--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.19.0 operatorframework.io/installed-alongside-a3bfe412036982dc: kuadrant-system/dns-operator.v1.3.0 creationTimestamp: "2026-03-18T16:54:22Z" generation: 1 labels: olm.managed: "true" operators.coreos.com/dns-operator.kuadrant-system: "" managedFields: - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:controller-gen.kubebuilder.io/version: {} f:operatorframework.io/installed-alongside-a3bfe412036982dc: {} f:labels: .: {} f:olm.managed: {} f:spec: f:conversion: .: {} f:strategy: {} f:group: {} f:names: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:scope: {} f:versions: {} manager: catalog operation: Update time: "2026-03-18T16:54:22Z" - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:status: f:acceptedNames: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:conditions: k:{"type":"Established"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} k:{"type":"NamesAccepted"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} manager: kube-apiserver operation: Update subresource: status time: "2026-03-18T16:54:22Z" - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:labels: f:operators.coreos.com/dns-operator.kuadrant-system: {} manager: olm operation: Update time: "2026-03-18T16:54:56Z" name: dnsrecords.kuadrant.io resourceVersion: "16720" uid: b896cbbd-1e4a-4127-b8cf-e66c6578a03d spec: conversion: strategy: None group: kuadrant.io names: kind: DNSRecord listKind: DNSRecordList plural: dnsrecords singular: dnsrecord scope: Namespaced versions: - additionalPrinterColumns: - description: DNSRecord ready. jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - description: DNSRecord healthy. jsonPath: .status.conditions[?(@.type=="Healthy")].status name: Healthy priority: 2 type: string - description: DNSRecord root host. jsonPath: .spec.rootHost name: Root Host priority: 2 type: string - description: DNSRecord owner id. jsonPath: .status.ownerID name: Owner ID priority: 2 type: string - description: DNSRecord zone domain name. jsonPath: .status.zoneDomainName name: Zone Domain priority: 2 type: string - description: DNSRecord zone id. jsonPath: .status.zoneID name: Zone ID priority: 2 type: string name: v1alpha1 schema: openAPIV3Schema: description: DNSRecord is the Schema for the dnsrecords API properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: DNSRecordSpec defines the desired state of DNSRecord properties: delegate: type: boolean x-kubernetes-validations: - message: delegate is immutable rule: self == oldSelf endpoints: description: endpoints is a list of endpoints that will be published into the dns provider. items: description: Endpoint is a high-level way of a connection between a service and an IP properties: dnsName: description: The hostname of the DNS record type: string labels: additionalProperties: type: string description: Labels stores labels defined for the Endpoint type: object providerSpecific: description: ProviderSpecific stores provider specific config items: description: ProviderSpecificProperty holds the name and value of a configuration which is specific to individual DNS providers properties: name: type: string value: type: string type: object type: array recordTTL: description: TTL for the record format: int64 type: integer recordType: description: RecordType type of record, e.g. CNAME, A, AAAA, SRV, TXT etc type: string setIdentifier: description: Identifier to distinguish multiple records with the same name and type (e.g. Route53 records with routing policies other than 'simple') type: string targets: description: The targets the DNS record points to items: type: string type: array type: object minItems: 0 type: array healthCheck: description: |- HealthCheckSpec configures health checks in the DNS provider. By default this health check will be applied to each unique DNS A Record for the listeners assigned to the target gateway properties: additionalHeadersRef: description: |- AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication token is required by the endpoint. properties: name: type: string required: - name type: object failureThreshold: default: 5 description: |- FailureThreshold is the number of consecutive failures that must be exceeded for a host to be considered unhealthy. When the number of consecutive failures exceeds this threshold, the health check will be marked as unhealthy. Defaults to 5 type: integer x-kubernetes-validations: - message: Failure threshold must be greater than 0 rule: self > 0 interval: default: 5m description: |- Interval defines how frequently this probe should execute Defaults to 5 minutes type: string path: description: |- Path is the path to append to the host to reach the expected health check. Must start with "?" or "/", contain only valid URL characters and end with alphanumeric char or "/". For example "/" or "/healthz" are common pattern: ^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$ type: string port: default: 443 description: |- Port to connect to the host on. Must be either 80, 443 or 1024-49151 Defaults to port 443 type: integer x-kubernetes-validations: - message: Only ports 80, 443, 1024-49151 are allowed rule: self in [80, 443] || (self >= 1024 && self <= 49151) protocol: default: HTTPS description: |- Protocol to use when connecting to the host, valid values are "HTTP" or "HTTPS" Defaults to HTTPS type: string x-kubernetes-validations: - message: Only HTTP or HTTPS protocols are allowed rule: self in ['HTTP','HTTPS'] type: object ownerID: description: |- ownerID is a unique string used to identify the owner of this record. If unset or set to an empty string the record UID will be used. maxLength: 36 minLength: 6 type: string x-kubernetes-validations: - message: OwnerID is immutable rule: self == oldSelf providerRef: description: ProviderRef is a reference to a provider secret. properties: name: type: string required: - name type: object rootHost: description: |- rootHost is the single root for all endpoints in a DNSRecord. it is expected all defined endpoints are children of or equal to this rootHost Must contain at least two groups of valid URL characters separated by a "." maxLength: 255 minLength: 1 pattern: ^(?:[\w\-.~:\/?#[\]@!$&'()*+,;=]+)\.(?:[\w\-.~:\/?#[\]@!$&'()*+,;=]+)$ type: string x-kubernetes-validations: - message: RootHost is immutable rule: self == oldSelf required: - rootHost type: object x-kubernetes-validations: - message: OwnerID can't be unset if it was previously set rule: '!has(oldSelf.ownerID) || has(self.ownerID)' - message: OwnerID can't be set if it was previously unset rule: has(oldSelf.ownerID) || !has(self.ownerID) - message: delegate can't be set to true if unset rule: has(oldSelf.delegate) || !has(self.delegate) || self.delegate == false - message: delegate can't be unset if true rule: '!has(oldSelf.delegate) || oldSelf.delegate == false || has(self.delegate)' - message: delegate=true and providerRef are mutually exclusive rule: '!(has(self.providerRef) && has(self.delegate) && self.delegate == true)' status: description: DNSRecordStatus defines the observed state of DNSRecord properties: activeGroups: description: ActiveGroups displays the last read list of active groups type: string conditions: description: |- conditions are any conditions associated with the record in the dns provider. If publishing the record fails, the "Failed" condition will be set with a reason and message describing the cause of the failure. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array domainOwners: description: DomainOwners is a list of all the owners working against the root domain of this record items: type: string type: array endpoints: description: endpoints are the last endpoints that were successfully published to the provider zone items: description: Endpoint is a high-level way of a connection between a service and an IP properties: dnsName: description: The hostname of the DNS record type: string labels: additionalProperties: type: string description: Labels stores labels defined for the Endpoint type: object providerSpecific: description: ProviderSpecific stores provider specific config items: description: ProviderSpecificProperty holds the name and value of a configuration which is specific to individual DNS providers properties: name: type: string value: type: string type: object type: array recordTTL: description: TTL for the record format: int64 type: integer recordType: description: RecordType type of record, e.g. CNAME, A, AAAA, SRV, TXT etc type: string setIdentifier: description: Identifier to distinguish multiple records with the same name and type (e.g. Route53 records with routing policies other than 'simple') type: string targets: description: The targets the DNS record points to items: type: string type: array type: object type: array group: description: Group displays the group which the dns-operator belongs to, if set. type: string healthCheck: properties: conditions: items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array probes: items: properties: conditions: items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array host: type: string id: type: string ipAddress: type: string synced: type: boolean required: - host - id - ipAddress type: object type: array type: object observedGeneration: description: observedGeneration is the most recently observed generation of the DNSRecord. format: int64 type: integer ownerID: description: ownerID is a unique string used to identify the owner of this record. type: string providerRef: description: ProviderRef is a reference to a provider secret used to publish endpoints. properties: name: type: string required: - name type: object queuedAt: description: QueuedAt is a time when DNS record was received for the reconciliation format: date-time type: string remoteRecordStatuses: additionalProperties: x-kubernetes-preserve-unknown-fields: true description: |- remoteRecordStatuses is a map of cluster IDs and their unique DNSRecordStatus as raw JSON. A CRD can't reference a type within itself so the `apiextensionsv1.JSON` type is used. Use GetRemoteRecordStatuses to get the converted type. type: object validFor: description: ValidFor indicates duration since the last reconciliation we consider data in the record to be valid type: string writeCounter: description: |- WriteCounter represent a number of consecutive write attempts on the same generation of the record. It is being reset to 0 when the generation changes or there are no changes to write. format: int64 type: integer zoneDomainName: description: zoneDomainName is the domain name of the zone that the dns record is publishing endpoints type: string zoneID: description: zoneID is the provider specific id to which this dns record is publishing endpoints type: string type: object type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: DNSRecord listKind: DNSRecordList plural: dnsrecords singular: dnsrecord conditions: - lastTransitionTime: "2026-03-18T16:54:22Z" message: no conflicts found reason: NoConflicts status: "True" type: NamesAccepted - lastTransitionTime: "2026-03-18T16:54:22Z" message: the initial names have been accepted reason: InitialNamesAccepted status: "True" type: Established storedVersions: - v1alpha1