
Copy link

Expand

Field Name	Type	Format
name	String
source	String
destination	String
readOnly	Boolean
type	String
mountPropagation	VolumeMountPropagation	NONE, HOST_TO_CONTAINER, BIDIRECTIONAL,

21.3.7.29. VolumeMountPropagation
Copy link

Expand

Enum Values
NONE
HOST_TO_CONTAINER
BIDIRECTIONAL

21.4. GetLabels
Copy link

GET /v1/deployments/metadata/labels

GetLabels returns the labels used by deployments.

21.4.1. Description
Copy link

21.4.2. Parameters
Copy link

21.4.3. Return Type
Copy link

V1DeploymentLabelsResponse

21.4.4. Content Type
Copy link

application/json

21.4.5. Responses
Copy link

Expand

Table 21.4. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1DeploymentLabelsResponse
0	An unexpected error response.	RuntimeError

21.4.6. Samples
Copy link

21.4.7. Common object reference
Copy link

21.4.7.1. DeploymentLabelsResponseLabelValues
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
values			List of `string`

21.4.7.2. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

21.4.7.2.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.4.7.3. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.4.7.4. V1DeploymentLabelsResponse
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
labels			Map of DeploymentLabelsResponseLabelValues
values			List of `string`

21.5. ListDeploymentsWithProcessInfo
Copy link

GET /v1/deploymentswithprocessinfo

ListDeploymentsWithProcessInfo returns the list of deployments with process information.

21.5.1. Description
Copy link

21.5.2. Parameters
Copy link

21.5.2.1. Query Parameters
Copy link

Expand

Name	Required	Default
query	-	null
pagination.limit	-	null
pagination.offset	-	null
pagination.sortOption.field	-	null
pagination.sortOption.reversed	-	null
pagination.sortOption.aggregateBy.aggrFunc	-	UNSET
pagination.sortOption.aggregateBy.distinct	-	null

21.5.3. Return Type
Copy link

V1ListDeploymentsWithProcessInfoResponse

21.5.4. Content Type
Copy link

application/json

21.5.5. Responses
Copy link

Expand

Table 21.5. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1ListDeploymentsWithProcessInfoResponse
0	An unexpected error response.	RuntimeError

21.5.6. Samples
Copy link

21.5.7. Common object reference
Copy link

21.5.7.1. ContainerNameAndBaselineStatusBaselineStatus
Copy link

Expand

Enum Values
INVALID
NOT_GENERATED
UNLOCKED
LOCKED

21.5.7.2. ListDeploymentsWithProcessInfoResponseDeploymentWithProcessInfo
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
deployment			StorageListDeployment
baselineStatuses			List of StorageContainerNameAndBaselineStatus

21.5.7.3. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

21.5.7.3.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.5.7.4. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.5.7.5. StorageContainerNameAndBaselineStatus
Copy link

ContainerNameAndBaselineStatus represents a cached result of process evaluation on a specific container name.

Expand

Field Name	Type	Format
containerName	String
baselineStatus	ContainerNameAndBaselineStatusBaselineStatus	INVALID, NOT_GENERATED, UNLOCKED, LOCKED,
anomalousProcessesExecuted	Boolean

21.5.7.6. StorageListDeployment
Copy link

Next available tag: 9

Expand

Field Name	Type	Format
id	String
hash	String	uint64
name	String
cluster	String
clusterId	String
namespace	String
created	Date	date-time
priority	String	int64

21.5.7.7. V1ListDeploymentsWithProcessInfoResponse
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
deployments			List of ListDeploymentsWithProcessInfoResponseDeploymentWithProcessInfo

21.6. GetDeploymentWithRisk
Copy link

GET /v1/deploymentswithrisk/{id}

GetDeploymentWithRisk returns a deployment and its risk given its ID.

21.6.1. Description
Copy link

21.6.2. Parameters
Copy link

21.6.2.1. Path Parameters
Copy link

Expand

Name	Description	Required	Default	Pattern
id		X	null

21.6.3. Return Type
Copy link

V1GetDeploymentWithRiskResponse

21.6.4. Content Type
Copy link

application/json

21.6.5. Responses
Copy link

Expand

Table 21.6. HTTP Response Codes
Code	Message	Datatype
200	A successful response.	V1GetDeploymentWithRiskResponse
0	An unexpected error response.	RuntimeError

21.6.6. Samples
Copy link

21.6.7. Common object reference
Copy link

21.6.7.1. ContainerConfigEnvironmentConfig
Copy link

Expand

Field Name	Type	Format
key	String
value	String
envVarSource	EnvironmentConfigEnvVarSource	UNSET, RAW, SECRET_KEY, CONFIG_MAP_KEY, FIELD, RESOURCE_FIELD, UNKNOWN,

21.6.7.2. EnvironmentConfigEnvVarSource
Copy link

For any update to EnvVarSource, please also update 'ui/src/messages/common.js'

Expand

Enum Values
UNSET
RAW
SECRET_KEY
CONFIG_MAP_KEY
FIELD
RESOURCE_FIELD
UNKNOWN

21.6.7.3. PortConfigExposureInfo
Copy link

Expand

Field Name	Type	Format
level	PortConfigExposureLevel	UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE,
serviceName	String
serviceId	String
serviceClusterIp	String
servicePort	Integer	int32
nodePort	Integer	int32
externalIps	List of `string`
externalHostnames	List of `string`

21.6.7.4. PortConfigExposureLevel
Copy link

Expand

Enum Values
UNSET
EXTERNAL
NODE
INTERNAL
HOST
ROUTE

21.6.7.5. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

21.6.7.5.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.6.7.6. ResultFactor
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
message			String
url			String

21.6.7.7. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.6.7.8. SeccompProfileProfileType
Copy link

Expand

Enum Values
UNCONFINED
RUNTIME_DEFAULT
LOCALHOST

21.6.7.9. SecurityContextSELinux
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
user			String
role			String
type			String
level			String

21.6.7.10. SecurityContextSeccompProfile
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
type			SeccompProfileProfileType		UNCONFINED, RUNTIME_DEFAULT, LOCALHOST,
localhostProfile			String

21.6.7.11. StorageContainer
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
id			String
config			StorageContainerConfig
image			StorageContainerImage
securityContext			StorageSecurityContext
volumes			List of StorageVolume
ports			List of StoragePortConfig
secrets			List of StorageEmbeddedSecret
resources			StorageResources
name			String
livenessProbe			StorageLivenessProbe
readinessProbe			StorageReadinessProbe

21.6.7.12. StorageContainerConfig
Copy link

Expand

Field Name	Type	Format
env	List of ContainerConfigEnvironmentConfig
command	List of `string`
args	List of `string`
directory	String
user	String
uid	String	int64
appArmorProfile	String

21.6.7.13. StorageContainerImage
Copy link

Next tag: 12

Expand

Field Name	Required	Nullable	Type	Description	Format
id			String
name			StorageImageName
notPullable			Boolean
isClusterLocal			Boolean

21.6.7.14. StorageDeployment
Copy link

Next available tag: 35

Expand

Field Name	Type	Format
id	String
name	String
hash	String	uint64
type	String
namespace	String
namespaceId	String
orchestratorComponent	Boolean
replicas	String	int64
labels	Map of `string`
podLabels	Map of `string`
labelSelector	StorageLabelSelector
created	Date	date-time
clusterId	String
clusterName	String
containers	List of StorageContainer
annotations	Map of `string`
priority	String	int64
inactive	Boolean
imagePullSecrets	List of `string`
serviceAccount	String
serviceAccountPermissionLevel	StoragePermissionLevel	UNSET, NONE, DEFAULT, ELEVATED_IN_NAMESPACE, ELEVATED_CLUSTER_WIDE, CLUSTER_ADMIN,
automountServiceAccountToken	Boolean
hostNetwork	Boolean
hostPid	Boolean
hostIpc	Boolean
runtimeClass	String
tolerations	List of StorageToleration
ports	List of StoragePortConfig
stateTimestamp	String	int64
riskScore	Float	float

21.6.7.15. StorageEmbeddedSecret
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
name			String
path			String

21.6.7.16. StorageImageName
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
registry			String
remote			String
tag			String
fullName			String

21.6.7.17. StorageLabelSelector
Copy link

Label selector components are joined with logical AND, see     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

Next available tag: 3

Expand

Field Name	Required	Nullable	Type	Description	Format
matchLabels			Map of `string`	This is actually a oneof, but we can’t make it one due to backwards compatibility constraints.
requirements			List of StorageLabelSelectorRequirement

21.6.7.18. StorageLabelSelectorOperator
Copy link

Expand

Enum Values
UNKNOWN
IN
NOT_IN
EXISTS
NOT_EXISTS

21.6.7.19. StorageLabelSelectorRequirement
Copy link

Next available tag: 4

Expand

Field Name	Type	Format
key	String
op	StorageLabelSelectorOperator	UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS,
values	List of `string`

21.6.7.20. StorageLivenessProbe
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
defined			Boolean

21.6.7.21. StoragePermissionLevel
Copy link

For any update to PermissionLevel, also update: - pkg/searchbasedpolicies/builders/k8s_rbac.go - ui/src/messages/common.js

Expand

Enum Values
UNSET
NONE
DEFAULT
ELEVATED_IN_NAMESPACE
ELEVATED_CLUSTER_WIDE
CLUSTER_ADMIN

21.6.7.22. StoragePortConfig
Copy link

Next Available Tag: 6

Expand

Field Name	Type	Format
name	String
containerPort	Integer	int32
protocol	String
exposure	PortConfigExposureLevel	UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE,
exposedPort	Integer	int32
exposureInfos	List of PortConfigExposureInfo

21.6.7.23. StorageReadinessProbe
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
defined			Boolean

21.6.7.24. StorageResources
Copy link

Expand

Field Name	Type	Format
cpuCoresRequest	Float	float
cpuCoresLimit	Float	float
memoryMbRequest	Float	float
memoryMbLimit	Float	float

21.6.7.25. StorageRisk
Copy link

Expand

Field Name	Type	Format
id	String
subject	StorageRiskSubject
score	Float	float
results	List of StorageRiskResult

21.6.7.26. StorageRiskResult
Copy link

Expand

Field Name	Type	Format
name	String
factors	List of ResultFactor
score	Float	float

21.6.7.27. StorageRiskSubject
Copy link

Expand

Field Name	Type	Format
id	String
namespace	String
clusterId	String
type	StorageRiskSubjectType	UNKNOWN, DEPLOYMENT, NAMESPACE, CLUSTER, NODE, NODE_COMPONENT, IMAGE, IMAGE_COMPONENT, SERVICEACCOUNT,

21.6.7.28. StorageRiskSubjectType
Copy link

Next tag: 9

Expand

Enum Values
UNKNOWN
DEPLOYMENT
NAMESPACE
CLUSTER
NODE
NODE_COMPONENT
IMAGE
IMAGE_COMPONENT
SERVICEACCOUNT

21.6.7.29. StorageSecurityContext
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
privileged			Boolean
selinux			SecurityContextSELinux
dropCapabilities			List of `string`
addCapabilities			List of `string`
readOnlyRootFilesystem			Boolean
seccompProfile			SecurityContextSeccompProfile
allowPrivilegeEscalation			Boolean

21.6.7.30. StorageTaintEffect
Copy link

Expand

Enum Values
UNKNOWN_TAINT_EFFECT
NO_SCHEDULE_TAINT_EFFECT
PREFER_NO_SCHEDULE_TAINT_EFFECT
NO_EXECUTE_TAINT_EFFECT

21.6.7.31. StorageToleration
Copy link

Expand

Field Name	Type	Format
key	String
operator	StorageTolerationOperator	TOLERATION_OPERATION_UNKNOWN, TOLERATION_OPERATOR_EXISTS, TOLERATION_OPERATOR_EQUAL,
value	String
taintEffect	StorageTaintEffect	UNKNOWN_TAINT_EFFECT, NO_SCHEDULE_TAINT_EFFECT, PREFER_NO_SCHEDULE_TAINT_EFFECT, NO_EXECUTE_TAINT_EFFECT,

21.6.7.32. StorageTolerationOperator
Copy link

Expand

Enum Values
TOLERATION_OPERATION_UNKNOWN
TOLERATION_OPERATOR_EXISTS
TOLERATION_OPERATOR_EQUAL

21.6.7.33. StorageVolume
Copy link

Expand

Field Name	Type	Format
name	String
source	String
destination	String
readOnly	Boolean
type	String
mountPropagation	VolumeMountPropagation	NONE, HOST_TO_CONTAINER, BIDIRECTIONAL,

21.6.7.34. V1GetDeploymentWithRiskResponse
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
deployment			StorageDeployment
risk			StorageRisk

21.6.7.35. VolumeMountPropagation
Copy link

Expand

Enum Values
NONE
HOST_TO_CONTAINER
BIDIRECTIONAL

21.7. ExportDeployments
Copy link

GET /v1/export/deployments

21.7.1. Description
Copy link

21.7.2. Parameters
Copy link

21.7.2.1. Query Parameters
Copy link

Expand

Name	Description	Required	Default	Pattern
timeout		-	null
query		-	null

21.7.3. Return Type
Copy link

Stream_result_of_v1ExportDeploymentResponse

21.7.4. Content Type
Copy link

application/json

21.7.5. Responses
Copy link

Expand

Table 21.7. HTTP Response Codes
Code	Message	Datatype
200	A successful response.(streaming responses)	Stream_result_of_v1ExportDeploymentResponse
0	An unexpected error response.	RuntimeError

21.7.6. Samples
Copy link

21.7.7. Common object reference
Copy link

21.7.7.1. ContainerConfigEnvironmentConfig
Copy link

Expand

Field Name	Type	Format
key	String
value	String
envVarSource	EnvironmentConfigEnvVarSource	UNSET, RAW, SECRET_KEY, CONFIG_MAP_KEY, FIELD, RESOURCE_FIELD, UNKNOWN,

21.7.7.2. EnvironmentConfigEnvVarSource
Copy link

For any update to EnvVarSource, please also update 'ui/src/messages/common.js'

Expand

Enum Values
UNSET
RAW
SECRET_KEY
CONFIG_MAP_KEY
FIELD
RESOURCE_FIELD
UNKNOWN

21.7.7.3. PortConfigExposureInfo
Copy link

Expand

Field Name	Type	Format
level	PortConfigExposureLevel	UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE,
serviceName	String
serviceId	String
serviceClusterIp	String
servicePort	Integer	int32
nodePort	Integer	int32
externalIps	List of `string`
externalHostnames	List of `string`

21.7.7.4. PortConfigExposureLevel
Copy link

Expand

Enum Values
UNSET
EXTERNAL
NODE
INTERNAL
HOST
ROUTE

21.7.7.5. ProtobufAny
Copy link

Any contains an arbitrary serialized protocol buffer message along with a URL that describes the type of the serialized message.

Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.

Example 1: Pack and unpack a message in C++.

Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
  ...
}

Example 2: Pack and unpack a message in Java.

Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
  foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
  foo = any.unpack(Foo.getDefaultInstance());
}

Example 3: Pack and unpack a message in Python.

foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
  any.Unpack(foo)
  ...

Example 4: Pack and unpack a message in Go

foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
  ...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
  ...
}

21.7.7.5.1. JSON representation
Copy link

The JSON representation of an Any value uses the regular representation of the deserialized, embedded message, with an additional field @type which contains the type URL. Example:

package google.profile;
message Person {
  string first_name = 1;
  string last_name = 2;
}

{
  "@type": "type.googleapis.com/google.profile.Person",
  "firstName": <string>,
  "lastName": <string>
}

{
  "@type": "type.googleapis.com/google.protobuf.Duration",
  "value": "1.212s"
}

Expand

Field Name	Required	Nullable	Type	Description	Format
typeUrl			String	A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in `path/google.protobuf.Duration`). The name should be in a canonical form (e.g., leading \".\" is not accepted). In practice, teams usually precompile into the binary all types that they expect it to use in the context of Any. However, for URLs which use the scheme `http`, `https`, or no scheme, one can optionally set up a type server that maps type URLs to message definitions as follows: * If no scheme is provided, `https` is assumed. * An HTTP GET on the URL must yield a [google.protobuf.Type][] value in binary format, or produce an error. * Applications are allowed to cache lookup results based on the URL, or have them precompiled into a binary to avoid any lookup. Therefore, binary compatibility needs to be preserved on changes to types. (Use versioned type names to manage breaking changes.) Note: this functionality is not currently available in the official protobuf release, and it is not used for type URLs beginning with type.googleapis.com. As of May 2023, there are no widely used type server implementations and no plans to implement one. Schemes other than `http`, `https` (or the empty scheme) might be used with implementation specific semantics.
value			byte[]	Must be a valid serialized protocol buffer of the above specified type.	byte

21.7.7.6. RuntimeError
Copy link

Expand

Field Name	Type	Format
error	String
code	Integer	int32
message	String
details	List of ProtobufAny

21.7.7.7. RuntimeStreamError
Copy link

Expand

Field Name	Type	Format
grpcCode	Integer	int32
httpCode	Integer	int32
message	String
httpStatus	String
details	List of ProtobufAny

21.7.7.8. SeccompProfileProfileType
Copy link

Expand

Enum Values
UNCONFINED
RUNTIME_DEFAULT
LOCALHOST

21.7.7.9. SecurityContextSELinux
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
user			String
role			String
type			String
level			String

21.7.7.10. SecurityContextSeccompProfile
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
type			SeccompProfileProfileType		UNCONFINED, RUNTIME_DEFAULT, LOCALHOST,
localhostProfile			String

21.7.7.11. StorageContainer
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
id			String
config			StorageContainerConfig
image			StorageContainerImage
securityContext			StorageSecurityContext
volumes			List of StorageVolume
ports			List of StoragePortConfig
secrets			List of StorageEmbeddedSecret
resources			StorageResources
name			String
livenessProbe			StorageLivenessProbe
readinessProbe			StorageReadinessProbe

21.7.7.12. StorageContainerConfig
Copy link

Expand

Field Name	Type	Format
env	List of ContainerConfigEnvironmentConfig
command	List of `string`
args	List of `string`
directory	String
user	String
uid	String	int64
appArmorProfile	String

21.7.7.13. StorageContainerImage
Copy link

Next tag: 12

Expand

Field Name	Required	Nullable	Type	Description	Format
id			String
name			StorageImageName
notPullable			Boolean
isClusterLocal			Boolean

21.7.7.14. StorageDeployment
Copy link

Next available tag: 35

Expand

Field Name	Type	Format
id	String
name	String
hash	String	uint64
type	String
namespace	String
namespaceId	String
orchestratorComponent	Boolean
replicas	String	int64
labels	Map of `string`
podLabels	Map of `string`
labelSelector	StorageLabelSelector
created	Date	date-time
clusterId	String
clusterName	String
containers	List of StorageContainer
annotations	Map of `string`
priority	String	int64
inactive	Boolean
imagePullSecrets	List of `string`
serviceAccount	String
serviceAccountPermissionLevel	StoragePermissionLevel	UNSET, NONE, DEFAULT, ELEVATED_IN_NAMESPACE, ELEVATED_CLUSTER_WIDE, CLUSTER_ADMIN,
automountServiceAccountToken	Boolean
hostNetwork	Boolean
hostPid	Boolean
hostIpc	Boolean
runtimeClass	String
tolerations	List of StorageToleration
ports	List of StoragePortConfig
stateTimestamp	String	int64
riskScore	Float	float

21.7.7.15. StorageEmbeddedSecret
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
name			String
path			String

21.7.7.16. StorageImageName
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
registry			String
remote			String
tag			String
fullName			String

21.7.7.17. StorageLabelSelector
Copy link

Label selector components are joined with logical AND, see     https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/

Next available tag: 3

Expand

Field Name	Required	Nullable	Type	Description	Format
matchLabels			Map of `string`	This is actually a oneof, but we can’t make it one due to backwards compatibility constraints.
requirements			List of StorageLabelSelectorRequirement

21.7.7.18. StorageLabelSelectorOperator
Copy link

Expand

Enum Values
UNKNOWN
IN
NOT_IN
EXISTS
NOT_EXISTS

21.7.7.19. StorageLabelSelectorRequirement
Copy link

Next available tag: 4

Expand

Field Name	Type	Format
key	String
op	StorageLabelSelectorOperator	UNKNOWN, IN, NOT_IN, EXISTS, NOT_EXISTS,
values	List of `string`

21.7.7.20. StorageLivenessProbe
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
defined			Boolean

21.7.7.21. StoragePermissionLevel
Copy link

For any update to PermissionLevel, also update: - pkg/searchbasedpolicies/builders/k8s_rbac.go - ui/src/messages/common.js

Expand

Enum Values
UNSET
NONE
DEFAULT
ELEVATED_IN_NAMESPACE
ELEVATED_CLUSTER_WIDE
CLUSTER_ADMIN

21.7.7.22. StoragePortConfig
Copy link

Next Available Tag: 6

Expand

Field Name	Type	Format
name	String
containerPort	Integer	int32
protocol	String
exposure	PortConfigExposureLevel	UNSET, EXTERNAL, NODE, INTERNAL, HOST, ROUTE,
exposedPort	Integer	int32
exposureInfos	List of PortConfigExposureInfo

21.7.7.23. StorageReadinessProbe
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
defined			Boolean

21.7.7.24. StorageResources
Copy link

Expand

Field Name	Type	Format
cpuCoresRequest	Float	float
cpuCoresLimit	Float	float
memoryMbRequest	Float	float
memoryMbLimit	Float	float

21.7.7.25. StorageSecurityContext
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
privileged			Boolean
selinux			SecurityContextSELinux
dropCapabilities			List of `string`
addCapabilities			List of `string`
readOnlyRootFilesystem			Boolean
seccompProfile			SecurityContextSeccompProfile
allowPrivilegeEscalation			Boolean

21.7.7.26. StorageTaintEffect
Copy link

Expand

Enum Values
UNKNOWN_TAINT_EFFECT
NO_SCHEDULE_TAINT_EFFECT
PREFER_NO_SCHEDULE_TAINT_EFFECT
NO_EXECUTE_TAINT_EFFECT

21.7.7.27. StorageToleration
Copy link

Expand

Field Name	Type	Format
key	String
operator	StorageTolerationOperator	TOLERATION_OPERATION_UNKNOWN, TOLERATION_OPERATOR_EXISTS, TOLERATION_OPERATOR_EQUAL,
value	String
taintEffect	StorageTaintEffect	UNKNOWN_TAINT_EFFECT, NO_SCHEDULE_TAINT_EFFECT, PREFER_NO_SCHEDULE_TAINT_EFFECT, NO_EXECUTE_TAINT_EFFECT,

21.7.7.28. StorageTolerationOperator
Copy link

Expand

Enum Values
TOLERATION_OPERATION_UNKNOWN
TOLERATION_OPERATOR_EXISTS
TOLERATION_OPERATOR_EQUAL

21.7.7.29. StorageVolume
Copy link

Expand

Field Name	Type	Format
name	String
source	String
destination	String
readOnly	Boolean
type	String
mountPropagation	VolumeMountPropagation	NONE, HOST_TO_CONTAINER, BIDIRECTIONAL,

21.7.7.30. StreamResultOfV1ExportDeploymentResponse
Copy link

Stream result of v1ExportDeploymentResponse

Expand

Field Name	Required	Nullable	Type	Description	Format
result			V1ExportDeploymentResponse
error			RuntimeStreamError

21.7.7.31. V1ExportDeploymentResponse
Copy link

Expand

Field Name	Required	Nullable	Type	Description	Format
deployment			StorageDeployment

21.7.7.32. VolumeMountPropagation
Copy link

Expand

Enum Values
NONE
HOST_TO_CONTAINER
BIDIRECTIONAL

Chapter 21. DeploymentService

21.1. CountDeploymentsCopy linkLink copied to clipboard!

21.1.1. DescriptionCopy linkLink copied to clipboard!

21.1.2. ParametersCopy linkLink copied to clipboard!

21.1.2.1. Query ParametersCopy linkLink copied to clipboard!

21.1.3. Return TypeCopy linkLink copied to clipboard!

21.1.4. Content TypeCopy linkLink copied to clipboard!

21.1.5. ResponsesCopy linkLink copied to clipboard!

21.1.6. SamplesCopy linkLink copied to clipboard!

21.1.7. Common object referenceCopy linkLink copied to clipboard!

21.1.7.1. ProtobufAnyCopy linkLink copied to clipboard!

21.1.7.1.1. JSON representationCopy linkLink copied to clipboard!

21.1.7.2. RuntimeErrorCopy linkLink copied to clipboard!

21.1.7.3. V1CountDeploymentsResponseCopy linkLink copied to clipboard!

21.2. ListDeploymentsCopy linkLink copied to clipboard!

21.2.1. DescriptionCopy linkLink copied to clipboard!

21.2.2. ParametersCopy linkLink copied to clipboard!

21.2.2.1. Query ParametersCopy linkLink copied to clipboard!

21.2.3. Return TypeCopy linkLink copied to clipboard!

21.2.4. Content TypeCopy linkLink copied to clipboard!

21.2.5. ResponsesCopy linkLink copied to clipboard!

21.2.6. SamplesCopy linkLink copied to clipboard!

21.2.7. Common object referenceCopy linkLink copied to clipboard!

21.2.7.1. ProtobufAnyCopy linkLink copied to clipboard!

21.2.7.1.1. JSON representationCopy linkLink copied to clipboard!

21.2.7.2. RuntimeErrorCopy linkLink copied to clipboard!

21.2.7.3. StorageListDeploymentCopy linkLink copied to clipboard!

21.2.7.4. V1ListDeploymentsResponseCopy linkLink copied to clipboard!

21.3. GetDeploymentCopy linkLink copied to clipboard!

21.3.1. DescriptionCopy linkLink copied to clipboard!

21.3.2. ParametersCopy linkLink copied to clipboard!

21.3.2.1. Path ParametersCopy linkLink copied to clipboard!

21.3.3. Return TypeCopy linkLink copied to clipboard!

21.3.4. Content TypeCopy linkLink copied to clipboard!

21.3.5. ResponsesCopy linkLink copied to clipboard!

21.3.6. SamplesCopy linkLink copied to clipboard!

21.3.7. Common object referenceCopy linkLink copied to clipboard!

21.3.7.1. ContainerConfigEnvironmentConfigCopy linkLink copied to clipboard!

21.3.7.2. EnvironmentConfigEnvVarSourceCopy linkLink copied to clipboard!

21.3.7.3. PortConfigExposureInfoCopy linkLink copied to clipboard!

21.3.7.4. PortConfigExposureLevelCopy linkLink copied to clipboard!

21.3.7.5. ProtobufAnyCopy linkLink copied to clipboard!

21.3.7.5.1. JSON representationCopy linkLink copied to clipboard!

21.3.7.6. RuntimeErrorCopy linkLink copied to clipboard!

21.3.7.7. SeccompProfileProfileTypeCopy linkLink copied to clipboard!

21.3.7.8. SecurityContextSELinuxCopy linkLink copied to clipboard!

21.3.7.9. SecurityContextSeccompProfileCopy linkLink copied to clipboard!

21.3.7.10. StorageContainerCopy linkLink copied to clipboard!

21.3.7.11. StorageContainerConfigCopy linkLink copied to clipboard!

21.3.7.12. StorageContainerImageCopy linkLink copied to clipboard!

21.3.7.13. StorageDeploymentCopy linkLink copied to clipboard!

21.3.7.14. StorageEmbeddedSecretCopy linkLink copied to clipboard!

21.3.7.15. StorageImageNameCopy linkLink copied to clipboard!

21.3.7.16. StorageLabelSelectorCopy linkLink copied to clipboard!

21.3.7.17. StorageLabelSelectorOperatorCopy linkLink copied to clipboard!

21.3.7.18. StorageLabelSelectorRequirementCopy linkLink copied to clipboard!

21.3.7.19. StorageLivenessProbeCopy linkLink copied to clipboard!

21.3.7.20. StoragePermissionLevelCopy linkLink copied to clipboard!

21.3.7.21. StoragePortConfigCopy linkLink copied to clipboard!

21.3.7.22. StorageReadinessProbeCopy linkLink copied to clipboard!

21.3.7.23. StorageResourcesCopy linkLink copied to clipboard!

21.3.7.24. StorageSecurityContextCopy linkLink copied to clipboard!

21.3.7.25. StorageTaintEffectCopy linkLink copied to clipboard!

21.3.7.26. StorageTolerationCopy linkLink copied to clipboard!

21.3.7.27. StorageTolerationOperatorCopy linkLink copied to clipboard!

21.3.7.28. StorageVolumeCopy linkLink copied to clipboard!

21.3.7.29. VolumeMountPropagationCopy linkLink copied to clipboard!

21.4. GetLabelsCopy linkLink copied to clipboard!

21.4.1. DescriptionCopy linkLink copied to clipboard!

21.4.2. ParametersCopy linkLink copied to clipboard!

21.4.3. Return TypeCopy linkLink copied to clipboard!

21.4.4. Content TypeCopy linkLink copied to clipboard!

21.4.5. ResponsesCopy linkLink copied to clipboard!

21.4.6. SamplesCopy linkLink copied to clipboard!

21.4.7. Common object referenceCopy linkLink copied to clipboard!

21.4.7.1. DeploymentLabelsResponseLabelValuesCopy linkLink copied to clipboard!

21.4.7.2. ProtobufAnyCopy linkLink copied to clipboard!

21.4.7.2.1. JSON representationCopy linkLink copied to clipboard!

21.4.7.3. RuntimeErrorCopy linkLink copied to clipboard!

21.4.7.4. V1DeploymentLabelsResponseCopy linkLink copied to clipboard!

21.1. CountDeployments
Copy link

21.1.1. Description
Copy link

21.1.2. Parameters
Copy link

21.1.2.1. Query Parameters
Copy link

21.1.3. Return Type
Copy link

21.1.4. Content Type
Copy link

21.1.5. Responses
Copy link

21.1.6. Samples
Copy link

21.1.7. Common object reference
Copy link

21.1.7.1. ProtobufAny
Copy link

21.1.7.1.1. JSON representation
Copy link

21.1.7.2. RuntimeError
Copy link

21.1.7.3. V1CountDeploymentsResponse
Copy link

21.2. ListDeployments
Copy link

21.2.1. Description
Copy link

21.2.2. Parameters
Copy link

21.2.2.1. Query Parameters
Copy link

21.2.3. Return Type
Copy link

21.2.4. Content Type
Copy link

21.2.5. Responses
Copy link

21.2.6. Samples
Copy link

21.2.7. Common object reference
Copy link

21.2.7.1. ProtobufAny
Copy link

21.2.7.1.1. JSON representation
Copy link

21.2.7.2. RuntimeError
Copy link

21.2.7.3. StorageListDeployment
Copy link

21.2.7.4. V1ListDeploymentsResponse
Copy link

21.3. GetDeployment
Copy link

21.3.1. Description
Copy link

21.3.2. Parameters
Copy link

21.3.2.1. Path Parameters
Copy link

21.3.3. Return Type
Copy link

21.3.4. Content Type
Copy link

21.3.5. Responses
Copy link

21.3.6. Samples
Copy link

21.3.7. Common object reference
Copy link

21.3.7.1. ContainerConfigEnvironmentConfig
Copy link

21.3.7.2. EnvironmentConfigEnvVarSource
Copy link

21.3.7.3. PortConfigExposureInfo
Copy link

21.3.7.4. PortConfigExposureLevel
Copy link

21.3.7.5. ProtobufAny
Copy link

21.3.7.5.1. JSON representation
Copy link

21.3.7.6. RuntimeError
Copy link

21.3.7.7. SeccompProfileProfileType
Copy link

21.3.7.8. SecurityContextSELinux
Copy link

21.3.7.9. SecurityContextSeccompProfile
Copy link

21.3.7.10. StorageContainer
Copy link

21.3.7.11. StorageContainerConfig
Copy link

21.3.7.12. StorageContainerImage
Copy link

21.3.7.13. StorageDeployment
Copy link

21.3.7.14. StorageEmbeddedSecret
Copy link

21.3.7.15. StorageImageName
Copy link

21.3.7.16. StorageLabelSelector
Copy link

21.3.7.17. StorageLabelSelectorOperator
Copy link

21.3.7.18. StorageLabelSelectorRequirement
Copy link

21.3.7.19. StorageLivenessProbe
Copy link

21.3.7.20. StoragePermissionLevel
Copy link

21.3.7.21. StoragePortConfig
Copy link

21.3.7.22. StorageReadinessProbe
Copy link

21.3.7.23. StorageResources
Copy link

21.3.7.24. StorageSecurityContext
Copy link

21.3.7.25. StorageTaintEffect
Copy link

21.3.7.26. StorageToleration
Copy link

21.3.7.27. StorageTolerationOperator
Copy link

21.3.7.28. StorageVolume
Copy link

21.3.7.29. VolumeMountPropagation
Copy link

21.4. GetLabels
Copy link

21.4.1. Description
Copy link

21.4.2. Parameters
Copy link

21.4.3. Return Type
Copy link

21.4.4. Content Type
Copy link

21.4.5. Responses
Copy link

21.4.6. Samples
Copy link

21.4.7. Common object reference
Copy link

21.4.7.1. DeploymentLabelsResponseLabelValues
Copy link

21.4.7.2. ProtobufAny
Copy link

21.4.7.2.1. JSON representation
Copy link

21.4.7.3. RuntimeError
Copy link

21.4.7.4. V1DeploymentLabelsResponse
Copy link

21.5. ListDeploymentsWithProcessInfo
Copy link