--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: api-approved.openshift.io: https://github.com/openshift/api/pull/2090 api.openshift.io/merged-by-featuregates: "true" include.release.openshift.io/ibm-cloud-managed: "true" include.release.openshift.io/self-managed-high-availability: "true" creationTimestamp: "2025-10-11T10:25:43Z" generation: 1 labels: openshift.io/operator-managed: "" managedFields: - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:api-approved.openshift.io: {} f:api.openshift.io/merged-by-featuregates: {} f:include.release.openshift.io/ibm-cloud-managed: {} f:include.release.openshift.io/self-managed-high-availability: {} f:labels: .: {} f:openshift.io/operator-managed: {} f:ownerReferences: .: {} k:{"uid":"d5f199fe-acec-4610-b505-6d5fa3929e77"}: {} f:spec: f:conversion: .: {} f:strategy: {} f:group: {} f:names: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:scope: {} f:versions: {} manager: cluster-version-operator operation: Update time: "2025-10-11T10:25:43Z" - apiVersion: apiextensions.k8s.io/v1 fieldsType: FieldsV1 fieldsV1: f:status: f:acceptedNames: f:kind: {} f:listKind: {} f:plural: {} f:singular: {} f:conditions: k:{"type":"Established"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} k:{"type":"NamesAccepted"}: .: {} f:lastTransitionTime: {} f:message: {} f:reason: {} f:status: {} f:type: {} manager: kube-apiserver operation: Update subresource: status time: "2025-10-11T10:25:44Z" name: machineosbuilds.machineconfiguration.openshift.io ownerReferences: - apiVersion: config.openshift.io/v1 controller: true kind: ClusterVersion name: version uid: d5f199fe-acec-4610-b505-6d5fa3929e77 resourceVersion: "1879" uid: 41fbb117-eece-41c0-8c08-2ecb01a6c16b spec: conversion: strategy: None group: machineconfiguration.openshift.io names: kind: MachineOSBuild listKind: MachineOSBuildList plural: machineosbuilds singular: machineosbuild scope: Cluster versions: - additionalPrinterColumns: - jsonPath: .status.conditions[?(@.type=="Prepared")].status name: Prepared type: string - jsonPath: .status.conditions[?(@.type=="Building")].status name: Building type: string - jsonPath: .status.conditions[?(@.type=="Succeeded")].status name: Succeeded type: string - jsonPath: .status.conditions[?(@.type=="Interrupted")].status name: Interrupted type: string - jsonPath: .status.conditions[?(@.type=="Failed")].status name: Failed type: string - jsonPath: .metadata.creationTimestamp name: Age type: date name: v1 schema: openAPIV3Schema: description: |- MachineOSBuild describes a build process managed and deployed by the MCO Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: |- spec describes the configuration of the machine os build. It is immutable once set. properties: machineConfig: description: machineConfig points to the rendered MachineConfig resource to be included in this image build. properties: name: description: |- name is the name of the rendered MachineConfig object. This value should be between 10 and 253 characters, and must contain only lowercase alphanumeric characters, hyphens and periods, and should start and end with an alphanumeric character. maxLength: 253 minLength: 10 type: string x-kubernetes-validations: - message: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$') required: - name type: object machineOSConfig: description: machineOSConfig references the MachineOSConfig resource that this image build extends. properties: name: description: |- name of the MachineOSConfig. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. maxLength: 253 minLength: 1 type: string x-kubernetes-validations: - message: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$') required: - name type: object renderedImagePushSpec: description: |- renderedImagePushSpec is set by the Machine Config Operator from the MachineOSConfig object this build is attached to. This field describes the location of the final image, which will be pushed by the build once complete. The format of the image push spec is: host[:port][/namespace]/name: or svc_name.namespace.svc[:port]/repository/name:. The length of the push spec must be between 1 to 447 characters. maxLength: 447 minLength: 1 type: string x-kubernetes-validations: - message: the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme. Or it must be a valid .svc followed by a port, repository, image name, and tag. rule: self.matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?(/[a-zA-Z0-9-_]{1,61})*/[a-zA-Z0-9-_.]+:[a-zA-Z0-9._-]+$') || self.matches('^[^.]+\\.[^.]+\\.svc:\\d+\\/[^\\/]+\\/[^\\/]+:[^\\/]+$') required: - machineConfig - machineOSConfig - renderedImagePushSpec type: object x-kubernetes-validations: - message: machineOSBuildSpec is immutable once set rule: self == oldSelf status: description: status describes the last observed state of this machine os build. properties: buildEnd: description: |- buildEnd is the timestamp corresponding to completion of the builder backend. When omitted the build has either not been started, or is in progress. It will be populated once the build completes, fails or is interrupted. format: date-time type: string x-kubernetes-validations: - message: buildEnd is immutable once set rule: self == oldSelf buildStart: description: buildStart is the timestamp corresponding to the build controller initiating the build backend for this MachineOSBuild. format: date-time type: string x-kubernetes-validations: - message: buildStart is immutable once set rule: self == oldSelf builder: description: builder describes the image builder backend used for this build. properties: imageBuilderType: description: |- imageBuilderType describes the type of image builder used to build this image. Valid values are Job only. When set to Job, a pod based builder, using buildah, is launched to build the specified image. type: string job: description: |- job is a reference to the job object that is managing the image build. This is required if the imageBuilderType is Job, and forbidden otherwise. properties: group: description: |- group of the referent. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. Example: "", "apps", "build.openshift.io", etc. maxLength: 253 type: string x-kubernetes-validations: - message: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$') name: description: |- name of the referent. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. maxLength: 253 minLength: 1 type: string x-kubernetes-validations: - message: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$') namespace: description: |- namespace of the referent. This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, and should start and end with an alphanumeric character. maxLength: 63 minLength: 1 type: string x-kubernetes-validations: - message: the value must consist of only lowercase alphanumeric characters and hyphens rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?$') resource: description: |- resource of the referent. This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, and should start with an alphabetic character and end with an alphanumeric character. Example: "deployments", "deploymentconfigs", "pods", etc. maxLength: 63 minLength: 1 type: string x-kubernetes-validations: - message: a DNS-1035 label must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character rule: self.matches('^[a-z]([-a-z0-9]*[a-z0-9])?$') required: - group - name - resource type: object required: - imageBuilderType type: object x-kubernetes-validations: - message: job is required when imageBuilderType is Job, and forbidden otherwise rule: 'has(self.imageBuilderType) && self.imageBuilderType == ''Job'' ? has(self.job) : !has(self.job)' conditions: description: |- conditions are state related conditions for the build. Valid types are: Prepared, Building, Failed, Interrupted, and Succeeded. Once a Build is marked as Failed, Interrupted or Succeeded, no future conditions can be set. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object maxItems: 8 type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map x-kubernetes-validations: - message: once a Failed condition is set, conditions are immutable rule: 'oldSelf.exists(x, x.type==''Failed'' && x.status==''True'') ? self==oldSelf : true' - message: once an Interrupted condition is set, conditions are immutable rule: 'oldSelf.exists(x, x.type==''Interrupted'' && x.status==''True'') ? self==oldSelf : true' - message: once an Succeeded condition is set, conditions are immutable rule: 'oldSelf.exists(x, x.type==''Succeeded'' && x.status==''True'') ? self==oldSelf : true' digestedImagePushSpec: description: |- digestedImagePushSpec describes the fully qualified push spec produced by this build. The format of the push spec is: host[:port][/namespace]/name@sha256:, where the digest must be 64 characters long, and consist only of lowercase hexadecimal characters, a-f and 0-9. The length of the whole spec must be between 1 to 447 characters. maxLength: 447 minLength: 1 type: string x-kubernetes-validations: - message: the OCI Image reference must end with a valid '@sha256:' suffix, where '' is 64 characters long rule: (self.split('@').size() == 2 && self.split('@')[1].matches('^sha256:[a-f0-9]{64}$')) - message: the OCI Image name should follow the host[:port][/namespace]/name format, resembling a valid URL without the scheme rule: (self.split('@')[0].matches('^([a-zA-Z0-9-]+\\.)+[a-zA-Z0-9-]+(:[0-9]{2,5})?/([a-zA-Z0-9-_]{0,61}/)?[a-zA-Z0-9-_.]*?$')) relatedObjects: description: |- relatedObjects is a list of references to ephemeral objects such as ConfigMaps or Secrets that are meant to be consumed while the build process runs. After a successful build or when this MachineOSBuild is deleted, these ephemeral objects will be removed. In the event of a failed build, the objects will remain until the build is removed to allow for inspection. items: description: ObjectReference contains enough information to let you inspect or modify the referred object. properties: group: description: |- group of the referent. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. Example: "", "apps", "build.openshift.io", etc. maxLength: 253 type: string x-kubernetes-validations: - message: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$') name: description: |- name of the referent. The name must contain only lowercase alphanumeric characters, '-' or '.' and start/end with an alphanumeric character. maxLength: 253 minLength: 1 type: string x-kubernetes-validations: - message: a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character. rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$') namespace: description: |- namespace of the referent. This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, and should start and end with an alphanumeric character. maxLength: 63 minLength: 1 type: string x-kubernetes-validations: - message: the value must consist of only lowercase alphanumeric characters and hyphens rule: self.matches('^[a-z0-9]([-a-z0-9]*[a-z0-9])?$') resource: description: |- resource of the referent. This value should consist of at most 63 characters, and of only lowercase alphanumeric characters and hyphens, and should start with an alphabetic character and end with an alphanumeric character. Example: "deployments", "deploymentconfigs", "pods", etc. maxLength: 63 minLength: 1 type: string x-kubernetes-validations: - message: a DNS-1035 label must consist of lower case alphanumeric characters or '-', start with an alphabetic character, and end with an alphanumeric character rule: self.matches('^[a-z]([-a-z0-9]*[a-z0-9])?$') required: - group - name - resource type: object maxItems: 10 type: array x-kubernetes-list-map-keys: - name - resource x-kubernetes-list-type: map type: object x-kubernetes-validations: - message: buildEnd must be after buildStart rule: 'has(self.buildEnd) ? has(self.buildStart) && timestamp(self.buildStart) < timestamp(self.buildEnd) : true' required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: MachineOSBuild listKind: MachineOSBuildList plural: machineosbuilds singular: machineosbuild conditions: - lastTransitionTime: "2025-10-11T10:25:44Z" message: no conflicts found reason: NoConflicts status: "True" type: NamesAccepted - lastTransitionTime: "2025-10-11T10:25:44Z" message: the initial names have been accepted reason: InitialNamesAccepted status: "True" type: Established storedVersions: - v1