Protection Configuration Reference
protection:
name: "" # required, unique Protection name
# exactly one of these is required
kubernetesConfig: # Kubernetes config defining a Job
type: KUBERNETES | KUSTOMIZE
local:
path: "" # relative path to the Job definition or a directory containing the Job definition
subPath: "" # optional, used in conjunction with path to allow templating `path` to the Job definition. When specified, `path` must be a directory and the entire content of the directory will be uploaded to Prodvana.
taskConfig:
program: # required
name: "" # required, container name
# one of `image` or `imageTag` with `imageRegistryInfo` is required.
image: "" # docker image
imageRegistryInfo:
containerRegistry: "" # container registry name on Prodvana
imageRepository: "" # image repository (path after the domain)
imageTag: "" # image tag, used in conjunction with imageRegistryInfo
entrypoint: # optional, override the image entrypoint
- ""
cmd: # optional, override the image command
- ""
env: # optional, env variables
"key":
# one of these is required
value: "" # string value
secret: # reference a secret stored on Prodvana
key: "" # required
version: "" # required
kubernetesSecret: # reference a Kubernetes secret. The secret must already exist on the same namespace as the Service.
secretName: "" # required, secret name
key: "" # required, map key inside the secret to use (Kubernetes secrets are stored as a map)
workingDirectory: "" # optional, override working directory from the image
builtin: # builtin Protections
# exactly one of this is required
commitDenylist: # a Protection that prevents known bad commits from going out, requires a repository integration like GitHub setup
repository: "" # required, repository name, like github.com/foo/bar
commits: # required, commits denylist
- # one of `commit` or `range` is required
commit: "" # commit sha
range:
- startCommit: "" # older commit sha, exclusive
endCommit: "" # newer commit sha, inclusive
# end of one of
pollInterval: 60s # optional, how often to run the Protection
env: # optional, additional env to be injected into the running Protection. only supported for Kubernetes.
"key":
# one of these is required
value: "" # string value
secret: # reference a secret stored on Prodvana
key: "" # required
version: "" # required
kubernetesSecret: # reference a Kubernetes secret. The secret must already exist on the same namespace as the Service.
secretName: "" # required, secret name
key: "" # required, map key inside the secret to use (Kubernetes secrets are stored as a map)
parameters: # optional, parameters to pass in when instantiating the Convergence Extension. Available in template variables as {{.Params.*}}
- name: "" # required, parameter name, used as the template variable name
description: "" # optional
required: false # optional, mark parameter as required
string: # string parameter
defaultValue: "" # optional, default value
dockerImage: # docker image parameter, populated from a docker registry integration
imageRegistryInfo:
containerRegistry: "" # container registry name on Prodvana
imageRepository: "" # image repository (path after the domain)
defaultTag: "" # optional, default value
int: # int parameter
defaultValue: 0 # optional, default value
commit: # commit parameter, populated from a repository integration
repository: "" # required, e.g. github.com/foo/bar
branch: "" # optional, branch to pull commits from when populating parameter textbox in the Prodvana UI
blob: # similar to string, but pass a blob ID in the template variable instead of the string content. Useful if the string content is going to be very large.
defaultValue: "" # optional, default value
secret: {} # secret stored on Prodvana. The content of the secret is passed via the template variable
Updated 8 months ago