change\n log.\n com.docker.extension.detailed-description: \" Build and run cloud-native\n applications with SUSE's trusted, curated, and continuously updated\n application collection.
This extension helps you\n integrating the Collection into your local development environment\n by:
- Managing the authentication:\n docker, helm and kubernetes credentials are automatically\n configured
- Making apps plug&play: installs the\n workloads with a predefined set of values ready for local\n deployment
- Helping you stay up-to-date: detects\n application updates and helps you through the update\n process
Usage: - Have a target kubernetes cluster configured\n in your context
- Install the\n extension
- Generate an access token and configure the\n authentication
- Start deploying\n workloads
\"\n com.docker.extension.publisher-url: https://apps.rancher.io/\n com.docker.extension.screenshots: '[ {\"alt\":\"Collection\",\n \"url\":\"https://raw.githubusercontent.com/rancherlabs/application-collection-extension/refs/heads/main/assets/01_collection.png\"}, {\"alt\":\"Application\n details\",\n \"url\":\"https://raw.githubusercontent.com/rancherlabs/application-collection-extension/refs/heads/main/assets/02_application-details.png\"}, {\"alt\":\"Chart\n values form\",\n \"url\":\"https://raw.githubusercontent.com/rancherlabs/application-collection-extension/refs/heads/main/assets/03_install-form.png\"}, {\"alt\":\"Workloads\",\n \"url\":\"https://raw.githubusercontent.com/rancherlabs/application-collection-extension/refs/heads/main/assets/04_workloads.png\"}, {\"alt\":\"Workload\n details\",\n \"url\":\"https://raw.githubusercontent.com/rancherlabs/application-collection-extension/refs/heads/main/assets/05_workload-details.png\"} ]'\n com.suse.apps.main-package: nodejs-24\n com.suse.bci.micro.authors: https://github.com/SUSE/bci/discussions\n com.suse.bci.micro.created: 2025-12-11T11:54:43.169877214Z\n com.suse.bci.micro.description: A micro environment for containers based on the\n SUSE Linux Enterprise Base Container Image.\n com.suse.bci.micro.disturl: obs://build.suse.de/SUSE:SLE-15-SP7:Update:CR/containers/a53d17097cf3a907bf42b29b24882459-micro-image\n com.suse.bci.micro.eula: sle-bci\n com.suse.bci.micro.lifecycle-url: https://www.suse.com/lifecycle#suse-linux-enterprise-server-15\n com.suse.bci.micro.name: 15.7-52.6\n com.suse.bci.micro.reference: registry.suse.com/bci/bci-micro:15.7-52.6\n com.suse.bci.micro.release-stage: released\n com.suse.bci.micro.source: https://sources.suse.com/SUSE:SLE-15-SP7:Update:CR/micro-image/a53d17097cf3a907bf42b29b24882459/\n com.suse.bci.micro.supportlevel: l3\n com.suse.bci.micro.title: SLE BCI 15 SP7 Micro\n com.suse.bci.micro.until: 2031-07-31\n com.suse.bci.micro.url: https://www.suse.com/products/base-container-images/\n com.suse.bci.micro.vendor: SUSE LLC\n com.suse.bci.micro.version: 15.7-52.6\n com.suse.eula: \"\"\n com.suse.lifecycle-url: \"\"\n com.suse.release-stage: \"\"\n com.suse.supportlevel: \"\"\n com.suse.supportlevel.until: \"\"\n io.artifacthub.package.logo-url: \"\"\n io.artifacthub.package.readme-url: \"\"\n org.openbuildservice.disturl: obs://build.suse.de/Devel:Orchid:Containers/containers/103eb70d1e78f2fd8ec1baa2fc66d3c2-nodejs-24\n org.opencontainers.image.authors: \"\"\n org.opencontainers.image.base.digest: sha256:7d103f4317c8c7eae4d0126d34c8b7a92769b44764a526a63325f0ca24150092\n org.opencontainers.image.base.name: registry.suse.com/bci/bci-micro:15.7-52.6\n org.opencontainers.image.created: 2025-12-12T14:06:19.962587777Z\n org.opencontainers.image.description: Integrate the Application Collection into your development lifecycle\n org.opencontainers.image.ref.name: 24.12.0-5.27\n org.opencontainers.image.source: \"\"\n org.opencontainers.image.title: SUSE Application Collection\n org.opencontainers.image.url: https://apps.rancher.io/applications/nodejs\n org.opencontainers.image.vendor: SUSE LLC\n org.opencontainers.image.version: 24.12.0\n org.opensuse.reference: registry.suse.com/bci/bci-micro:15.7-52.6\n title: SUSE Application Collection\n logo: https://raw.githubusercontent.com/rancherlabs/application-collection-extension/refs/heads/main/assets/rancher-logo-cow-blue.svg\n publisher: SUSE LLC\n short_description: Integrate the Application Collection into your development lifecycle\n- slug: ghcr.io/rancher-sandbox/rancher-desktop-rdx-ai-workbench\n version: 0.2.0\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: 0.3.4\n com.docker.desktop.extension.icon: https://raw.githubusercontent.com/rancher-sandbox/rancher-desktop-rdx-ai-workbench/refs/tags/v0.2.0/workbench.svg\n com.docker.extension.additional-urls: \"\"\n com.docker.extension.categories: \"\"\n com.docker.extension.changelog: \"\"\n com.docker.extension.detailed-description: \"\"\n com.docker.extension.publisher-url: \"\"\n com.docker.extension.screenshots: \"\"\n org.opencontainers.image.description: AI Workbench extension\n org.opencontainers.image.title: AI Workbench\n org.opencontainers.image.vendor: SUSE LLC\n title: AI Workbench\n logo: https://raw.githubusercontent.com/rancher-sandbox/rancher-desktop-rdx-ai-workbench/refs/tags/v0.2.0/workbench.svg\n publisher: SUSE LLC\n short_description: AI Workbench extension\n- slug: splatform/epinio-docker-desktop\n version: 0.1.3\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.0\"\n com.docker.desktop.extension.icon: https://epinio.io/images/icon-epinio.svg\n com.docker.extension.additional-urls: '[{\"title\":\"Documentation\",\"url\":\"https://docs.epinio.io/\"},{\"title\":\"Issues\",\"url\":\"https://github.com/epinio/epinio/issues\"},{\"title\":\"CLI\",\"url\":\"https://github.com/epinio/epinio/releases\"},{\"title\":\"Slack\",\"url\":\"https://rancher-users.slack.com/?redir=%2Fmessages%2Fepinio\"}]'\n com.docker.extension.detailed-description: The Application Development\n Engine for Kubernetes
Tame your developer workflow to go from Code\n to URL in one step.
Epinio installs into any Kubernetes cluster to\n bring your application from source code to deployment and allow for\n Developers and Operators to work better together!\n com.docker.extension.publisher-url: https://epinio.io\n com.docker.extension.screenshots: '[{\"alt\": \"Epinio after Installation\", \"url\":\n \"https://epinio.io/images/epinio-docker-desktop-screenshot.png\"}]'\n org.opencontainers.image.description: Push from source to Kubernetes in one step\n org.opencontainers.image.title: Epinio\n org.opencontainers.image.vendor: Epinio by Krumware and SUSE\n title: Epinio\n logo: https://epinio.io/images/icon-epinio.svg\n publisher: Epinio by Krumware and SUSE\n short_description: Push from source to Kubernetes in one step\n- slug: julianb90/tachometer\n version: 0.1.1\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: 0.3.4\n com.docker.desktop.extension.icon: https://raw.githubusercontent.com/julian-b90/tachometer/main/speedometer.png\n com.docker.extension.additional-urls: '[{\"title\":\"Issues\",\"url\":\"https://github.com/julian-b90/tachometer/issues\"}]'\n com.docker.extension.categories: development,utility-tools\n com.docker.extension.changelog: \"V 0.1.1
### Changed
- update\n dependencies
- update node to latest LTS 20.17.0
\"\n com.docker.extension.detailed-description: Extension shows real-time cpu and memory usage of containers\n com.docker.extension.publisher-url: https://github.com/julian-b90/tachometer\n com.docker.extension.screenshots: '[{\"alt\":\"tachometer\",\n \"url\":\"https://raw.githubusercontent.com/julian-b90/tachometer/main/screenshot.png\"},\n {\"alt\":\"details view\",\n \"url\":\"https://raw.githubusercontent.com/julian-b90/tachometer/main/screenshot_2.png\"}]'\n org.opencontainers.image.description: Extension shows real-time cpu and memory usage of containers\n org.opencontainers.image.title: Tachometer\n org.opencontainers.image.vendor: julian-b90\n title: Tachometer\n logo: https://raw.githubusercontent.com/julian-b90/tachometer/main/speedometer.png\n publisher: julian-b90\n short_description: Extension shows real-time cpu and memory usage of containers\n- slug: docker/logs-explorer-extension\n version: 0.2.5\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.3\"\n com.docker.desktop.extension.icon: https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/icon.svg\n com.docker.extension.additional-urls: \"[]\"\n com.docker.extension.categories: utility-tools\n com.docker.extension.changelog: \" - Fix missing logs on Windows.
\"\n com.docker.extension.detailed-description: \"Logs Explorer provides deeper\n insight into your logs.
✨ Key\n features
- Multiple filters: You can\n browse logs by status or log type, or you can select individual\n containers.
- Advanced search\n functionality:
- You can search for logs that have\n occurred after a certain amount of time or since a given\n date.
- You can use regular expressions or exact matches when\n you search.
- You can save each search query you enter into the\n search bar to help narrow your search with “sticky” search filters. You\n can save more than one query at a\n time.
- Improved scrolling\n experience: When containers are running, scrolling is locked to\n the bottom by default so you see the latest logs.
\"\n com.docker.extension.publisher-url: https://www.docker.com/\n com.docker.extension.screenshots: '[ {\"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/1-all-containers.png\",\n \"alt\": \"View logs from all the containers\"}, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/2-filters.png\", \"alt\":\n \"View logs matching a filter\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/2-collapsed-filters.png\", \"alt\":\n \"View logs with filter panel collapsed\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/3-expanded-rows.png\", \"alt\":\n \"Expand rows\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/3-log-type-status-filter.png\", \"alt\":\n \"View logs depending on the log type or the container\n status\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/4-since-search-filter.png\", \"alt\":\n \"View logs since a duration\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/5-from-search-filter.png\", \"alt\":\n \"View logs from a time\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/6-tips.png\", \"alt\":\n \"Learn tips to search logs\" }, { \"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/0.2.1/7-all-containers-dark-mode.png\", \"alt\":\n \"Dark mode\" } ]'\n org.opencontainers.image.description: View all your container logs in one place\n so you can debug and troubleshoot faster.\n org.opencontainers.image.revision: 8351516879c55dae0d7324ce49214568307306da\n org.opencontainers.image.source: https://github.com/docker/logs-explorer-extension\n org.opencontainers.image.title: Logs Explorer\n org.opencontainers.image.vendor: Docker Inc.\n title: Logs Explorer\n logo: https://docker-extension-screenshots.s3.amazonaws.com/logs-explorer-extension/icon.svg\n publisher: Docker Inc.\n short_description: View all your container logs in one place so you can debug\n and troubleshoot faster.\n- slug: prakhar1989/dive-in\n version: 0.0.8\n containerd_compatible: false\n labels:\n com.docker.desktop.extension.api.version: 0.3.0\n com.docker.desktop.extension.icon: https://raw.githubusercontent.com/prakhar1989/dive-in/main/scuba.svg\n com.docker.extension.additional-urls: '[{\"title\":\"Documentation\",\"url\":\"https://github.com/prakhar1989/dive-in\"}]'\n com.docker.extension.categories: utility-tools\n com.docker.extension.changelog: First version\n com.docker.extension.detailed-description: Dive In
Explore docker\n images, layer contents, and discover ways to shrink the size of your\n Docker/OCI image.\n com.docker.extension.publisher-url: https://prakhar.me\n com.docker.extension.screenshots: '[{\"alt\":\"main page\",\n \"url\":\"https://github.com/prakhar1989/dive-in/blob/main/screenshots/1.png?raw=true\"},\n {\"alt\":\"start containers\",\n \"url\":\"https://github.com/prakhar1989/dive-in/blob/main/screenshots/2.png?raw=true\"}]'\n org.opencontainers.image.description: Explore docker images, layer contents, and\n discover ways to shrink the size of your Docker/OCI image.\n org.opencontainers.image.title: Dive In\n org.opencontainers.image.vendor: Prakhar Srivastav\n title: Dive In\n logo: https://raw.githubusercontent.com/prakhar1989/dive-in/main/scuba.svg\n publisher: Prakhar Srivastav\n short_description: Explore docker images, layer contents, and discover ways to\n shrink the size of your Docker/OCI image.\n- slug: joycelin79/newman-extension\n version: 0.0.7\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">= 0.0.1\"\n com.docker.desktop.extension.icon: https://voyager.postman.com/icon/icon-newman-docker-orange-postman.svg\n com.docker.extension.additional-urls: '[{\"title\":\"GitHub\n Repository\",\"url\":\"https://github.com/loopDelicious/docker-extension\"},\n {\"title\":\"Feedback and\n issues\",\"url\":\"https://github.com/loopDelicious/docker-extension/issues\"},\n {\"title\":\"Privacy\n Policy\",\"url\":\"https://www.postman.com/legal/privacy-policy\"},{\"title\":\"Terms\n of Service\",\"url\":\"https://www.postman.com/legal/terms\"}]'\n com.docker.extension.changelog: - Added metadata to provide more\n information about the extension.
\n com.docker.extension.detailed-description: Newman
The Postman\n extension uses Newman to run collections on Docker Desktop. View results\n of your API tests in a staging or production environment.
Known\n issues
In some cases, depending on test collections and test\n results, some buttons (expand/collapse folder, copy/paste) might be\n inoperative.
\n com.docker.extension.publisher-url: https://www.postman.com\n com.docker.extension.screenshots: '[{\"alt\":\"View collection run results\",\n \"url\":\"https://user-images.githubusercontent.com/17693714/200926587-cc817844-419d-4a39-abfa-e3b9b43881ea.png\"},\n {\"alt\":\"Add Postman API key\",\n \"url\":\"https://user-images.githubusercontent.com/17693714/200926910-a0fdba8d-02b0-4025-b7d6-95eb556eefa7.png\"},{\"alt\":\"Select\n Postman collection to run\",\n \"url\":\"https://user-images.githubusercontent.com/17693714/200926775-35e8dc5a-6c44-45de-80a8-f80430c81066.png\"}]'\n org.opencontainers.image.description: Run your Postman collections from Docker Desktop.\n org.opencontainers.image.title: Newman\n org.opencontainers.image.vendor: Postman\n title: Newman\n logo: https://voyager.postman.com/icon/icon-newman-docker-orange-postman.svg\n publisher: Postman\n short_description: Run your Postman collections from Docker Desktop.\n- slug: docker/resource-usage-extension\n version: 1.0.3\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: 0.3.0\n com.docker.desktop.extension.icon: https://docker-extension-screenshots.s3.amazonaws.com/resource-usage-extension/icon.svg\n com.docker.extension.additional-urls: \"\"\n com.docker.extension.categories: utility-tools\n com.docker.extension.changelog: Fix style on grid buttons\n com.docker.extension.detailed-description: \"With Resource Usage you\n can:
- Find out which containers or Docker Compose\n projects consume the most resources.
- Monitor the evolution of\n resource usage by containers over time.
- See how much CPU,\n Memory, Network and Disk space your containers are\n using.
\"\n com.docker.extension.publisher-url: https://www.docker.com/\n com.docker.extension.screenshots: '[ {\"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/resource-usage-extension/1-processes.png\", \"alt\":\n \"View all docker containers resources in a table\"}, {\"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/resource-usage-extension/2-graphs.png\", \"alt\":\n \"View containers resource usage as graphs\"} ]'\n org.opencontainers.image.description: Monitor and manage live data stream for running containers.\n org.opencontainers.image.revision: 1.0.3\n org.opencontainers.image.source: https://github.com/docker/resource-usage-extension\n org.opencontainers.image.title: Resource usage\n org.opencontainers.image.vendor: Docker Inc.\n title: Resource usage\n logo: https://docker-extension-screenshots.s3.amazonaws.com/resource-usage-extension/icon.svg\n publisher: Docker Inc.\n short_description: Monitor and manage live data stream for running containers.\n- slug: anchore/docker-desktop-extension\n version: 0.5.1\n containerd_compatible: false\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.3\"\n com.docker.desktop.extension.icon: https://user-images.githubusercontent.com/590471/164125752-b83d973c-f161-4d54-889f-352dee0ec795.svg\n com.docker.extension.additional-urls: '[{\"title\":\"Support\",\"url\":\"https://github.com/anchore/docker-desktop-extension-support\"}]'\n com.docker.extension.screenshots: '[{\"alt\": \"image listing\", \"url\":\n \"https://user-images.githubusercontent.com/590471/164122365-efb150a9-3c97-42d2-bb46-7ba434fc21d2.png\"},{\"alt\":\n \"package listing\", \"url\":\n \"https://user-images.githubusercontent.com/590471/164122366-a7b89526-29c0-498c-b23b-d96667368637.png\"},{\"alt\":\n \"vulnerability listing\", \"url\":\n \"https://user-images.githubusercontent.com/590471/164122368-601d1ee2-a77d-4c0f-a98a-1aa68ea79d2a.png\"}]'\n org.opencontainers.image.description: Content and security analysis for container images\n org.opencontainers.image.title: anchore\n org.opencontainers.image.vendor: Anchore Inc.\n title: anchore\n logo: https://user-images.githubusercontent.com/590471/164125752-b83d973c-f161-4d54-889f-352dee0ec795.svg\n publisher: Anchore Inc.\n short_description: Content and security analysis for container images\n- slug: ignatandrei/blockly-automation\n version: 0.0.7\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.0\"\n com.docker.desktop.extension.icon: https://github.com/ignatandrei/BlocklyAutomation/wiki/imgs/logoBADocker.png\n com.docker.extension.additional-urls: '[{\"title\":\"Main\n Page\",\"url\":\"https://github.com/ignatandrei/BlocklyAutomation/wiki/DockerExtension\"}]'\n com.docker.extension.categories: development,testing-tools\n com.docker.extension.changelog: \n com.docker.extension.detailed-description: Description
You can\n automate pretty much every docker command. Press Execute to see in action\n and LoadBlocks for more examples.
\n com.docker.extension.publisher-url: https://github.com/ignatandrei/blocklyautomation\n com.docker.extension.screenshots: '[{\"alt\":\"Load Demos\",\n \"url\":\"https://raw.githubusercontent.com/wiki/ignatandrei/BlocklyAutomation/imgs/DockerExtension/LoadBlocks.png\"},\n {\"alt\":\"start containers\",\n \"url\":\"https://raw.githubusercontent.com/wiki/ignatandrei/BlocklyAutomation/imgs/DockerExtension/StartContainers.png\"}]'\n org.opencontainers.image.description: A extension that displays lowCode with Blockly for any Docker command\n org.opencontainers.image.title: Blockly Automation\n org.opencontainers.image.vendor: Andrei Ignat\n title: Blockly Automation\n logo: https://github.com/ignatandrei/BlocklyAutomation/wiki/imgs/logoBADocker.png\n publisher: Andrei Ignat\n short_description: A extension that displays lowCode with Blockly for any Docker command\n- slug: docker/disk-usage-extension\n version: 0.2.8\n containerd_compatible: false\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.3\"\n com.docker.desktop.extension.icon: https://docker-extension-screenshots.s3.us-east-1.amazonaws.com/disk-usage-extension/hard-drive.svg\n com.docker.extension.additional-urls: \"[]\"\n com.docker.extension.changelog: - Adding 'Select all' button for\n reclaimable space options.
\n com.docker.extension.detailed-description: \"Disk Usage displays and\n categorizes the disk space used by Docker. It also shows you how much of\n the disk space is reclaimable and provides an easy one-click experience to\n reclaim space.
Who might find it\n useful?
If you need more visibility about how\n much space Docker resources (e.g. images, volumes, etc) are using and how\n much of it is reclaimable.
If you are looking for\n a quick way to clean up disk space used by\n Docker.
How it\n works
You can reclaim the disk space used by Docker by\n removing:
- Stopped containers
- Unused\n images
- Dangling images
- Build\n cache
- Unused volumes
\"\n com.docker.extension.publisher-url: https://www.docker.com/\n com.docker.extension.screenshots: '[ {\"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/disk-usage-extension/1-disk-usage.png\",\n \"alt\": \"Disk usage stats\"}, {\"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/disk-usage-extension/2-reclaim-popup.png\",\n \"alt\": \"Reclaim space popup\"}, {\"url\":\n \"https://docker-extension-screenshots.s3.amazonaws.com/disk-usage-extension/3-space-reclaimed.png\",\n \"alt\": \"Space reclaimed successfully\"} ]'\n org.opencontainers.image.description: Optimize your disk space by removing unused objects from Docker Desktop.\n org.opencontainers.image.revision: 929ff4d90be404fdf4325537286603d6c7c515ae\n org.opencontainers.image.source: https://github.com/docker/disk-usage-extension\n org.opencontainers.image.title: Disk Usage\n org.opencontainers.image.vendor: Docker Inc.\n title: Disk Usage\n logo: https://docker-extension-screenshots.s3.us-east-1.amazonaws.com/disk-usage-extension/hard-drive.svg\n publisher: Docker Inc.\n short_description: Optimize your disk space by removing unused objects from Docker Desktop.\n- slug: harpooncorp/harpoon-ext\n version: 0.0.6\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">=0.2.3\"\n com.docker.desktop.extension.icon: https://docker-desktop-screenshots.s3.us-west-2.amazonaws.com/harpoon_logo_white_whale_transparent.png\n com.docker.extension.additional-urls: '[{\"title\":\"Documentation\",\"url\":\"https://docs.harpoon.io/en/latest/introduction.html\"},\n {\"title\":\"Features\",\"url\":\"https://docs.harpoon.io/en/latest/features.html\"},\n {\"title\":\"Support\",\"url\":\"https://www.harpoon.io/contact\"}, {\"title\":\"Book\n Demo\",\"url\":\"https://www.harpoon.io/demo\"}]'\n com.docker.extension.categories: kubernetes\n com.docker.extension.changelog: \"\"\n com.docker.extension.detailed-description: harpoon is a drag and drop Kubernetes\n tool for deploying any software in seconds. Our visual Kubernetes\n interface enables anyone to deploy production-grade software with no code.\n Whether you're new to Kubernetes and are looking for the best way to learn\n or a seasoned pro, harpoon has all the features you need to be successful\n in deploying and configuring your software using the industry-leading\n container orchestrator, all with no code.\n com.docker.extension.publisher-url: https://harpoon.io\n com.docker.extension.screenshots: '[{\"alt\":\"harpoon project page dark mode\",\n \"url\":\"https://docker-desktop-screenshots.s3.us-west-2.amazonaws.com/project-dark.png\"},\n {\"alt\":\"harpoon project page light mode\",\n \"url\":\"https://docker-desktop-screenshots.s3.us-west-2.amazonaws.com/project-light.png\"},\n {\"alt\":\"harpoon home page dark mode\",\n \"url\":\"https://docker-desktop-screenshots.s3.us-west-2.amazonaws.com/home-dark.png\"},\n {\"alt\":\"harpoon home page light mode\",\n \"url\":\"https://docker-desktop-screenshots.s3.us-west-2.amazonaws.com/home-light.png\"}]'\n org.opencontainers.image.description: Docker Extension for the No Code Kubernetes platform\n org.opencontainers.image.title: harpoon\n org.opencontainers.image.vendor: harpoon Corp\n title: harpoon\n logo: https://docker-desktop-screenshots.s3.us-west-2.amazonaws.com/harpoon_logo_white_whale_transparent.png\n publisher: harpoon Corp\n short_description: Docker Extension for the No Code Kubernetes platform\n- slug: vklokun/docker-desktop-extension\n version: 0.1.1\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.3\"\n com.docker.desktop.extension.icon: https://raw.githubusercontent.com/cncf/artwork/ec3936fa0256c768b538247d20f130d293a9faed/projects/kubescape/stacked/color/kubescape-stacked-color.svg\n com.docker.extension.account-info: required\n com.docker.extension.additional-urls: \"\"\n com.docker.extension.categories: kubernetes,security\n com.docker.extension.changelog: Extension changelog
- Support access\n key required by ARMO platform
- Update Kubescape helm chart\n name
\n com.docker.extension.detailed-description: Kubescape Extension for Docker\n Desktop
Kubescape helps harden your Kubernetes cluster by\n providing insight into your cluster's security posture. Some of the\n features that help you achieve this are - regular configuration and image\n scans, visualizing your RBAC rules and suggesting automatic fixes where\n applicable.
The Kubescape Extension for Docker Desktop works by\n installing the Kubescape in-cluster components, connecting them to ARMO\n Platform and providing insights into the Kubernetes cluster deployed by\n Docker Desktop via the dashboard on ARMO Platform.\n com.docker.extension.publisher-url: https://cloud.armosec.io/\n com.docker.extension.screenshots: '[ { \"alt\": \"Kubescape Extension for Docker\n Desktop, Select Provider screen\", \"url\":\n \"https://raw.githubusercontent.com/kubescape/docker-desktop-extension/main/docs/screenshots/dark-01.png\"\n }, { \"alt\": \"Kubescape Extension for Docker Desktop, Sign Up screen\",\n \"url\":\n \"https://raw.githubusercontent.com/kubescape/docker-desktop-extension/main/docs/screenshots/dark-02.png\"\n }, { \"alt\": \"Kubescape Extension for Docker Desktop, Secure Your Cluster\n screen\", \"url\":\n \"https://raw.githubusercontent.com/kubescape/docker-desktop-extension/main/docs/screenshots/dark-03.png\"\n }, { \"alt\": \"Kubescape Extension for Docker Desktop, Cluster Secured\n screen\", \"url\":\n \"https://raw.githubusercontent.com/kubescape/docker-desktop-extension/main/docs/screenshots/dark-04.png\"\n }, { \"alt\": \"Kubescape Extension for Docker Desktop, Monitor screen\",\n \"url\":\n \"https://raw.githubusercontent.com/kubescape/docker-desktop-extension/main/docs/screenshots/dark-05.png\"\n } ]'\n org.opencontainers.image.description: Secure your Kubernetes cluster and gain\n insight into your cluster’s security posture via an easy-to-use online\n dashboard.\n org.opencontainers.image.licenses: Apache-2.0\n org.opencontainers.image.title: Kubescape\n org.opencontainers.image.vendor: ARMO\n title: Kubescape\n logo: https://raw.githubusercontent.com/cncf/artwork/ec3936fa0256c768b538247d20f130d293a9faed/projects/kubescape/stacked/color/kubescape-stacked-color.svg\n publisher: ARMO\n short_description: Secure your Kubernetes cluster and gain insight into your\n cluster’s security posture via an easy-to-use online dashboard.\n- slug: caretdev/intersystems-extension\n version: 0.1.7\n containerd_compatible: true\n labels:\n com.docker.desktop.extension.api.version: \">= 0.2.3\"\n com.docker.desktop.extension.icon: https://raw.githubusercontent.com/caretdev/docker-intersystems-extension/main/intersystems.svg\n com.docker.extension.additional-urls: '[{\"title\":\"InterSystems\",\"url\":\"https://intersystems.com/\"},{\"title\":\"Support\",\"url\":\"https://github.com/caretdev/docker-intersystems-extension/issues\"},{\"title\":\"Discord\",\"url\":\"https://discord.gg/Bt5DUwJhdt\"}]'\n com.docker.extension.categories: image-registry\n com.docker.extension.changelog: \"\"\n com.docker.extension.detailed-description: '
InterSystems Container Registry
\n This provides a new distribution channel for customers to access\n container-based releases and previews. All Community Edition images are\n available in a public repository with no login required. All full released\n images (IRIS, IRIS for Health, Health Connect, System Alerting and\n Monitoring, InterSystems Cloud Manager) and utility images (such\n as arbiter, Web Gateway, and PasswordHash) require a login token,\n generated from your WRC (Worldwide Response Center) account credentials.\n
Why do I need this Extension
This extension provides\n integrated UI for InterSystems Container Registry, so, you can easily\n follow any updates, and quickly find and pull any images available on\n Container Registry there.
Features available
- Observe\n the list of available public images
- Observe the list of\n available private images for users with access to WRC
- Easy\n pulling images
- Delete local images
- Copy image name\n with tag
- OS Support
- Windows\n x86-64
- Linux x86-64 and ARM64
- macOS x86-64\n and ARM64
- Filter images by name and\n tag
- Filter for ARM64 images
How to\n use
It is already usable right after installation. And all\n public images are already available. The list of images is cached, and it\n is possible to refresh the list manually.
To get access to\n private images with your WRC account, you have to go to https://containers.intersystems.com\n login there, and using provided token login in docker. docker\n login -u=\"wrc_username\" -p=\"your_token\"\n containers.intersystems.com
After successful login, return to\n the extension and press the Refresh button in the top right corner.
\n Additionally
InterSystems Developer Community
\n InterSystems Developer Community is a global network of highly\n experienced technology experts, influencers, and thought leaders who\n have expertise in InterSystems technologies. It’s a multilingual platform\n both for InterSystems employees, customers and partners.
'\n com.docker.extension.publisher-url: https://github.com/caretdev/docker-intersystems-extension\n com.docker.extension.screenshots: '[{\"url\":\"https://raw.githubusercontent.com/caretdev/docker-intersystems-extension/main/img/screenshot1.png\",\"alt\":\"Community\n images\"},{\"url\":\"https://raw.githubusercontent.com/caretdev/docker-intersystems-extension/main/img/screenshot2.png\",\"alt\":\"Community\n ARM64 images\"}]'\n org.opencontainers.image.description: Convenient way to access InterSystems\n Container Registry, public and private images of such products as IRIS and\n IRIS for Health and many others in one place.\n org.opencontainers.image.title: InterSystems\n org.opencontainers.image.vendor: CaretDev Corp.\n title: InterSystems\n logo: https://raw.githubusercontent.com/caretdev/docker-intersystems-extension/main/intersystems.svg\n publisher: CaretDev Corp.\n short_description: Convenient way to access InterSystems Container Registry,\n public and private images of such products as IRIS and IRIS for Health and\n many others in one place.\n"
},
{
"path": "pkg/rancher-desktop/assets/lima-config.yaml",
"content": "# Default Lima configuration; parts will be overridden in code.\n\n# Rancher Desktop ships with a patched QEMU that supports the Apple M4 CPU\n# So override Lima 1.0.3 falling back to cortex-a72.\ncpuType:\n aarch64: host\n\nssh:\n loadDotSSHPubKeys: false\nfirmware:\n legacyBIOS: false\ncontainerd:\n system: false\n user: false\n# Provisioning scripts run on every boot, not just initial VM provisioning.\nprovision:\n- # When the ISO image is updated, only preserve selected data from /etc but otherwise use the new files.\n # Update files in /usr/local on the data volume from the new versions on the ISO.\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n mkdir -p /bootfs\n mount --bind / /bootfs\n # /bootfs/etc is empty on first boot because it has been moved to /mnt/data/etc by lima\n if [ -f /bootfs/etc/os-release ]; then\n # Alpine turned /etc/os-release into a symlink; we dereference it again. If we still have a symlink\n # here, then this is an upgrade from an older version and needs to go through the migration.\n if [ -L /etc/os-release ] || ! diff -q /etc/os-release /bootfs/etc/os-release; then\n # When we are upgrading from an ISO we will install new packages during boot.\n # But Lima will restore the old /etc/apk/world file and run `apk fix --no-network`\n # to restore packages from cache that were installed manually. This will however\n # uninstall all packages again that were not previously installed because they are\n # not listed in the old world file. We need to install them once more from the\n # boot media to update the world file.\n # We are not bothering with uninstalling packages that are not part of the new release.\n apk add --no-network --keys-dir /bootfs/etc/apk/keys --repositories-file /bootfs/etc/apk/repositories \\\n $(cat /bootfs/etc/apk/world)\n\n # Using a temp file just in case dereferencing a symlink onto itself has a race condition.\n cp -L /etc/os-release /etc/os-release.tmp\n mv /etc/os-release.tmp /etc/os-release\n\n cp /etc/machine-id /bootfs/etc\n cp /etc/ssh/ssh_host* /bootfs/etc/ssh/\n mkdir -p /etc/docker /etc/rancher\n cp -pr /etc/docker /bootfs/etc\n cp -pr /etc/rancher /bootfs/etc\n\n rm -rf /mnt/data/etc.prev\n mkdir /mnt/data/etc.prev\n mv /etc/* /mnt/data/etc.prev\n cp -L /bootfs/etc/os-release /tmp/os-release\n mv /bootfs/etc/* /etc\n mv /tmp/os-release /etc\n\n # install updated files from /usr/local, e.g. nerdctl, buildkit, cni plugins\n cp -pr /bootfs/usr/local /usr\n\n # Keep the lima-init.log around for debugging \n cp /var/log/lima-init.log /mnt/data/lima-init-upgrade.log\n\n # lima has applied changes while the \"old\" /etc was in place; restart to apply them to the updated one.\n reboot\n fi\n fi\n umount /bootfs\n rmdir /bootfs\n- # make sure we booted with the right cgroup mode; k3s versions before 1.20.4 only support cgroup v1\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n RC_CGROUP_MODE=unified\n if ! grep -q -E \"^#?rc_cgroup_mode=\\\"$RC_CGROUP_MODE\\\"\" /etc/rc.conf; then\n sed -i -E \"s/^#?rc_cgroup_mode=\\\".*\\\"/rc_cgroup_mode=\\\"$RC_CGROUP_MODE\\\"/\" /etc/rc.conf\n # avoid reboot loop if sed failed for any reason\n if grep -q -E \"^rc_cgroup_mode=\\\"$RC_CGROUP_MODE\\\"\" /etc/rc.conf; then\n reboot\n fi\n fi\n- # return unused space from the data volume back to the host\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n fstrim /mnt/data\n- # allow more than 10 sessions over the master control path\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n sed -i -E 's/^#?MaxSessions +[0-9]+/MaxSessions 25/g' /etc/ssh/sshd_config\n rc-service --ifstarted sshd reload\n- # Persist /root directory on data volume\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n if ! [ -d /mnt/data/root ]; then\n mkdir -p /root\n mv /root /mnt/data/root\n fi\n mkdir -p /root\n mount --bind /mnt/data/root /root\n- # Create /etc/docker/certs.d symlink\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n mkdir -p /etc/docker\n\n # Delete certs.d if it is a symlink (from previous boot).\n [ -L /etc/docker/certs.d ] && rm /etc/docker/certs.d\n\n # Create symlink if certs.d doesn't exist (user may have created a regular directory).\n if [ ! -e /etc/docker/certs.d ]; then\n # We don't know if the host is Linux or macOS, so we take a guess based on which mountpoint exists.\n if [ -d \"/Users/{{.User}}\" ]; then\n ln -s \"/Users/{{.User}}/.docker/certs.d\" /etc/docker\n elif [ -d \"/home/{{.User}}\" ]; then\n ln -s \"/home/{{.User}}/.docker/certs.d\" /etc/docker\n fi\n fi\n- # Make sure hostname doesn't change during upgrade from earlier versions\n mode: system\n script: |\n #!/bin/sh\n hostname lima-rancher-desktop\n- # Clean up filesystems\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n # During boot is the only safe time to delete old k3s versions.\n rm -rf /var/lib/rancher/k3s/data\n # Delete all tmp files older than 3 days.\n find /tmp -depth -mtime +3 -delete\n- # Make mount-points shared.\n mode: system\n script: |\n #!/bin/sh\n set -o errexit -o nounset -o xtrace\n for dir in / /etc /tmp /var/lib; do\n mount --make-shared \"${dir}\"\n done\n- # This sets up cron (used for logrotate)\n mode: system\n script: |\n #!/bin/sh\n # Move logrotate to hourly, because busybox crond only handles time jumps up\n # to one hour; this ensures that if the machine is suspended over long\n # periods, things will still happen often enough. This is idempotent.\n mv -n /etc/periodic/daily/logrotate /etc/periodic/hourly/\n rc-update add crond default\n rc-service crond start\n- # Ensure the user is in the docker group to access the docker socket\n mode: system\n script: |\n set -o errexit -o nounset -o xtrace\n usermod --append --groups docker \"{{.User}}\"\n- # Install mkcert and prepare default/fallback cert for localhost\n mode: system\n script: |\n export CAROOT=/run/mkcert\n mkdir -p $CAROOT\n cd $CAROOT\n # Remove old mkcert certificates\n rm -f /usr/local/share/ca-certificates/mkcert_development_CA_*.crt\n mkcert -install\n mkcert localhost\n chown -R nobody:nobody $CAROOT\n- # Configure HTTPS_PROXY to OpenResty\n mode: system\n script: |\n set -o errexit -o nounset -o xtrace\n\n # openresty is backgrounding itself (and writes its own pid file)\n sed -i 's/^command_background/#command_background/' /etc/init.d/rd-openresty\n\n # configure proxy only when allowed-images exists\n allowed_images_conf=/usr/local/openresty/nginx/conf/allowed-images.conf\n # Remove the reference to an obsolete image conf filename\n obsolete_image_allow_list_conf=/usr/local/openresty/nginx/conf/image-allow-list.conf\n setproxy=\"[ -f $allowed_images_conf ] && supervise_daemon_args=\\\"-e HTTPS_PROXY=http://127.0.0.1:3128 \\${supervise_daemon_args:-}\\\" || true\"\n for svc in containerd docker; do\n sed -i \"\\#-f $allowed_images_conf#d\" /etc/init.d/$svc\n sed -i \"\\#-f $obsolete_image_allow_list_conf#d\" /etc/init.d/$svc\n echo \"$setproxy\" >> /etc/init.d/$svc\n done\n\n # Make sure openresty log directory exists\n install -d -m755 /var/log/openresty\n- # mount bpffs to allow containers to leverage bpf, and make both bpffs and\n # cgroupfs shared mounts so the pods can mount them correctly\n mode: system\n script: |\n #!/bin/sh\n set -o errexit\n\n mount bpffs -t bpf /sys/fs/bpf\n mount --make-shared /sys/fs/bpf\n mount --make-shared /sys/fs/cgroup\n- # we run trivy as root now; remove any cached databases installed into the user directory by previous version\n # trivy.db is 600M and trivy-java.db is 1.1G\n mode: user\n script: |\n rm -rf \"${HOME}/.cache/trivy\"\nportForwards:\n- guestPortRange: [1, 65535]\n guestIPMustBeZero: true\n hostIP: \"0.0.0.0\"\n proto: any\n"
},
{
"path": "pkg/rancher-desktop/assets/networks-config.yaml",
"content": "# Path to socket_vmnet executable. Because socket_vmnet is invoked via sudo, it\n# must be installed where only root can modify/replace it. This means also none\n# of the parent directories should be writable by the user.\n#\n# The varRun directory also must not be writable by the user because it will\n# include the socket_vmnet pid file. socket_vmnet will be terminated via\n# sudo, so replacing the pid file would allow killing of arbitrary privileged\n# processes. varRun however MUST be writable by the daemon user.\n#\n# None of the paths segments may be symlinks, which is why it has to be /private/var\n# instead of /var etc.\npaths:\n socketVMNet: /opt/rancher-desktop/bin/socket_vmnet\n varRun: /private/var/run\n sudoers: /private/etc/sudoers.d/zzzzz-rancher-desktop-lima\ngroup: everyone\nnetworks:\n rancher-desktop-shared:\n mode: shared\n gateway: 192.168.205.1\n dhcpEnd: 192.168.205.254\n netmask: 255.255.255.0\n host:\n mode: host\n gateway: 192.168.206.1\n dhcpEnd: 192.168.206.254\n netmask: 255.255.255.0\n # We will add bridged-en0 etc. networks, one for each host interface.\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/10-flannel.conflist",
"content": "{\n \"name\":\"cbr0\",\n \"cniVersion\":\"0.3.1\",\n \"plugins\":[\n {\n \"type\":\"flannel\",\n \"delegate\":{\n \"hairpinMode\":true,\n \"forceAddress\":true,\n \"isDefaultGateway\":true\n }\n },\n {\n \"type\":\"portmap\",\n \"capabilities\":{\n \"portMappings\":true\n }\n }\n ]\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/buildkit.confd",
"content": "# config file for /etc/init.d/buildkit\n\n# overrides the main command executed by the supervise daemon\nbuildkitd_command=\"/usr/local/bin/buildkitd\"\n\n# any other options you want to pass to buildkitd_command\nbuildkitd_opts=\"--addr=unix:///run/buildkit/buildkitd.sock --containerd-worker=true --containerd-worker-addr=/run/k3s/containerd/containerd.sock --containerd-worker-gc --oci-worker=false\"\n\n# Settings for process limits (ulimit)\n#ulimit_opts=\"-c unlimited -n 1048576 -u unlimited\"\n\n# seconds to wait for sending SIGTERM and SIGKILL signals when stopping buildkitd\n#signal_retry=\"TERM/60/KILL/10\"\n\n# where buildkit stdout (and perhaps stderr) goes.\n#log_file=\"/var/log/buildkit.log\"\n\n# where buildkit stderr optionally goes.\n# if this is not set, the value in 'logfile' is used\n#err_file=\"/var/log/buildkit-err.log\"\n\n# mode of the log files\n#log_mode=0644\n\n# user that owns the log files (no group root on WSL)\nlog_owner=root\n\n# to override the default supervise_daemon_args\n#supervise_daemon_opts=\"\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/buildkit.initd",
"content": "#!/sbin/openrc-run\nsupervisor=supervise-daemon\n\nname=\"BuildKit Daemon\"\ndescription=\"Standalone buildkitd\"\n\ncommand=\"${buildkitd_command:-/usr/bin/buildkitd}\"\ncommand_args=\"${buildkitd_opts:---oci-worker=false --containerd-worker=true}\"\nrc_ulimit=\"${ulimit_opts:--c unlimited -n 1048576 -u unlimited}\"\nretry=\"${signal_retry:-TERM/60/KILL/10}\"\n\nlog_file=\"${log_file:-/var/log/${RC_SVCNAME}.log}\"\nerr_file=\"${err_file:-${log_file}}\"\nlog_mode=\"${log_mode:-0644}\"\nlog_owner=\"${log_owner:-root}\"\n\nsupervise_daemon_args=\"${supervise_daemon_opts:---stderr \\\"${err_file}\\\" --stdout \\\"${log_file}\\\"}\"\n\nstart_pre() {\n\tcheckpath -f -m \"$log_mode\" -o \"$log_owner\" \"$log_file\" \"$err_file\"\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/cert-manager.yaml",
"content": "---\napiVersion: v1\nkind: Namespace\nmetadata:\n name: cert-manager\n---\napiVersion: helm.cattle.io/v1\nkind: HelmChart\nmetadata:\n name: cert-manager\n namespace: kube-system\nspec:\n chart: \"https://%{KUBERNETES_API}%/static/rancher-desktop/cert-manager.tgz\"\n targetNamespace: cert-manager\n # Old versions of the helm-controller don't support createNamespace, so we\n # created the namespace ourselves.\n createNamespace: false\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/configure-allowed-images",
"content": "#!/bin/sh\n\n# This script configures the VM for the allowed-images feature.\n\n# shellcheck shell=ash\n\nset -o errexit -o nounset\n\n# Create nobody user and group for nginx.\naddgroup -S -g 65534 nobody 2>/dev/null || true\nadduser -S -D -H -h /dev/null -s /sbin/nologin -u 65534 -G nobody -g nobody nobody 2>/dev/null || true\n\n# Install mkcert and create default certs for localhost.\nexport CAROOT=/run/mkcert\nmkdir -p $CAROOT\ncd $CAROOT\n# Remove old mkcert certificates\nrm -f /usr/local/share/ca-certificates/mkcert_development_CA_*.crt\nmkcert -install\nmkcert localhost\nchown -R nobody:nobody $CAROOT\n\n# configure proxy only when allowed-images exists\nallowed_images_conf=/usr/local/openresty/nginx/conf/allowed-images.conf\nsetproxy=\"[ -f $allowed_images_conf ] && supervise_daemon_args=\\\"-e HTTPS_PROXY=http://127.0.0.1:3128 \\${supervise_daemon_args:-}\\\" || true\"\nsed -i \"\\#-f $allowed_images_conf#d\" /etc/init.d/containerd\necho \"$setproxy\" >> /etc/init.d/containerd\n\n# openresty is backgrounding itself (and writes its own pid file)\nsed -i 's/^command_background/#command_background/' /etc/init.d/rd-openresty\n\n# Make sure openresty log directory exists\ninstall -d -m755 /var/log/openresty\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/docker-credential-rancher-desktop",
"content": "#!/bin/sh\n\nset -eu\n\nsource /etc/rancher/desktop/credfwd\n\nDATA=\"@-\"\n# The \"list\" command doesn't have a payload on STDIN\n[ \"$1\" = \"list\" ] && DATA=\"\"\n\n# $CREDFWD_CURL_OPTS is intentionally *not* quoted\nexec curl --silent --user \"$CREDFWD_AUTH\" --data \"$DATA\" --noproxy '*' --fail-with-body ${CREDFWD_CURL_OPTS:-} \"$CREDFWD_URL/$1\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/install-containerd-shims",
"content": "#!/bin/sh\n\nset -o errexit -o nounset -o pipefail\n\ndest=/usr/local/containerd-shims\n\n# Copy all shims into the data volume so they become part of snapshots.\n# TODO Maybe use rsync to avoid copying files repeatedly?\nmkdir -p \"$dest\"\nfor dir in \"$@\"; do\n if [[ \"$(uname -a)\" =~ microsoft ]]; then\n dir=$(wslpath -a -u \"$dir\")\n fi\n cp \"${dir}/containerd-shim-\"* \"$dest\" || :\ndone\n\n# Make sure all shims are executable.\nfor file in \"${dest}/\"*; do\n if [ -e \"$file\" ]; then\n chmod 755 \"$file\"\n fi\ndone\n\n# Create symlinks to each shim into /usr/local/bin.\n# In the future this will enable us putting only shims from an allow list on the PATH.\nfind /usr/local/bin -type l -name 'containerd-shim-*' -delete\nfind \"$dest\" -type f -exec ln -sf {} /usr/local/bin \\;\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/install-k3s",
"content": "#!/bin/sh\n\nset -o errexit -o nounset -o pipefail\n\nif [ -n \"${XTRACE:-}\" ]; then\n set -o xtrace\nfi\n\nVERSION=\"${1}\"\nCACHE_DIR=\"${CACHE_DIR:-${2}}\"\n\n# Update symlinks for k3s and images to new version\nK3S_DIR=\"${CACHE_DIR}/${VERSION}\"\nif [ ! -d \"${K3S_DIR}\" ]; then\n echo \"Directory ${K3S_DIR} does not exist\"\n exit 1\nfi\n\n# Make sure any outdated kubeconfig file is gone\nmkdir -p /etc/rancher/k3s\nrm -f /etc/rancher/k3s/k3s.yaml\n\nK3S=k3s\nARCH=amd64\nif [ \"$(uname -m)\" = \"aarch64\" ]; then\n K3S=k3s-arm64\n ARCH=arm64\nfi\n\n# Add images\nIMAGES=\"/var/lib/rancher/k3s/agent/images\"\nmkdir -p \"${IMAGES}\"\nIMAGEPATH=\"${K3S_DIR}/k3s-airgap-images-${ARCH}\"\nif [ -f \"${IMAGEPATH}.tar.zst\" ]; then\n ln -s -f \"${IMAGEPATH}.tar.zst\" \"${IMAGES}\"\nfi\nif [ -f \"${IMAGEPATH}.tar\" ]; then\n ln -s -f \"${IMAGEPATH}.tar\" \"${IMAGES}\"\nfi\n# Add k3s binary\nln -s -f \"${K3S_DIR}/${K3S}\" /usr/local/bin/k3s\n# The file system may be readonly (on macOS)\nchmod a+x \"${K3S_DIR}/${K3S}\" || true\n\n# Make sure any old manifests are removed before configuring k3s again.\n# All Rancher Desktop manifest have a name like z123-foo-bar, so only delete\n# those. That way provisioning scripts can still create other manifests.\n# We need to create the directory before we run `k3s server ...` because\n# we install additional manifests that k3s will install during startup.\nMANIFESTS=/var/lib/rancher/k3s/server/manifests\nrm -rf \"${MANIFESTS}/z\"[0-9]*\nmkdir -p \"$MANIFESTS\"\n\nSTATIC=/var/lib/rancher/k3s/server/static/rancher-desktop\nrm -rf \"$STATIC\"\nmkdir -p \"$STATIC\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/install-wsl-helpers",
"content": "#!/bin/sh\n\n# This script installs WSL helpers into the shared WSL mount at `/mnt/wsl`.\n# Usage: $0 \n\n# shellcheck shell=ash\n\nset -o errexit -o nounset\n\n# The nerdctl shim must be setuid root to be able to create bind mounts within\n# /mnt/wsl so that nerdctl can see it.\nmkdir -p \"/mnt/wsl/rancher-desktop/bin/\"\ncp \"${1}\" \"/mnt/wsl/rancher-desktop/bin/nerdctl\"\nchmod u+s \"/mnt/wsl/rancher-desktop/bin/nerdctl\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/k3s-containerd-config.toml",
"content": "version = 2\n\nroot = \"/var/lib/rancher/k3s/agent/containerd\"\nstate = \"/run/k3s/containerd\"\n\n[grpc]\n address = \"/run/k3s/containerd/containerd.sock\"\n\n[plugins.\"io.containerd.internal.v1.opt\"]\n path = \"/var/lib/rancher/k3s/agent/containerd\"\n\n[plugins.\"io.containerd.grpc.v1.cri\"]\n stream_server_address = \"127.0.0.1\"\n stream_server_port = \"10010\"\n enable_selinux = false\n enable_unprivileged_ports = true\n enable_unprivileged_icmp = true\n sandbox_image = \"rancher/mirrored-pause:3.6\"\n\n[plugins.\"io.containerd.grpc.v1.cri\".containerd]\n snapshotter = \"overlayfs\"\n disable_snapshot_annotations = true\n\n[plugins.\"io.containerd.grpc.v1.cri\".cni]\n bin_dir = \"/usr/libexec/cni\"\n conf_dir = \"/etc/cni/net.d\"\n\n[plugins.\"io.containerd.grpc.v1.cri\".containerd.runtimes.runc]\n runtime_type = \"io.containerd.runc.v2\"\n\n[plugins.\"io.containerd.grpc.v1.cri\".containerd.runtimes.runc.options]\n SystemdCgroup = false\n\n[plugins.\"io.containerd.grpc.v1.cri\".registry]\n config_path = \"/var/lib/rancher/k3s/agent/etc/containerd/certs.d\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/logrotate-k3s",
"content": "/var/log/k3s.log {\n missingok\n notifempty\n copytruncate\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/logrotate-lima-guestagent",
"content": "/var/log/lima-guestagent.log {\n missingok\n notifempty\n copytruncate\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/logrotate-openresty",
"content": "/var/log/openresty/*.log {\n\tmissingok\n\tsharedscripts\n\tpostrotate\n\t\t/etc/init.d/rd-openresty --quiet --ifstarted reopen\n\tendscript\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/moproxy.initd",
"content": "#!/sbin/openrc-run\n\nname=moproxy\n\ndescription=\"A transparent TCP to SOCKSv5/HTTP proxy.\"\n\nextra_started_commands=\"enable disable reload\"\ndescription_enable=\"Start redirecting the network traffic to the HTTP proxy.\"\ndescription_disable=\"Stop redirecting the network traffic to the HTTP proxy.\"\ndescription_reload=\"Reload the proxy list.\"\n\n# TCP Listen address\n: ${host:=${MOPROXY_HOST:-\"::\"}}\n# TCP Listen port\n: ${port:=${MOPROXY_PORT:-\"2080\"}}\n# List of backend proxy servers\n: ${proxy_list:=${MOPROXY_PROXYLIST:-\"/etc/moproxy/proxy.ini\"}}\n# Additional arguments to pass to moproxy\n: ${moproxy_args:=${MOPROXY_ARGS:-\"\"}}\n# Override this argument to disable the use of TLS SNI\n: ${moproxy_remotedns:=${MOPROXY_REMOTE_DNS:-\"--remote-dns\"}}\n# Comma-separated list of port traffic to redirect to moproxy\n: ${ports_redirected:=${MOPROXY_REDIRECTED_PORT:-\"80,443\"}}\n# Comma-separated list of hostname to not redirect to the proxy\n: ${noproxy_rules:=${MOPROXY_NOPROXY:-\"0.0.0.0/8,10.0.0.0/8,127.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16,224.0.0.0/4,240.0.0.0/4\"}}\n\ncommand=\"'${MOPROXY_BINARY:-/usr/sbin/moproxy}'\"\ncommand_args=\"--host ${host} --port ${port} ${moproxy_remotedns} --list ${proxy_list} ${moproxy_args}\"\ncommand_background=\"yes\"\npidfile=\"/run/${name}.pid\"\n\nMOPROXY_LOGFILE=\"${MOPROXY_LOGFILE:-${LOG_DIR:-/var/log}/${RC_SVCNAME}.log}\"\noutput_log=\"'${MOPROXY_LOGFILE}'\"\nerror_log=\"'${MOPROXY_LOGFILE}'\"\n\niptables_redirect_to_moproxy_chain() {\n\tiptables --table nat --$1 $2 --protocol tcp --match multiport --dports \"${ports_redirected}\" --jump MOPROXY\n}\n\niptables_redirect() {\n\tiptables --table nat --append MOPROXY --protocol tcp --jump REDIRECT --to-port \"${port}\"\n}\n\niptables_accept() {\n\tiptables --table nat --append MOPROXY --protocol tcp --destination \"$1\" --jump ACCEPT\n}\n\nadd_noproxy_rules() {\n\tfor i in ${noproxy_rules//,/ }\n\tdo\n\t\tiptables_accept \"$i\"\n\tdone\n}\n\nenable_redirection_to_moproxy_chain() {\n\tif ! iptables_redirect_to_moproxy_chain check $1 &> /dev/null\n\tthen\n\t\tiptables_redirect_to_moproxy_chain append $1\n\telse\n\t\teinfo \"Rule already in table\"\n\tfi\n}\n\ndisable_redirection_to_moproxy_chain() {\n\twhile iptables_redirect_to_moproxy_chain check $1 &> /dev/null\n\tdo\n\t\tiptables_redirect_to_moproxy_chain delete $1\n\tdone\n}\n\ncreate_moproxy_chain() {\n\tiptables --table nat --new MOPROXY\n}\n\ndelete_moproxy_chain() {\n\tiptables --table nat --flush MOPROXY\n\tiptables --table nat --delete-chain MOPROXY\n}\n\ndepend() {\n\tafter iptables ip6tables\n}\n\nenable() {\n\teinfo \"Starting the iptables rules to start redirection of ports ${ports_redirected} to ${name}\"\n\tcreate_moproxy_chain\n\tadd_noproxy_rules\n\tiptables_redirect\n\tenable_redirection_to_moproxy_chain OUTPUT\n\tenable_redirection_to_moproxy_chain PREROUTING\n}\n\ndisable() {\n\teinfo \"Removing all the iptables rules to stop redirection to ${name}\"\n\tdisable_redirection_to_moproxy_chain PREROUTING\n\tdisable_redirection_to_moproxy_chain OUTPUT\n\tdelete_moproxy_chain\n}\n\nstart_post() {\n\tenable\n}\n\nstop_pre() {\n\tdisable\n}\n\nreload() {\n\tebegin \"Reloading ${name}\"\n\tstart-stop-daemon --signal HUP --pidfile \"$pidfile\"\n\tiptables --table nat --flush MOPROXY\n\tadd_noproxy_rules\n\tiptables_redirect\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/nerdctl",
"content": "#!/bin/sh\nexport CONTAINERD_ADDRESS=/run/k3s/containerd/containerd.sock\nif [ -f /usr/local/openresty/nginx/conf/allowed-images.conf ]; then\n export HTTPS_PROXY=http://127.0.0.1:3128\nfi\n\n# On WSL, we need to enter the correct pid &c. namespace for nerdctl to work\n# correctly.\n\nif [ -r /run/wsl-init.pid ]; then\n parent=\"$(cat /run/wsl-init.pid)\"\n pid=\"$(ps -o pid,ppid,comm | awk '$2 == \"'\"${parent}\"'\" && $3 == \"init\" { print $1 }')\"\n if [ -n \"${pid}\" ]; then\n exec /usr/bin/nsenter -p -m -n -t \"${pid}\" /usr/local/libexec/nerdctl/nerdctl \"$@\"\n fi\nfi\n\nexec /usr/local/libexec/nerdctl/nerdctl \"$@\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/nginx.conf",
"content": "worker_processes auto;\n\nerror_log /var/log/openresty/error.log warn;\n\nevents {\n worker_connections 1024;\n}\n\nhttp {\n map_hash_bucket_size 128;\n include mime.types;\n default_type application/octet-stream;\n\n log_format proxy escape=json\n '{'\n '\"access_time\":\"$time_local\",'\n '\"request\":\"$request\",'\n '\"status\":\"$status\",'\n '\"bytes_sent\":\"$body_bytes_sent\",'\n '\"host\":\"$host\",'\n '\"ssl_protocol\":\"$ssl_protocol\",'\n '\"connect_host\":\"$connect_host\",'\n '\"connect_port\":\"$connect_port\",'\n '}';\n\n log_format mitm escape=json\n '{'\n '\"access_time\":\"$time_local\",'\n '\"method\":\"$request_method\",'\n '\"uri\":\"$uri\",'\n '\"status\":\"$status\",'\n '\"bytes_sent\":\"$body_bytes_sent\",'\n '\"upstream_response_time\":\"$upstream_response_time\",'\n '\"host\":\"$host\",'\n '\"http_host\":\"$http_host\",'\n '\"upstream\":\"$upstream_addr\"'\n '}';\n\n server {\n listen 3128;\n listen [::]:3128;\n server_name proxy;\n\n access_log /var/log/openresty/proxy.log proxy;\n\n proxy_connect;\n proxy_connect_allow all;\n proxy_connect_address 127.0.0.1:3129;\n proxy_max_temp_file_size 0;\n\n # response non-CONNECT requests\n location / {\n add_header \"Content-type\" \"text/plain\" always;\n return 404 \"The Rancher Desktop allowed-images proxy only allows CONNECT requests\\n\";\n }\n }\n\n map \"$http_host$uri\" $forbidden {\n default 1;\n include allowed-images.conf;\n }\n\n # don't limit maximum request size to allow for pushing large image layers\n client_max_body_size 0;\n\n server {\n listen 3129 ssl default_server;\n server_name mitm;\n\n access_log /var/log/openresty/access.log mitm;\n\n # nginx complains if these are not set; we'll clear them again right after\n ssl_certificate /run/mkcert/localhost.pem;\n ssl_certificate_key /run/mkcert/localhost-key.pem;\n\n ssl_certificate_by_lua_block {\n local ssl = require \"ngx.ssl\"\n local name = ssl.server_name()\n\n local ok, err = ssl.clear_certs()\n if not ok then\n ngx.log(ngx.ERR, \"failed to clear existing (fallback) certificates\")\n return ngx.exit(ngx.ERROR)\n end\n\n local certs_dir = \"/run/mkcert/\"\n local cert_file = certs_dir .. name .. \".pem\"\n local key_file = certs_dir .. name .. \"-key.pem\"\n\n local my_load_certificate_chain = function()\n local f = io.open(cert_file, \"rb\")\n if f == nil then\n local ngx_pipe = require \"ngx.pipe\"\n local cmd = { \"/usr/bin/mkcert\", \"-cert-file\", cert_file, \"-key-file\", key_file, name }\n local opts = { environ = {\"CAROOT=\"..certs_dir}, merge_stderr = true }\n local proc, err = ngx_pipe.spawn(cmd, opts)\n if proc == nil then\n ngx.log(ngx.ERR, \"failed to spawn mkcert command: \", err)\n return ngx.exit(ngx.ERROR)\n end\n\n local data, err, partial = proc:stdout_read_all()\n local ok, reason, status = proc:wait()\n if not ok then\n ngx.log(ngx.ERR, \"failed to create cert for \", name, \" reason: \", reason, \" status: \", status)\n ngx.log(ngx.ERR, \" output: \", data, \" err: \", err, \" partial: \", partial)\n return ngx.exit(ngx.ERROR)\n end\n f = io.open(cert_file, \"rb\")\n end\n local a = f:read(\"a*\")\n f:close()\n return a\n end\n local pem_cert_chain = assert(my_load_certificate_chain())\n\n local der_cert_chain, err = ssl.cert_pem_to_der(pem_cert_chain)\n if not der_cert_chain then\n ngx.log(ngx.ERR, \"failed to convert certificate chain from PEM to DER: \", err)\n return ngx.exit(ngx.ERROR)\n end\n\n local ok, err = ssl.set_der_cert(der_cert_chain)\n if not ok then\n ngx.log(ngx.ERR, \"failed to set DER cert: \", err)\n return ngx.exit(ngx.ERROR)\n end\n\n local my_load_private_key = function()\n local f = assert(io.open(key_file, \"rb\"))\n local a = f:read(\"a*\")\n f:close()\n return a\n end\n local pem_pkey = assert(my_load_private_key())\n\n local der_pkey, err = ssl.priv_key_pem_to_der(pem_pkey, nil)\n if not der_pkey then\n ngx.log(ngx.ERR, \"failed to convert private key from PEM to DER: \", err)\n return ngx.exit(ngx.ERROR)\n end\n\n local ok, err = ssl.set_der_priv_key(der_pkey)\n if not ok then\n ngx.log(ngx.ERR, \"failed to set DER private key: \", err)\n return ngx.exit(ngx.ERROR)\n end\n }\n\n # We need to resolve the real names of our proxied servers.\n include resolver.conf;\n\n # Docker needs this. Don't ask.\n chunked_transfer_encoding on;\n\n proxy_read_timeout 900;\n\n # Use SNI during the TLS handshake with the upstream.\n proxy_ssl_server_name on;\n\n proxy_ssl_verify on;\n proxy_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;\n proxy_ssl_verify_depth 2;\n\n location ~ ^/v[12]/(.+)/manifests/([^/]+)$ {\n if ($forbidden) {\n add_header \"Content-type\" \"application/json\" always;\n # `code` from https://github.com/distribution/distribution/blob/main/registry/api/errcode/register.go\n return 403 \"{\\\"errors\\\":[{\\\"code\\\":\\\"UNAUTHORIZED\\\",\\\"message\\\":\\\"image $http_host/$1:$2 is not covered by the Rancher Desktop allowed-images list\\\"}]}\\n\";\n }\n proxy_pass https://$http_host;\n }\n\n location / {\n proxy_pass https://$http_host;\n }\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/rancher-desktop-guestagent.initd",
"content": "#!/sbin/openrc-run\n# shellcheck shell=ksh\n\ndepend() {\n after network-online\n}\n\nGUESTAGENT_LOGFILE=\"${GUESTAGENT_LOGFILE:-${LOG_DIR:-/var/log}/${RC_SVCNAME}.log}\"\n\nsupervisor=supervise-daemon\nname=\"Rancher Desktop Guest Agent\"\ncommand=/usr/local/bin/rancher-desktop-guestagent\ncommand_args=\"\n ${GUESTAGENT_ADMIN_INSTALL:+-adminInstall=${GUESTAGENT_ADMIN_INSTALL}}\n ${GUESTAGENT_KUBERNETES:+-kubernetes=${GUESTAGENT_KUBERNETES}}\n ${GUESTAGENT_DOCKER:+-docker=${GUESTAGENT_DOCKER}}\n ${GUESTAGENT_CONTAINERD:+-containerd=${GUESTAGENT_CONTAINERD}}\n ${GUESTAGENT_K8S_SVC_ADDR:+-k8sServiceListenerAddr=${GUESTAGENT_K8S_SVC_ADDR}}\n ${GUESTAGENT_DEBUG:+-debug}\n \"\ncommand_args=\"${command_args//$'\\n'/ }\"\noutput_log=\"'${GUESTAGENT_LOGFILE}'\"\nerror_log=\"'${GUESTAGENT_LOGFILE}'\"\n\nrespawn_delay=5\nrespawn_max=0\n\nstart_pre() {\n cat > /etc/logrotate.d/guestagent <&2\n exit 1\nfi\n\n# If the pid is _not_ /sbin/init, find the child that is.\ncommand=\"$(ps -o pid,args | awk \"\\$1 == $pid { print \\$2 }\")\"\nif [ \"$command\" != \"/sbin/init\" ]; then\n newpid=\"$(ps -o pid,ppid,args | awk \"\\$2 == $pid && \\$3 == \\\"/sbin/init\\\" { print \\$1 }\")\"\n if [ -n \"${newpid}\" ]; then\n pid=\"${newpid}\"\n fi\nfi\n\nif [ $# -eq 0 ]; then\n set -- /bin/sh\nfi\n# If -w$PWD is specified on the first nsenter, then `wsl-exec pwd`\n# fails with \"pwd: getcwd: No such file or directory\"\nexec /usr/bin/nsenter -n -p -m -t \"${pid}\" /usr/bin/nsenter \"-w${PWD}\" \"$@\"\n"
},
{
"path": "pkg/rancher-desktop/assets/scripts/wsl-init",
"content": "#!/bin/sh\n\n# This script is used to launch (busybox) init on WSL2 through network-setup process.\n# The network-setup process starts the vm-switch and unshare as its sub processes. this\n# is necessary since we need to do some mount namespace, since we store the data on the\n# WSL shared mount (/mnt/wsl/rancher/desktop/) and that can have issues with\n# lingering tmpfs mounts after we exit. This means we need to run this script\n# under unshare (to get a private mount namespace), and then we can mark various\n# mount points as shared (for buildkit). Kubelet will internally do some\n# tmpfs mounts for volumes (secrets, etc.), which will stay private and go away\n# once k3s exits, so that we can delete the data as necessary.\n\nset -o errexit -o nounset -o xtrace\n\nNETWORK_SETUP_LOG=\"${LOG_DIR}/network-setup.log\"\nVM_SWITCH_LOG=\"${LOG_DIR}/vm-switch.log\"\n\n\nif [ $$ -ne \"1\" ]; then\n # This is not running as PID 1; this means that this is a normal invocation\n # from WSL.\n exec /usr/local/bin/network-setup --logfile \"$NETWORK_SETUP_LOG\" \\\n --vm-switch-path /usr/local/bin/vm-switch --vm-switch-logfile \\\n \"$VM_SWITCH_LOG\" ${RD_DEBUG:+-debug} --unshare-arg \"${0}\"\nfi\n\n# Mark directories that we will need to bind mount as shared mounts.\n(\n IFS=:\n for dir in / ${DISTRO_DATA_DIRS}; do\n mount --make-shared \"${dir}\"\n done\n)\n\n# Mount bpffs to allow containers to leverage bpf, and make both bpffs and\n# cgroupfs shared mounts so the pods can mount them correctly.\nmount bpffs -t bpf /sys/fs/bpf\nmount --make-shared /sys/fs/bpf\nmount --make-shared /sys/fs/cgroup\n\n# Mount binfmt_misc to allow nerdctl to see which qemu-* handlers have been loaded.\n# It will display a warning for foreign platforms if their handler seems missing.\nmount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc\nmount --make-shared /proc/sys/fs/binfmt_misc\n\nif [ -f /var/lib/resolv.conf ]; then\n ln -s -f /var/lib/resolv.conf /etc/resolv.conf\nfi\n\n# Run init (which never exits).\nexec /sbin/init\n"
},
{
"path": "pkg/rancher-desktop/assets/specs/README.md",
"content": "## Generators\n\n### To generate go code:\n\n`oapi-codegen pkg/rancher-desktop/assets/specs/command-api.yaml > api/commands.go`\n\n#### Dependencies:\n\n* opai-codegen: To install:\n\n```bash\ngo get github.com/deepmap/oapi-codegen/cmd/oapi-codegen\n```\n\n### To generate documentation:\n\n```\nmkdir tmp\ndocker run --rm -v ${PWD}:/local openapitools/openapi-generator-cli:v5.4.2 generate -i /local/src/assets/specs/command-api.yaml -g html -o /local/tmp/\nopen tmp/index.html # (macOS)\nstart tmp/index.html # (Powershell)\nxdg-open tmp/index.html # (linux, replace with path to a specific browser if you prefer).\n```\n\nRecommended tag: openapitools/openapi-generator-cli:v5.4.2\n\nSo run:\n```\ndocker run ... openapitools/openapi-generator-cli@sha256:3d7c84e4b8f25a2074d6ab44d936cd69d08a223021197269e75d29992204e15e\n```\n\n## References:\n\n* OpenAPI spec: https://github.com/OAI/OpenAPI-Specification/blob/main/versions/3.0.0.md#mediaTypeObject\n\n* Tools: https://openapi.tools/\n"
},
{
"path": "pkg/rancher-desktop/assets/specs/command-api.yaml",
"content": "\ninfo:\n title: Rancher Desktop API\n version: 0.0.1\npaths:\n /:\n get:\n operationId: listEndpoints\n summary: List all endpoints.\n responses:\n '200':\n description: A list of endpoints\n content:\n application/json:\n schema:\n type: array\n items: { type: string }\n\n /v0:\n get:\n operationId: listV0Endpoints\n summary: List all version zero endpoints.\n responses:\n '200':\n description: A list of version 0 endpoints, of which there are none.\n content:\n application/json:\n schema:\n type: array\n items: { type: string }\n\n /v1:\n get:\n operationId: listV1Endpoints\n summary: List all version one endpoints.\n responses:\n '200':\n description: A list of endpoints\n content:\n application/json:\n schema:\n type: array\n items: { type: string }\n\n /v1/about:\n get:\n operationId: getAbout\n summary: Returns a description of the endpoints\n responses:\n '200':\n description: A note about endpoints not being forwards-compatible.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/diagnostic_categories:\n get:\n operationId: diagnosticCategories\n summary: Return a list of the category names for the Diagnostics component. Takes no parameters.\n responses:\n '200':\n description: A list of the category names.\n content:\n application/json:\n schema:\n type: array\n items:\n type: string\n\n /v1/diagnostic_checks:\n get:\n operationId: diagnosticChecks\n summary: Return all the checks, optionally filtered by specified category and/or checkID.\n parameters:\n - in: query\n name: category\n - in: query\n name: checkID\n responses:\n '200':\n description: A list of check objects. An invalid or unrecognized query parameter returns (200, empty array)\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/diagnostics\"\n post:\n operationId: diagnosticRunChecks\n summary: Run all diagnostic checks, and return any results.\n responses:\n '200':\n description: A list of check results.\n content:\n application/json:\n schema:\n \"$ref\": \"#/components/schemas/diagnostics\"\n\n /v1/diagnostic_ids:\n get:\n operationId: diagnosticIDsForCategory\n summary: >-\n Return a list of the check IDs for the Diagnostics category,\n or 404 if there is no such `category`.\n Specifying an existing category with no checks\n will return status code 200 and an empty array.\n parameters:\n - in: query\n name: category\n responses:\n '200':\n description: A list of the check IDs for the specified category.\n content:\n application/json:\n schema:\n type: array\n items:\n type: string\n '404':\n description: The category is not recognized.\n\n\n /v1/extensions:\n get:\n operationId: listExtensions\n summary: List currently-installed RDX extensions.\n responses:\n '200':\n description: A list of installed RDX extensions.\n content:\n application/json:\n schema:\n type: object\n additionalProperties:\n type: object\n properties:\n version:\n type: string\n metadata:\n type: object\n labels:\n type: object\n additionalProperties:\n type: string\n '503':\n description: >-\n The extension manager has not been loaded yet. The client should\n retry the request at some future point in time.\n\n /v1/extensions/install:\n post:\n operationId: installExtension\n summary: Install an RDX extension\n parameters:\n - in: query\n name: id\n responses:\n '201':\n description: The extension was installed.\n '204':\n description: The extension was already installed.\n '400':\n description: There was an issue with the parameters.\n '422':\n description: The extension could not be installed.\n content:\n text/plain:\n schema:\n type: string\n '503':\n description: An internal error occurred.\n\n /v1/extensions/uninstall:\n post:\n operationId: uninstallExtension\n summary: Uninstall an RDX extension\n parameters:\n - in: query\n name: id\n responses:\n '201':\n description: The extension was uninstalled.\n '204':\n description: The extension was already uninstalled.\n '400':\n description: There was an issue with the parameters.\n '422':\n description: The extension could not be installed.\n content:\n text/plain:\n schema:\n type: string\n '503':\n description: An internal error occurred.\n\n /v1/factory_reset:\n put:\n operationId: factoryReset\n summary: Factory reset Rancher Desktop, losing user data\n requestBody:\n description: JSON block giving factory reset options.\n content:\n application/json:\n schema:\n type: object\n properties:\n keepSystemImages:\n type: boolean\n required: true\n responses:\n '202':\n description: The application is performing a factory reset.\n '400':\n description: An error occurred\n\n /v1/k8s_reset:\n put:\n operationId: k8sReset\n summary: Reset Kubernetes\n requestBody:\n description: JSON block giving k8s reset options.\n content:\n application/json:\n schema:\n type: object\n properties:\n mode:\n type: string\n enum: [ fast, wipe ]\n required: true\n responses:\n '202':\n description: The application is performing a Kubernetes reset.\n '400':\n description: An error occurred\n\n /v1/port_forwarding:\n post:\n operationId: createPortForward\n summary: Create a new port forwarding\n requestBody:\n description: JSON block consisting of the port forwarding details\n content:\n application/json:\n schema:\n type: object\n properties:\n namespace:\n type: string\n service:\n type: string\n k8sPort:\n type:\n - string\n - integer\n hostPort:\n type: integer\n required: true\n responses:\n '200':\n description: The port forwarding was created or already exists; the response contains the listening host port.\n content:\n text/plain:\n schema:\n type: integer\n '400':\n description: The port forwarding could not be created.\n delete:\n operationId: deletePortForward\n summary: Delete a port forwarding\n parameters:\n - in: query\n name: namespace\n - in: query\n name: service\n - in: query\n name: k8sPort\n responses:\n '200':\n description: The port forwarding was deleted or doesn't exist.\n '400':\n description: The port forwarding could not be deleted.\n\n /v1/propose_settings:\n put:\n operationId: proposeSettings\n summary: >-\n Propose some settings and determine if the backend needs to be restarted\n or reset (losing user data).\n requestBody:\n description: >-\n JSON block consisting of some or all of the current preferences,\n with changes applied to any number of settings the backend supports changing this way.\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/preferences\"\n required: true\n responses:\n '202':\n description: A description of the effects of the proposed settings on the backend.\n content:\n application/json:\n schema:\n type: object\n additionalProperties:\n type: object\n properties:\n current: {}\n desired: {}\n severity:\n type: string\n enum: [ restart, reset ]\n '400':\n description: The proposed settings were not valid.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/settings:\n get:\n operationId: listSettings\n summary: List the current preference settings\n responses:\n '200':\n description: The current preferences in JSON format\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/preferences\"\n put:\n operationId: updateSettings\n summary: Updates the specified preference settings\n requestBody:\n description: >-\n JSON block consisting of some or all of the current preferences,\n with changes applied to any number of settings the backend supports changing this way.\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/preferences\"\n required: true\n responses:\n '202':\n description: The settings were accepted.\n content:\n text/plain:\n schema:\n type: string\n '400':\n description: The proposed settings were not valid.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/settings/locked:\n get:\n operationId: listLockedSettings\n summary: List the current locked settings\n responses:\n '200':\n description: The locked preferences in JSON format\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/preferences\"\n\n /v1/shutdown:\n put:\n operationId: shutdownApp\n summary: Shuts down Rancher Desktop\n responses:\n '202':\n description: The application is in the process of shutting down.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/snapshots:\n get:\n operationId: listSnapshots\n summary: List the snapshots\n responses:\n '200':\n description: The snapshots list in JSON format\n content:\n application/json:\n schema:\n type: array\n items:\n \"$ref\" : \"#/components/schemas/snapshot\"\n post:\n operationId: createSnapshot\n summary: Creates a new snapshot\n responses:\n '200':\n description: The snapshot was created.\n '400':\n description: The snapshot could not be created.\n content:\n text/plain:\n schema:\n type: string\n delete:\n operationId: deleteSnapshot\n summary: Deletes a snapshot\n parameters:\n - in: query\n name: name\n responses:\n '200':\n description: The snapshot was deleted.\n '404':\n description: The snapshot could not be deleted.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/snapshots/cancel:\n post:\n operationId: cancelSnapshot\n summary: Cancels active snapshot operation\n responses:\n '200':\n description: The snapshot operation was canceled.\n '400':\n description: The snapshot could not be canceled.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/snapshot/restore:\n post:\n operationId: restoreSnapshot\n summary: Restore a snapshot\n parameters:\n - in: query\n name: name\n responses:\n '202':\n description: The snapshot was restored.\n '404':\n description: The snapshot could not be restored.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/transient_settings:\n get:\n operationId: listTransientSettings\n summary: List the current transient settings\n responses:\n '200':\n description: The current transient settings in JSON format\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/transientSettings\"\n put:\n operationId: updateTransientSettings\n summary: Updates application transient settings\n requestBody:\n description: JSON block consisting of transient settings\n content:\n application/json:\n schema:\n \"$ref\" : \"#/components/schemas/transientSettings\"\n required: true\n responses:\n '202':\n description: The settings were accepted.\n content:\n text/plain:\n schema:\n type: string\n '400':\n description: The proposed transient settings were not valid.\n content:\n text/plain:\n schema:\n type: string\n\n /v1/backend_state:\n get:\n operationId: getBackendState\n summary: Get the current backend state\n responses:\n '200':\n description: The current backend state\n content:\n application/json:\n schema:\n type: object\n required:\n - vmState\n - locked\n properties:\n vmState:\n type: string\n locked:\n type: boolean\n put:\n operationId: setBackendState\n summary: Set the desired backend state\n requestBody:\n description: >-\n JSON block consisting of some or all of desired backend state, with changes applied\n to the parts of backend state that are specified.\n content:\n application/json:\n schema:\n type: object\n properties:\n vmState:\n type: string\n locked:\n type: boolean\n required: true\n responses:\n '202':\n description: The desired backend state was accepted.\n content:\n text/plain:\n schema:\n type: string\n\ncomponents:\n schemas:\n preferences:\n type: object\n properties:\n application:\n type: object\n properties:\n adminAccess:\n type: boolean\n x-rd-platforms: [darwin, linux] # Only in the specified platforms\n x-rd-usage: enable privileged operations\n debug:\n type: boolean\n x-rd-usage: generate more verbose logging\n extensions:\n type: object\n properties:\n allowed:\n type: object\n properties:\n enabled:\n type: boolean\n x-rd-hidden: true\n list:\n type: array\n items:\n type: string\n x-rd-hidden: true\n installed:\n type: object\n x-rd-usage: installed extensions and their tag\n additionalProperties:\n type: string\n pathManagementStrategy:\n type: string\n enum: [manual, rcfiles]\n x-rd-platforms: [darwin, linux]\n x-rd-usage: update PATH to include ~/.rd/bin\n telemetry:\n type: object\n properties:\n enabled:\n type: boolean\n x-rd-usage: allow collection of anonymous statistics\n updater:\n type: object\n properties:\n enabled:\n type: boolean\n x-rd-usage: automatically update to the latest release\n autoStart:\n type: boolean\n x-rd-usage: start app when logging in\n startInBackground:\n type: boolean\n x-rd-usage: start app without window\n hideNotificationIcon:\n type: boolean\n x-rd-usage: don't show notification icon\n window:\n type: object\n properties:\n quitOnClose:\n type: boolean\n x-rd-usage: terminate app when the main window is closed\n theme:\n type: string\n enum: [system, light, dark]\n x-rd-usage: set the color theme (system follows OS setting)\n containerEngine:\n type: object\n properties:\n name:\n type: string\n # TODO \"docker\" setting should be a hidden alias of \"moby\".\n # Why have two values for exactly the same thing?\n enum: [containerd, docker, moby]\n x-rd-aliases: [container-engine]\n x-rd-usage: set engine\n allowedImages:\n type: object\n properties:\n enabled:\n type: boolean\n x-rd-usage: only allow images to be pulled that match the allowed patterns\n patterns:\n type: array\n # TODO It is not yet possible to specify array/list values with `rdctl set`\n x-rd-usage: allowed image names\n items:\n type: string\n mobyStorageDriver:\n type: string\n enum: [classic, snapshotter, auto]\n x-rd-usage: override Moby storage driver selection\n virtualMachine:\n type: object\n properties:\n memoryInGB:\n type: integer\n minimum: 1\n x-rd-platforms: [darwin, linux]\n x-rd-usage: reserved RAM size\n numberCPUs:\n type: integer\n minimum: 1\n x-rd-platforms: [darwin, linux]\n x-rd-usage: reserved number of CPUs\n type:\n type: string\n enum: [qemu, vz]\n x-rd-platforms: [darwin]\n useRosetta:\n type: boolean\n x-rd-platforms: [darwin]\n mount:\n type: object\n x-rd-platforms: [darwin, linux]\n properties:\n type:\n type: string\n enum: [reverse-sshfs, 9p, virtiofs]\n x-rd-usage: how directories are shared; 9p is experimental\n kubernetes:\n type: object\n properties:\n version:\n type: string\n x-rd-aliases: [kubernetes-version]\n x-rd-usage: choose which version of Kubernetes to run\n port:\n type: integer\n x-rd-usage: apiserver port\n enabled:\n type: boolean\n x-rd-aliases: [kubernetes-enabled]\n x-rd-usage: run Kubernetes\n options:\n type: object\n properties:\n traefik:\n type: boolean\n x-rd-usage: install and run traefik\n flannel:\n type: boolean\n x-rd-aliases: [flannel-enabled]\n x-rd-usage: use flannel networking; disable to install your own CNI\n ingress:\n type: object\n properties:\n localhostOnly:\n type: boolean\n x-rd-platforms: [win32]\n x-rd-usage: bind services to 127.0.0.1 instead of 0.0.0.0\n experimental:\n type: object\n properties:\n containerEngine:\n type: object\n properties:\n webAssembly:\n type: object\n properties:\n enabled:\n type: boolean\n x-rd-usage: enable support for containerd-wasm shims\n kubernetes:\n type: object\n properties:\n options:\n type: object\n properties:\n spinkube:\n type: boolean\n x-rd-usage: install spin operator\n virtualMachine:\n type: object\n properties:\n diskSize:\n type: string\n x-rd-platforms: [darwin, linux]\n x-rd-usage: >-\n desired size of the disk; changing this setting will not\n shrink existing disks (example: 10GiB)\n mount:\n type: object\n x-rd-platforms: [darwin, linux]\n properties:\n 9p:\n type: object\n properties:\n securityModel:\n type: string\n enum: [passthrough, mapped-xattr, mapped-file, none]\n protocolVersion:\n type: string\n enum: [9p2000, 9p2000.u, 9p2000.L]\n msizeInKib:\n type: integer\n minimum: 4\n x-rd-usage: maximum packet size\n cacheMode:\n type: string\n enum: [none, loose, fscache, mmap]\n proxy:\n type: object\n x-rd-platforms: [win32]\n x-rd-usage: configure proxy address\n properties:\n enabled:\n type: boolean\n x-rd-usage: redirect the traffic to the configured proxy address\n address:\n type: string\n x-rd-usage: proxy address\n password:\n type: string\n x-rd-usage: if needed the password to connect to the proxy\n port:\n type: integer\n x-rd-usage: proxy port\n username:\n type: string\n x-rd-usage: if needed the username to connect to the proxy\n noproxy:\n type: array\n x-rd-usage: list of hostname to exclude from using the proxy\n items: { type: string }\n sshPortForwarder:\n type: boolean\n x-rd-platforms: [darwin, linux]\n x-rd-usage: use SSH for port forwarding instead of gRPC\n WSL:\n type: object\n x-rd-platforms: [win32]\n # TODO It is not yet possible to configure this via `rdctl set`.\n x-rd-usage: make container engine and Kubernetes available in these WSL2 distros\n properties:\n integrations:\n type: object\n additionalProperties: true\n portForwarding:\n type: object\n properties:\n includeKubernetesServices:\n type: boolean\n x-rd-usage: show Kubernetes system services on Port Forwarding page\n images:\n type: object\n properties:\n showAll:\n type: boolean\n x-rd-usage: show system images on Images page\n namespace:\n type: string\n x-rd-usage: select only images from this namespace (containerd only)\n containers:\n type: object\n properties:\n showAll:\n type: boolean\n x-rd-usage: show system containers on Containers page\n namespace:\n type: string\n x-rd-usage: select only namespaces from this namespace (containerd only)\n diagnostics:\n type: object\n properties:\n showMuted:\n type: boolean\n x-rd-usage: unhide muted diagnostics\n mutedChecks:\n type: object\n # TODO It is not possible to modify this setting via `rdctl set`.\n x-rd-usage: diagnostic ids that have been muted\n additionalProperties: true\n connectivity:\n type: object\n properties:\n interval:\n type: integer\n x-rd-usage: >-\n Number of milliseconds before polling for network access;\n set this to zero to disable background connectivity checking\n timeout:\n type: integer\n x-rd-usage: Number of milliseconds to wait before timing out\n\n diagnostics:\n type: object\n properties:\n last_update:\n type: string\n format: date-time\n example: \"1970-01-01T00:00:00.000Z\"\n checks:\n type: array\n items:\n type: object\n properties:\n id:\n type: string\n category:\n type: string\n documentation:\n type: string\n description:\n type: string\n passed:\n type: boolean\n mute:\n type: boolean\n fixes:\n type: array\n items:\n type: object\n properties:\n description:\n type: string\n transientSettings:\n type: object\n properties:\n noModalDialogs:\n type: boolean\n preferences:\n type: object\n properties:\n navItem:\n type: object\n properties:\n current:\n type: string\n currentTabs:\n type: object\n additionalProperties: true\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/app.scss",
"content": "@import \"./vendor/normalize\";\n\n@import \"./base/variables\";\n@import \"./base/functions\";\n@import \"./base/mixins\";\n@import \"./base/helpers\";\n@import \"./base/color\";\n@import \"./base/basic\";\n@import \"./base/typography\";\n\n@import \"./fonts/fontstack\";\n@import \"./fonts/dots\";\n@import \"./fonts/zerowidthspace\";\n@import \"./fonts/icons\";\n\n@import \"./themes/light\";\n@media screen and (prefers-color-scheme: dark) {\n @import \"./themes/dark\";\n}\n@import './themes/_suse.scss';\n\n\n@import \"./global/columns\";\n@import \"./global/cards\";\n@import \"./global/button\";\n@import \"./global/form\";\n@import \"./global/gauges\";\n@import \"./global/labeled-input\";\n@import \"./global/tooltip\";\n@import \"./global/table\";\n@import \"./global/select\";\n@import \"./global/resource\";\n\n@import \"./vendor/vue-select\";\n\n@import \"./rancher-desktop.scss\";\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_basic.scss",
"content": "// -----------------------------------------------------------------------------\n// This file contains very basic styles.\n// -----------------------------------------------------------------------------\n\n//\nHTML {\n box-sizing: border-box;\n height: 100%;\n}\n\nBODY {\n color: var(--body-text);\n direction: ltr;\n position: relative;\n margin: 0;\n scrollbar-width: thin;\n scrollbar-color: var(--scrollbar-thumb) var(--scrollbar-track);\n\n &.overflow-hidden {\n overflow: hidden;\n }\n}\n\n.dashboard-body {\n // this was moved to its own class because the background color prop conflicts with storybookjs addon \"backgrounds\".\n // decoupling this style allows us to preview components in both light and dark themes\n background: var(--body-bg);\n}\n\n::-webkit-scrollbar {\n width: 8px !important;\n height: 8px !important;\n}\n\n::-webkit-scrollbar {\n width: 8px !important;\n height: 8px !important;\n}\n\n::-webkit-scrollbar-thumb {\n background-color: var(--scrollbar-thumb) !important;\n border-radius: var(--border-radius);\n}\n\n::-webkit-scrollbar-track {\n background-color: var(--scrollbar-track) !important;\n}\n\n/*\n * Make all elements from the DOM inherit from the parent box-sizing\n * Since `*` has a specificity of 0, it does not override the `html` value\n * making all elements inheriting from the root box-sizing value\n * See: https://css-tricks.com/inheriting-box-sizing-probably-slightly-better-best-practice/\n */\n*, *::before, *::after {\n box-sizing: inherit;\n}\n\n:focus, .focused {\n outline-color: var(--outline);\n outline-style: solid;\n outline-width: var(--outline-width);\n}\n\nINPUT,\nSELECT,\nTEXTAREA,\nBUTTON,\n.btn,\n.labeled-input,\n.labeled-select,\n.unlabeled-select,\n.checkbox-custom,\n.radio-custom {\n &:focus, &.focused {\n @include form-focus }\n}\n\nbutton,\ninput,\noptgroup,\nselect,\ntextarea {\n margin: var(--outline-width);\n}\n\nA {\n @include link-color(var(--link), var(--body-text));\n\n text-decoration: none;\n\n &:hover,\n &:active {\n text-decoration: underline;\n color: var(--body-text);\n }\n}\n\nHR {\n height: 0;\n border: 0;\n border-top: 1px solid var(--border);\n width: 100%;\n\n &.dark {\n border-color: var(--nav-bg);\n }\n}\n\nHR.vertical {\n border-top: 0;\n border-left: 1px solid var(--border);\n height: 100%;\n position: absolute;\n left: 50%;\n margin-left: -1px;\n top: 0;\n}\n\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_color.scss",
"content": ".bg-transparent {\n background-color: transparent;\n}\n\n.bg-disabled {\n background-color: var(--disabled-bg) !important;\n}\n\n.text-disabled {\n color: var(--disabled-text) !important;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_functions.scss",
"content": "///Computes the \"brightness\" of a color\n@use 'sass:math';\n\n@function brightness($color) {\n @if type-of($color) == color {\n @return math.div(red($color) * 0.299 + green($color) * 0.587 + blue($color) * 0.114, 255) * 100%;\n }\n @else {\n @return unquote(\"brightness(#{$color})\");\n }\n}\n\n\n///Select the more readable foreground color for a given background color.\n@function contrast-color($color, $dark: $contrasted-dark, $light: $contrasted-light) {\n @if $color == null {\n @return null;\n }\n @else {\n $color-brightness: brightness($color);\n $dark-text-brightness: brightness($dark);\n $light-text-brightness: brightness($light);\n @return if(math.abs($color-brightness - $light-text-brightness) > math.abs($color-brightness - $dark-text-brightness), $light, $dark);\n }\n}\n\n@function add-z-index($key, $value) {\n @return map-merge($z-indexes, ($key: $value));\n}\n\n@function z-index($key) {\n @if map-has-key($z-indexes, $key) {\n @return map-get($z-indexes, $key);\n }\n\n @warn \"Unknown key `#{$key}` in $z-indexes\";\n @return null;\n}\n\n// _decimal.scss | MIT License | gist.github.com/terkel/4373420\n\n// Round a number to specified digits.\n//\n// @param {Number} $number A number to round\n// @param {Number} [$digits:0] Digits to output\n// @param {String} [$mode:round] (round|ceil|floor) How to round a number\n// @return {Number} A rounded number\n// @example\n// decimal-round(0.333) => 0\n// decimal-round(0.333, 1) => 0.3\n// decimal-round(0.333, 2) => 0.33\n// decimal-round(0.666) => 1\n// decimal-round(0.666, 1) => 0.7\n// decimal-round(0.666, 2) => 0.67\n//\n@function decimal-round ($number, $digits: 0, $mode: round) {\n $n: 1;\n // $number must be a number\n @if type-of($number) != number {\n @warn '#{ $number } is not a number.';\n @return $number;\n }\n // $digits must be a unitless number\n @if type-of($digits) != number {\n @warn '#{ $digits } is not a number.';\n @return $number;\n } @else if not unitless($digits) {\n @warn '#{ $digits } has a unit.';\n @return $number;\n }\n @for $i from 1 through $digits {\n $n: $n * 10;\n }\n @if $mode == round {\n @return math.div(round($number * $n), $n);\n } @else if $mode == ceil {\n @return math.div(ceil($number * $n), $n);\n } @else if $mode == floor {\n @return math.div(floor($number * $n), $n);\n } @else {\n @warn '#{ $mode } is undefined keyword.';\n @return $number;\n }\n}\n\n// Ceil a number to specified digits.\n//\n// @param {Number} $number A number to round\n// @param {Number} [$digits:0] Digits to output\n// @return {Number} A ceiled number\n// @example\n// decimal-ceil(0.333) => 1\n// decimal-ceil(0.333, 1) => 0.4\n// decimal-ceil(0.333, 2) => 0.34\n// decimal-ceil(0.666) => 1\n// decimal-ceil(0.666, 1) => 0.7\n// decimal-ceil(0.666, 2) => 0.67\n//\n@function decimal-ceil ($number, $digits: 0) {\n @return decimal-round($number, $digits, ceil);\n}\n\n// Floor a number to specified digits.\n//\n// @param {Number} $number A number to round\n// @param {Number} [$digits:0] Digits to output\n// @return {Number} A floored number\n// @example\n// decimal-floor(0.333) => 0\n// decimal-floor(0.333, 1) => 0.3\n// decimal-floor(0.333, 2) => 0.33\n// decimal-floor(0.666) => 0\n// decimal-floor(0.666, 1) => 0.6\n// decimal-floor(0.666, 2) => 0.66\n//\n@function decimal-floor ($number, $digits: 0) {\n @return decimal-round($number, $digits, floor);\n}\n\n@function sizzle-gradient($color) {\n $angle: 135deg;\n $startPos: 0%;\n $start: 0.3;\n $middlePos: 110px;\n $middle: 0.1;\n $endPos: 100%;\n $end: 0;\n\n @return transparent linear-gradient(#{$angle},\n #{rgba($color, $start)} #{$startPos},\n #{rgba($color, $middle)} #{$middlePos},\n #{rgba($color, $end)} #{$endPos}\n ) 0% 0% no-repeat padding-box;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_helpers.scss",
"content": "// -----------------------------------------------------------------------------\n// This file contains CSS helper classes.\n// -----------------------------------------------------------------------------\n\n// Text indent, margins, and paddings from 5-50px in 5px increments\n// e.g. in-10 - {text-indent: 10px}\n// e.g. p-10 - {padding: 10px}\n// e.g. mt-20 - {margin-top: 20px}\n$spacing-property-map: (\n m: margin,\n mt: margin-top,\n mr: margin-right,\n ml: margin-left,\n mb: margin-bottom,\n p: padding,\n pt: padding-top,\n pb: padding-bottom,\n pl: padding-left,\n pr: padding-right,\n in: text-indent,\n);\n\n@each $keyword, $property in $spacing-property-map {\n .#{$keyword}-0 { #{$property}: 0 !important; }\n\n @for $size from 1 through 10 {\n $val: $size * 5;\n .#{$keyword}-#{$val} { #{$property}: $val * 1px !important; }\n }\n}\n\n.spacer {\n padding: 40px 0 0 0;\n}\n\n.spacer-small {\n padding: 20px 0 0 0;\n}\n\n.pull-right {\n float: right !important;\n}\n.pull-left {\n float: left !important;\n}\n\n/**\n * Main content containers\n * 1. Make the container full-width with a maximum width\n * 2. Center it in the viewport\n * 3. Leave some space on the edges, especially valuable on small screens\n */\n.container {\n max-width: $max-width; /* 1 */\n min-width: $min-width;\n margin-left: auto; /* 2 */\n margin-right: auto; /* 2 */\n padding-left: 20px; /* 3 */\n padding-right: 20px; /* 3 */\n width: 100%; /* 1 */\n }\n\n/**\n * Hide text while making it readable for screen readers\n * 1. Needed in WebKit-based browsers because of an implementation bug;\n * See: https://code.google.com/p/chromium/issues/detail?id=457146\n */\n.hide-text {\n overflow: hidden;\n padding: 0; /* 1 */\n text-indent: 101%;\n white-space: nowrap;\n}\n\n/**\n * Hide element while making it readable for screen readers\n * https://github.com/h5bp/html5-boilerplate/blob/master/src/css/main.css#L119-L133\n */\n.visually-hidden {\n border: 0;\n clip: rect(0 0 0 0);\n height: 1px;\n margin: -1px;\n overflow: hidden;\n padding: 0;\n position: absolute;\n width: 1px;\n}\n\n.text-left {\n text-align: left !important;\n}\n\n.text-center {\n text-align: center !important;\n}\n\n.text-right {\n text-align: right !important;\n}\n\n.text-small {\n font-size: .8em;\n}\n\n.text-normal {\n font-size: initial;\n}\n\n.text-italic {\n font-style: italic;\n}\n\n.text-bold {\n font-weight: bold;\n}\n\n.text-uppercase {\n text-transform: uppercase;\n}\n\n.text-lowercase {\n text-transform: lowercase;\n}\n\n.text-capitalize {\n text-transform: capitalize;\n}\n\n.text-label {\n color: var(--input-label);\n}\n\n.hide {\n display: none !important;\n}\n\n.block {\n display: block !important;\n}\n\n.inline {\n display: inline !important;\n}\n\n.inline-block {\n display: inline-block !important;\n}\n\n.table-cell {\n display: table-cell !important;\n}\n\n.vertical-middle {\n display: inline-block;\n vertical-align: middle;\n}\n\n.invisible {\n visibility: hidden;\n}\n\n.helper-text {\n font-size: 12px;\n color: var(--secondary);\n}\n// Only display content to screen readers\n//\n// See: http://a11yproject.com/posts/how-to-hide-content\n.sr-only {\n position: absolute;\n width: 1px;\n height: 1px;\n margin: -1px;\n padding: 0;\n overflow: hidden;\n clip: rect(0,0,0,0);\n border: 0;\n}\n\n// Use in conjunction with .sr-only to only display content when it's focused.\n// Useful for \"Skip to main content\" links; see http://www.w3.org/TR/2013/NOTE-WCAG20-TECHS-20130905/G1\n// Credit: HTML5 Boilerplate\n.sr-only-focusable {\n &:active,\n &:focus {\n position: static;\n width: auto;\n height: auto;\n margin: 0;\n overflow: visible;\n clip: auto;\n }\n}\n\n[role=\"button\"] {\n cursor: pointer;\n}\n\n.eased {\n -webkit-transition: all 0.5s ease;\n -moz-transition: all 0.5s ease;\n -o-transition: all 0.5s ease;\n transition: all 0.5s ease;\n}\n\n.no-ease {\n -webkit-transition: none !important;\n -moz-transition: none !important;\n -o-transition: none !important;\n transition: none !important;\n}\n\n.full-height {\n height: 100%;\n}\n\n.full-width {\n width: 100%;\n}\n\n.align-top {\n vertical-align: top !important;\n}\n\n.vertical-scroll {\n max-height: 150px;\n overflow: scroll;\n}\n\n.comma-list {\n span:after {\n content: ','\n }\n span:last-of-type:after {\n content: ''\n\n }\n}\n\n.link[disabled] {\n pointer-events: none;\n}\n\n.subtle-box {\n border: .5px solid var(--subtle-border);\n box-shadow: 0 0 10px var(--shadow);\n padding: 20px;\n margin-bottom: 20px;\n border-radius: var(--border-radius);\n}\n\n.plus-more {\n color: var( --input-placeholder );\n font-size: 0.8em;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_mixins.scss",
"content": "// -----------------------------------------------------------------------------\n// This file contains all application-wide Sass mixins.\n// -----------------------------------------------------------------------------\n\n/// Clear inner floats\n@mixin clearfix() {\n &:before,\n &:after {\n content: \" \"; // 1\n display: table; // 2\n }\n &:after {\n clear: both;\n }\n}\n\n@mixin list-unstyled {\n margin: 0;\n padding: 0;\n list-style-type: none;\n}\n\n@mixin no-select {\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;\n}\n\n@mixin no-resize {\n resize : none;\n}\n\n@mixin hand {\n cursor : pointer;\n cursor : hand;\n}\n\n@mixin fixed {\n table-layout : fixed;\n}\n\n@mixin clip {\n text-overflow : ellipsis;\n overflow : hidden;\n white-space : nowrap;\n word-wrap : break-word;\n}\n\n@mixin force-wrap {\n word-wrap : break-word;\n white-space: normal;\n}\n\n@mixin bordered-section {\n border-bottom: 1px solid var(--border);\n margin-bottom: 20px;\n padding-bottom: 20px;\n}\n\n@mixin section-divider {\n margin-bottom: 20px;\n margin-top: 20px;\n}\n\n.clearfix { @include clearfix; }\n.list-unstyled { @include list-unstyled }\n.no-select { @include no-select }\n.no-resize { @include no-resize }\n.hand { @include hand }\n.fixed { @include fixed }\n.clip { @include clip }\n.force-wrap { @include force-wrap }\n.bordered-section { @include bordered-section }\n.section-divider { @include section-divider }\n\n/// Sets the specified background color and calculates a dark or light contrasted text color.\n@mixin contrasted($background-color, $dark: $contrasted-dark, $light: $contrasted-light) {\n color: contrast-color($background-color, $dark, $light);\n\n &:hover {\n text-decoration: underline;\n color: var(--body-text);\n }\n}\n\n/// Sets base color and darkens bg on hover\n@mixin bg-lighten($bg) {\n background: $bg;\n * {\n background:lighten($bg,20%);\n }\n}\n\n@mixin link-color($color, $hover) {\n @if not($hover) {\n $hover: $color;\n }\n\n color: $color;\n\n &:hover\n {\n text-decoration: underline;\n color: $hover;\n }\n}\n\n@mixin icon-rotate($degrees, $rotation) {\n filter: progid:DXImageTransform.Microsoft.BasicImage(rotation=#{$rotation});\n -webkit-transform: rotate($degrees);\n -ms-transform: rotate($degrees);\n transform: rotate($degrees);\n}\n\n@mixin icon-flip($horiz, $vert, $rotation) {\n filter: progid:DXImageTransform.Microsoft.BasicImage(rotation=#{$rotation});\n -webkit-transform: scale($horiz, $vert);\n -ms-transform: scale($horiz, $vert);\n transform: scale($horiz, $vert);\n}\n\n@mixin input-status-color {\n &:not(.focused) {\n &.success {\n border: solid 1px var(--success);\n input, .selected {\n color: var(--success);\n }\n\n .vs__actions:after {\n color: var(--success);\n }\n }\n\n &.warning {\n border: solid 1px var(--warning);\n input, .selected {\n color: var(--warning);\n }\n\n .vs__actions:after {\n color: var(--warning);\n }\n }\n\n &.error {\n border: solid 1px var(--error);\n input, .selected {\n color: var(--error);\n }\n\n .vs__actions:after {\n color: var(--error);\n }\n }\n }\n}\n\n@mixin form-focus {\n // Focus for form like elements (not to be confused with basic :focus style)\n outline: none;\n box-shadow: 0 0 0 var(--outline-width) var(--outline);\n background: var(--input-focus-bg)\n}"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_typography.scss",
"content": "HTML, BODY {\n font-family: $body-font;\n font-size: 14px;\n}\n\nH1, H2, H3, H4, H5, H6 {\n color: var(--body-text);\n font-style: normal;\n font-weight: 400;\n margin: 0 0 10px 0;\n}\n\nH1 {\n font-size: 24px;\n}\n\nH2 {\n font-size: 21px;\n}\n\nH3 {\n font-size: 18px;\n}\n\nH4 {\n font-size: 16px;\n}\n\nH5 {\n font-size: 14px;\n}\n\nH6 {\n font-size: 12px;\n text-transform: uppercase;\n}\n\nP {\n font-weight: 400;\n font-style: normal;\n margin: 0;\n}\n\n//code\ncode, samp, kbd, .monospace {\n font-family: $mono-font;\n text-align: left;\n}\n\npre {\n padding: 10px;\n border-radius: var(--border-radius);\n background: var(--box-bg);\n margin: 5px;\n overflow: auto;\n}\n\ncode {\n background-color: var(--box-bg);\n display: inline-block;\n padding: 5px;\n border: 1px solid var(--border);\n border-radius: var(--border-radius);\n}\n\n.v-popper__popper code,\npre code {\n background: transparent;\n padding: 0;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/base/_variables.scss",
"content": "$header-font: 'Poppins', sans-serif;\n$body-font: 'Lato', arial, helvetica, sans-serif;\n$mono-font: 'Roboto Mono', monospace;\n\n$max-width: 1440px !default;\n$min-width: 75% !default;\n$input-height: 61px;\n$unlabeled-input-height: 40px;\n\n$input-padding-lg: 18px;\n$input-padding-sm: 10px;\n$input-line-height: 18px;\n\n$column-gutter: 1.75%;\n\n$sideways-tabs-width: 200px;\n\n$array-list-remove-margin: 75px;\n\n$z-indexes: (\n zero: 0,\n default: 1,\n overContent: 2,\n hoverOverContent: 3,\n\n tableGroup: 10,\n fixedTableHeader: 11,\n\n modalOverlay: 20,\n modalContent: 21,\n\n tooltip: 30,\n\n dropdownOverlay: 40,\n dropdownContent: 41,\n\n loadingOverlay: 50,\n loadingContent: 51\n);\n\n// Usage Example:\n// @media only screen and (min-width: map-get($breakpoints, '--viewport-*')) {\n// }\n$breakpoints: (\n '--viewport-4': 480px,\n '--viewport-7': 768px,\n '--viewport-9': 992px,\n '--viewport-12': 1281px,\n);\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/fonts/_dots.scss",
"content": "@font-face {\n font-family: 'dotsfont';\n font-weight: normal;\n font-style: normal;\n src: url(data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAAAyEABEAAAAAV7gAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABgAAAABwAAAAcgM9Wv0dERUYAAAGcAAAAHQAAAB4AJwDeT1MvMgAAAbwAAABMAAAAYHOnumtjbWFwAAACCAAAAUwAAAGSId/p/mN2dCAAAANUAAAADAAAAAwF+BA6ZnBnbQAAA2AAAAGxAAACZVO0L6dnYXNwAAAFFAAAAAgAAAAIAAAAEGdseWYAAAUcAAABlQAARtxIEfQVaGVhZAAABrQAAAAyAAAANhPqDEtoaGVhAAAG6AAAAB4AAAAkD9kKlmhtdHgAAAcIAAAATAAAA2Cb0mq3bG9jYQAAB1QAAAGfAAABsumd1/5tYXhwAAAI9AAAACAAAAAgAfIAQm5hbWUAAAkUAAABRwAAApIWY2jUcG9zdAAAClwAAAHJAAACkyUTPVZwcmVwAAAMKAAAAFIAAABSWo1sY3dlYmYAAAx8AAAABgAAAAaskFpGAAAAAQAAAADV7pT1AAAAANR0ZLoAAAAA1mxdD3jaY2BkYGDgAWIxIGZiYATC60DMAuYxAAAM2wEGAAAAeNpjYOaUY5zAwMrAwmrMcpaBgWEWhGY6y5DGlAbkA6XggJkBCYR6h/sxODAoqP5hY/gH5LMxMGkoMDAwguQYvzC9A1IKDIwAF8ELN3jaY2BgYGaAYBkGRgYQ6AHyGMF8FoYCIC3BIAAU4WCoY9jC8J/pGNMdBS4FEQVJBX2FeNU///8DVSgwLGDYBpZhUBBQkIDJ/H/8/9D/g39//3324PCDfQ92P1j2oPzWbagtWAEjGwNcmpEJSDChKwA6lYWVjZ2Dk4ubh5ePX0BQSFhEVExcQlJKWkZWTl5BUUlZRVVNXUNTS1tHV0/fwNDI2MTUzNzC0sraxtbO3sHRydnF1c3dw9PL28fXzz8gMCg4JDQsPCIyKjomNi4+IZGhta2ja9L0uYsWLl66ZNmKVStXr1m3dv2GTVs2b92+bfeuPXsZilJSMxnKFxRkM5RlMbTPZChmYEiHuC6nmmH5zobkPBA7t4YhqbFlGgPDxUsMDJev7GA4APNDBRA3dzf1dPb1T+idMpVh8uw5sxgOHioEClcCMQAKvGiaAAAFdQW0BbQARAUReNpdUbtOW0EQ3Q0PA4HE2CA52hSzmZDGe6EFCcTVjWJkO4XlCGk3cpGLcQEfQIFEDdqvGaChpEibBiEXSHxCPiESM2uIojQ7O7NzzpkzS8qRqnfpa89T5ySQwt0GzTb9Tki1swD3pOvrjYy0gwdabGb0ynX7/gsGm9GUO2oA5T1vKQ8ZTTuBWrSn/tH8Cob7/B/zOxi0NNP01DoJ6SEE5ptxS4PvGc26yw/6gtXhYjAwpJim4i4/plL+tzTnasuwtZHRvIMzEfnJNEBTa20Emv7UIdXzcRRLkMumsTaYmLL+JBPBhcl0VVO1zPjawV2ys+hggyrNgQfYw1Z5DB4ODyYU0rckyiwNEfZiq8QIEZMcCjnl3Mn+pED5SBLGvElKO+OGtQbGkdfAoDZPs/88m01tbx3C+FkcwXe/GUs6+MiG2hgRYjtiKYAJREJGVfmGGs+9LAbkUvvPQJSA5fGPf50ItO7YRDyXtXUOMVYIen7b3PLLirtWuc6LQndvqmqo0inN+17OvscDnh4Lw0FjwZvP+/5Kgfo8LK40aA4EQ3o3ev+iteqIq7wXPrIn07+xWgAAAAABAAH//wAPeNrt2jFLI0EUwPH3dncSBeVcOWxssnE97ggYTYxVOlNa2PgNLPwOVgpiYXNe5XewMLOoYDiOuxPtQsDCWGhhuYiFrcrgrkW6a2yE888w8OYx7/emfyOetES8VbMivhRlxqpUm0kxCO5rtmCum4nvZaFYP0+bPJ0UC+a5mWier4dROB2FUcsruVj33JpZedxvBV0RUe3LSHHHbMgnmZR2ULUjmmp7rGpFK3bIS22oFZmd08/jQb0WjzfmvXiqHHja7+hSr6fLvzvusNtzB3+8X6fu/OhEF8/+avO4435iY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2Njv7MtbwH4W4aNjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY2NjY39oebC726Y/sCYqNcWcuPLVLmQGZvp7o+77c30++799r/rhwf1EkSlWBrzEkelQLSvRi+0nK0rHXVPbsbduhv31T38X7Py/PFmy2yJL98kyQ4Vq5oOAs3ateXS+lmXfJvXTnNhFOZFj+vZvReYPphnAAAAeNpjYGRgYADiTd8OXoznt/nKIM/BAAJXSlJ2gehrObH8IJrzOmsrkOJgYALxAFBACosAAHjaY2BkYGBj+HuDgYH7KQMQcF5nYGRABTcAYDIEhgAAeNpjesPgwgAETKsYGDhngjDj9VE8EHg07AcaMx1iYGBtBeYFKM14HYgTgZnjNRRvAPKlgLQfalyxP2W8zv0UwQepAekDmQEADJUueHjadcI7KIQBAADg//1+v98vkiQZJEmSDJIkXZcuGS5J0iXDdYMkSZcMMkiSDDJckiTJIIOkSwYZJF2XdBl0SZckA8mq7wMAoP5PAsgCR8ATKIEdYArcAPPgB1QDxaA5aB8qwAzcCo/Bq/A5/IYESB8yjeSQOxRDm9Akuoyeoi+YhXVjaWwbu8EBvAEfwhfxY7xEKEQnMUlsElfEJ1lLxsl58oAsUhzVRo1Ta9QFVaEjup+eoXfpe4ZgmpkRZoU5Y8qsw/awGXaHveUgrpEb5pa4E+6Z1/guforf4q/5L6FOGBQWhEPhURR+tIsT4rp4Kb5L1dKANCvtSQ8yJbfICTkrH8lPiqR0KCllQ8krH2qNGlPn1H21oDFaqzamrWrn2pse6H36tJ7T7wzMaDKSxrJxaryYltltps1t88YCrAZryFq0jq2Srdid9qS9aV/Zn06tE3fmnQOn6HJumzvurrkXbsWLvH5vxtv17n3Cb/ZH/BX/zC8HTtATZIKd4DaEwsZwOFwKT8LnSIu6/jEaZaNclI9eq7yq3l+pb5RddPEAAAEAAADYABAAAgAAAAAAAgABAAIAFgAAAQAALgAAAAB42oWRu0oDQRSGvzFRiEjURiTVFrbGRIjXSpQ0gkVE05rLGqMbL9kkoE/gkwj2VhapvTyBjc9h6b+zQxIWQZaZ8838Z/5zZhaY55UUJp0BLjViNixoFfMUWR4cp9jg0XEaj6HjaXJ8O57R/o/jDEtm2fEcKybveJGsqTh+U86Z43cKZuD4QzlPjj+ZNS8xf6XImSH73HDLPV3atLigp6rPGusUKKpLj7pUj0PNAb6oqjkgtPt5rfe0ChTHDqFd+Yq+4kBzU5lNVYq0c8VrUUX7Lfo6W1NWURkF++1yompVjkTJM6vWd3wqqXsJ11PbQajOIt2bqPKf89/3jW7X03uF7LCmryPtymXmacirk/CJTtcn+os7KNvX8jiQ2rCvvW21knxLbNm5NPoLm+rWl0fNuvbk1XU3Ko98j7mT2pYS1Q9+AfhBY1UAeNpt0UdMVHEUxeHfpczA0DvYFUFRwPfeMBT7DDhYUGyISlEUmBlFRHBUbGgssUSCMWEHEXWjiZpoosaEFQsVe0ACLlzbMCzUnYno+7vzbL7kLM7iXgL4m19e6vlfhkECJJBAggjGgpUQQrERRjgRRBJFNDHEEkc8CSSSRDIpTGAik5jMFKYyjenMIJWZpJHOLGaTwRzmkkkW2cxDQ8fATg4OcskjnwLms4CFLGIxS1iKExeFFLEMN8UsZwUrWUUJq1lDKWtZx3o2sJEyNlHOZrawlQoqqaKabWynRoK4zmnO0EsnHzlLOxfp4iY3JJgLvOcUV8QiVi5xjj4+SAjd3OIH3/nJNW7zjCfcYQc76aCW59TxlH5e84KXvOLT+O0GeMNb7uJhjMsMMcg7vHxhlPPswsdu9tBAI1fZyz6aaKYFP/s5wEE+c4jDtHKEYxzlET20cZwTnOQr33g8/oMRCRWbhEm4REikREm0xEisxEm8JEgi97jPAx5KkiRLisXT0Nrk1U0Mq7/Rp2lOTVlk6lK9y64s+KOhaZpSVxpKuzJH6VDmKvOU+cp/e05TXe3quq3e5/E319XWtHjNynCbOkwd7sLfiLiJTAAAALgB/4WwAY0AS7AIUFixAQGOWbFGBitYIbAQWUuwFFJYIbCAWR2wBitcWACwASBFsAMrRAGwAiBFsAMrRLADIEW6AAJ//wACK7EDRnYrRFmwFCsAAAABWkasjwAA) format('woff');\n}\n\n.conceal:not(:invalid):not(:focus) {\n font-family: 'dotsfont' !important;\n font-size: 6px;\n }\n\n.conceal PRE {\n font-family: 'dotsfont' !important;\n font-size: 10px;\n}\n\n\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/fonts/_fontstack.scss",
"content": "/* poppins-300 - latin */\n@font-face {\n font-family: 'Poppins';\n font-style: normal;\n font-weight: normal;\n src: local(''),\n url('@pkg/assets/fonts/poppins/poppins-v15-latin-300.woff2') format('woff2'), /* Super Modern Browsers */\n url('@pkg/assets/fonts/poppins/poppins-v15-latin-300.woff') format('woff'), /* Modern Browsers */\n}\n\n/* poppins-500 - latin */\n@font-face {\n font-family: 'Poppins';\n font-style: normal;\n font-weight: bold;\n src: local(''),\n url('@pkg/assets/fonts/poppins/poppins-v15-latin-500.woff2') format('woff2'), /* Super Modern Browsers */\n url('@pkg/assets/fonts/poppins/poppins-v15-latin-500.woff') format('woff'), /* Modern Browsers */\n}\n\n/* lato-regular - latin */\n@font-face {\n font-family: 'Lato';\n font-style: normal;\n font-weight: normal;\n src: local(''),\n url('@pkg/assets/fonts/lato/lato-v17-latin-regular.woff2') format('woff2'), /* Super Modern Browsers */\n url('@pkg/assets/fonts/lato/lato-v17-latin-regular.woff') format('woff'), /* Modern Browsers */\n}\n\n/* lato-700 - latin */\n@font-face {\n font-family: 'Lato';\n font-style: normal;\n font-weight: bold;\n src: local(''),\n url('@pkg/assets/fonts/lato/lato-v17-latin-700.woff2') format('woff2'), /* Super Modern Browsers */\n url('@pkg/assets/fonts/lato/lato-v17-latin-700.woff') format('woff'), /* Modern Browsers */\n}\n\n/* roboto-mono-regular - latin */\n@font-face {\n font-family: 'Roboto Mono';\n font-style: normal;\n font-weight: normal;\n src: local(''),\n url('@pkg/assets/fonts/roboto-mono/roboto-mono-v13-latin-regular.woff2') format('woff2'), /* Super Modern Browsers */\n url('@pkg/assets/fonts/roboto-mono/roboto-mono-v13-latin-regular.woff') format('woff'), /* Modern Browsers */\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/fonts/_icons.scss",
"content": "@use 'sass:math';\n\n@import \"~rancher-icons/style.scss\";\n\n// Animated Icons\n// --------------------------\n.icon-spin {\n -webkit-animation: icon-spin 5000ms infinite linear;\n animation: icon-spin 5000ms infinite linear;\n}\n\n@-webkit-keyframes icon-spin {\n from {\n transform:rotate(0deg);\n }\n to {\n transform:rotate(360deg);\n }\n}\n\n@keyframes icon-spin {\n from {\n transform:rotate(0deg);\n }\n to {\n transform:rotate(360deg);\n }\n}\n\n// FontAwesomeness\n$icon-li-width: math.div(30em, 14) !default;\n$icon-inverse: #fff !default;\n\n.icon {\n display: inline-block;\n}\n\n// Sizes\n.icon-fw {\n width: math.div(18em, 14);\n text-align: center;\n}\n\n.icon-sm {\n font-size: (1em*0.8);\n}\n\n.icon-lg {\n font-size: math.div(4em, 3);\n line-height: (3em * 0.25);\n vertical-align: -15%;\n}\n.icon-2x { font-size: 2em; }\n.icon-3x { font-size: 3em; }\n.icon-4x { font-size: 4em; }\n.icon-5x { font-size: 5em; }\n\n// Stacked\n.icon-stack {\n position: relative;\n display: inline-block;\n // width: 2em;\n height: 2em;\n line-height: 2em;\n vertical-align: middle;\n}\n.icon-stack-1x, .icon-stack-2x {\n position: absolute;\n left: 0;\n width: 100%;\n text-align: center;\n}\n.icon-stack-1x { line-height: inherit; }\n.icon-stack-2x { font-size: 2em; }\n.icon-inverse { color: $icon-inverse; }\n\n// List\n.icon-ul {\n padding-left: 0;\n margin-left: $icon-li-width;\n list-style-type: none;\n > li { position: relative; }\n}\n\n.icon-li {\n position: absolute;\n left: -$icon-li-width;\n width: $icon-li-width;\n top: math.div(2em, 14);\n text-align: center;\n &.icon-lg {\n left: -$icon-li-width + math.div(4em, 14);\n }\n}\n\n.icon-rotate-90 { @include icon-rotate(90deg, 1); }\n.icon-rotate-180 { @include icon-rotate(180deg, 2); }\n.icon-rotate-270 { @include icon-rotate(270deg, 3); }\n.icon-flip-horizontal { @include icon-flip(-1, 1, 0); }\n.icon-flip-vertical { @include icon-flip(1, -1, 2); }\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/fonts/_zerowidthspace.scss",
"content": "// Zero-width space font, for killing space between inline-block elements\n\n@font-face {\n font-family: 'zerowidthspace';\n font-weight: normal;\n font-style: normal;\n src: url(data:application/font-woff;charset=utf-8;base64,d09GRgABAAAAAAakABEAAAAACYwAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABgAAAABwAAAAceSKT/EdERUYAAAGcAAAAIgAAACYAJwAsT1MvMgAAAcAAAABKAAAAYGJnjp9jbWFwAAACDAAAAEoAAAFSBLks8GN2dCAAAAJYAAAAAgAAAAIAAAAAZnBnbQAAAlwAAAGxAAACZVO0L6dnYXNwAAAEEAAAAAgAAAAIAAAAEGdseWYAAAQYAAAANgAAADg03gskaGVhZAAABFAAAAA0AAAANgPvJ9JoaGVhAAAEhAAAAB4AAAAkBEYD32htdHgAAASkAAAAFQAAABgKqv8zbG9jYQAABLwAAAAOAAAADgBEADxtYXhwAAAEzAAAAB8AAAAgASAADG5hbWUAAATsAAABUgAAAq4ayl+KcG9zdAAABkAAAAAsAAAAPmMjcrlwcmVwAAAGbAAAAC4AAAAusPIrFHdlYmYAAAacAAAABgAAAAa9JVnfAAAAAQAAAADUUbVqAAAAAM7LcO4AAAAA1gVto3jaY2BkYGDgAWIxBjkGJgZGIGQFYhagCBMQM0IwAAipAFQAAHjaY2BhYWD8wsDKwMJqzDqDgYFRHkIzX2VIYRJgYGBiYGNmgAEECwgC0lxTGA4wKKj+YUv7l8bAwOLCoAEUZkRSosDACADyugnvAAB42mNgYGBmgGAZBkYGEPAB8hjBfBYGAyDNAYRMQFqBYYHqn///Eaz/j/+n3OKE6gIDRjYGOJcRpIeJARUwQqwaGoCFLF0AOm0M0gAAAAAAAHjaXVG7TltBEN0NDwOBxNggOdoUs5mQxnuhBQnE1Y1iZDuF5QhpN3KRi3EBH0CBRA3arxmgoaRImwYhF0h8Qj4hEjNriKI0Ozuzc86ZM0vKkap36WvPU+ckkMLdBs02/U5ItbMA96Tr642MtIMHWmxm9Mp1+/4LBpvRlDtqAOU9bykPGU07gVq0p/7R/AqG+/wf8zsYtDTT9NQ6CekhBOabcUuD7xnNussP+oLV4WIwMKSYpuIuP6ZS/rc052rLsLWR0byDMxH5yTRAU2ttBJr+1CHV83EUS5DLprE2mJiy/iQTwYXJdFVTtcz42sFdsrPoYIMqzYEH2MNWeQweDg8mFNK3JMosDRH2YqvECBGTHAo55dzJ/qRA+UgSxrxJSjvjhrUGxpHXwKA2T7P/PJtNbW8dwvhZHMF3vxlLOvjIhtoYEWI7YimACURCRlX5hhrPvSwG5FL7z0CUgOXxj3+dCLTu2EQ8l7V1DjFWCHp+29zyy4q7VrnOi0J3b6pqqNIpzftezr7HA54eC8NBY8Gbz/v+SoH6PCyuNGgOBEN6N3r/orXqiKu8Fz6yJ9O/sVoAAAAAAQAB//8AD3jaY2D6b8zAwHCWxYWBmYGdgUFdUFGQ1VhQ+SzjrH9nz5xJYy7/05kGlGRgZEAChgwAYkELOgAAeNpjYGRgYABincimc/H8Nl8ZuDkYQODc6YJ3IPoaa+7i/8ZAxlkWFyDJwcAEEgUAM5AKvXjaY2BkYGBx+X8DSDL8N2ZgYDjLABRBAWwAa5AEKwAAeNpjYfhvzAAETKsY4IAFiAEktwHnAAAAAAAAFAAUABQAFAAUABwAAHjaY2BkYGBgY+BgYGIAASYGRiAWY2BgZIAAAAMcAC4AeNqFUctKw0AUPWOqYBGXLlyUWSrYGCtW7LbQhSAWKgruUjuxkfpKUsQu/QjX4ke4dqnVH/AH/ALX4snMNShCZZg7594599yTCYA53MKDKs0CuOd2WKHCzOEpch4FezjBq+ASVlRd8DS06gqeQUXdCH7CgroT/IxAPQgeY169C35BWX04/OZhUX2iiQQGITLGHjS6uGbcZiXFOc6I2/AZm8yO0Cc7ZNWg/KfzCjFxn6hlOzN7JjjmvUaNKgHPJTIyrgs0sMoVCTcquD4nR4z5lAzLGPFMeJvr9+yElN0h3RiiHTs9xhCnE+c2uA9FqYqDQkuj80NNiw9NhuFbuL4tdqxRqcodEK3/40n/crVvuSkz956B1fDtmTubrOV8fL+Sls49sobMdsly1ZqNG/QboM7oKs7vJnUNNUL2DMjPv9C5aRW6HVzyNuZN/lcHX4j5amYAAHjaY2BiAIO/5xnSGLABNiBmZGBiYGZkYmRmL83LNDBwNADRRqZuzgCcZgavuAH/hbABjQBLsAhQWLEBAY5ZsUYGK1ghsBBZS7AUUlghsIBZHbAGK1xYWbAUKwAAAAFZ370kAAA=) format('woff');\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_button.scss",
"content": "$btn-padding: 0 21px 0 21px;\n$btn-sm-padding: 0 7px 0 7px;\n$btn-height: 40px;\n$btn-sm-height: 30px;\n\n// -----------------------------------------------------------------------------\n// This file contains all styles related to the button component.\n// -----------------------------------------------------------------------------\n.btn,\nbutton,\n[class^='btn-'] {\n display: inline-block;\n text-align: center;\n white-space: nowrap;\n vertical-align: middle;\n cursor: pointer;\n -webkit-user-select: none;\n -moz-user-select: none;\n -ms-user-select: none;\n user-select: none;\n border: 0;\n padding: $btn-padding;\n border-radius: var(--border-radius);\n color: var(--lightest);\n line-height: $btn-height;\n min-height: $btn-height;\n\n &:hover {\n text-decoration: none;\n color: var(--lightest);\n }\n\n &.bg-transparent {\n color: var(--body-text);\n }\n}\n\n//icon button\n.icon-btn {\n padding: 0;\n line-height: initial;\n\n &.btn-sm {\n padding: 0;\n }\n\n span {\n padding: 0 10px 0 5px;\n vertical-align: middle;\n }\n}\n\n.btn-sm,\n.btn-group-sm > .btn,\n.btn-sm .btn-label {\n padding: $btn-sm-padding;\n min-height: $btn-sm-height;\n line-height: 28px;\n}\n\n//btn roles\n.role-primary {\n background: var(--primary);\n color: var(--primary-text);\n\n &:hover {\n background-color: var(--primary-hover-bg);\n color: var(--primary-text);\n }\n\n &:focus {\n background-color: var(--primary-hover-bg);\n color: var(--primary-text);\n }\n}\n\n.role-secondary {\n background: transparent;\n color: var(--primary) !important;\n border: solid 1px var(--primary);\n line-height: $btn-height - 2px;\n}\n\n.role-tertiary {\n background: var(--accent-btn);\n border: solid 1px var(--primary);\n color: var(--primary);\n}\n\n.role-danger {\n background: var(--error);\n\n &:hover {\n background-color: var(--error-hover-bg);\n }\n}\n\n.role-link {\n background: transparent;\n color: var(--link) !important;\n}\n\n.role-multi-action {\n background: var(--accent-btn);\n border: solid thin var(--primary);\n color: var(--primary);\n border-radius: 2px;\n}\n\n.icon-group i {\n font-size: 1.5em;\n}\n\n//disabled\n.btn-disabled,\n.btn.disabled,\n.btn[disabled],\nfieldset[disabled] .btn {\n cursor: not-allowed;\n color: var(--disabled-text) !important;\n &:not(.role-link){\n background-color: var(--disabled-bg) !important;\n }\n}\n\n.btn-group {\n position: relative;\n text-align: initial;\n vertical-align: middle;\n padding: 0;\n border-radius: var(--border-radius);\n\n .btn {\n position: relative;\n display: inline-block;\n border-radius: 0;\n text-align: center;\n\n &:focus {\n // Move the focused one to the top so that the focus ring is all visible\n z-index: 1;\n }\n\n &.active {\n @extend .bg-primary;\n }\n\n &:first-child {\n border-top-left-radius: var(--border-radius);\n border-bottom-left-radius: var(--border-radius);\n }\n\n &:last-child {\n border-top-right-radius: var(--border-radius);\n border-bottom-right-radius: var(--border-radius);\n }\n }\n\n .btn[disabled] {\n // Ensure disabled button's border remains as-is; otherwise, button appears vertically shorter than others in group\n border: inherit;\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_cards.scss",
"content": ".links {\n display: flex;\n flex-wrap: wrap;\n width: 100%;\n\n .link-container {\n position: relative;\n background-color: var(--input-bg);\n border-radius: var(--border-radius);\n border: solid 1px var(--input-border);\n display: flex;\n flex-basis: 40%;\n margin: 0 10px 10px 0;\n max-width: 325px;\n min-height: 100px;\n border-left: solid 10px var(--primary);\n\n a[disabled], &.disabled {\n cursor: not-allowed;\n color: var(--disabled-text);\n }\n\n &.disabled{\n background-color: var(--disabled-bg);\n border-left: solid 10px var(--disabled-text);\n > * {\n opacity: .3;\n }\n\n .disabled-msg{\n position:absolute;\n color: var(--error);\n z-index: z-index('hoverOverContent');\n opacity: 1;\n top: 0px;\n bottom: 0px;\n left: 0px;\n right: 0px;\n display: flex;\n justify-content: center;\n align-items: flex-end;\n }\n }\n\n &:hover:not(.disabled) {\n box-shadow: 0px 0px 1px var(--outline-width) var(--outline);\n }\n\n > * {\n align-items: center;\n display: flex;\n flex: 1 0;\n padding: 10px;\n\n .link-logo,\n .link-content {\n display: inline-block;\n height: 100%;\n }\n\n .link-logo {\n text-align: center;\n width: 60px;\n height: 60px;\n border-radius: calc(2 * var(--border-radius));\n background-color: white;\n\n img {\n width: 56px;\n height: 56px;\n -o-object-fit: contain;\n object-fit: contain;\n position: relative;\n top: 2px;\n }\n }\n\n .link-content {\n width: 100%;\n margin-left: 10px;\n }\n\n .description {\n margin-top: 10px;\n display: -webkit-box;\n -webkit-box-orient: vertical;\n // -webkit-line-clamp: 3;\n // line-clamp: 3;\n text-overflow: ellipsis;\n color: var(--secondary);\n }\n }\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_columns.scss",
"content": "@use 'sass:math';\n\n@import \"@pkg/assets/styles/base/_functions\";\n@import \"@pkg/assets/styles/base/_variables\";\n\n\n$COLUMNS: 6 10 11 12 23 24;\n$DEFAULT_COLUMNS: 12;\n\n/* SECTIONS */\n.section {\n clear: both;\n padding: 0px;\n margin: 0px;\n}\n\n/* COLUMN SETUP */\n.col {\n flex: 0 0 auto;\n margin: 0 $column-gutter 0 0;\n\n &:last-child {\n margin-right: 0;\n }\n\n &.equal-height {\n display: flex;\n flex: 1;\n }\n}\n\n/* ROWS */\n.row {\n display: flex;\n // margin-bottom: 20px;\n}\n\n.row:before,\n.row:after {\n content:\"\";\n display:table;\n}\n.row:after {\n clear:both;\n}\n\n/* COLUMNS */\n@each $cols in $COLUMNS {\n $span: $cols;\n $suffix: null;\n\n @if ( $cols != $DEFAULT_COLUMNS ) {\n $suffix: -of-#{$cols}\n }\n\n @while $span > 0 {\n // Normal column with a gutter\n .span-#{$span}#{$suffix} { width: decimal-round( (math.div(100 - ($column-gutter * ($cols - 1)), $cols) * $span) + (($span - 1) * $column-gutter) , 3, 'floor'); }\n\n // Gutterless column\n .gutless .span-#{$span}#{$suffix} { margin-right: 0; width: decimal-round( math.div($span, $cols) * 100%, 3, 'floor'); }\n\n // Offsets\n .offset-#{$span}#{$suffix} {\n margin-left: decimal-round( (math.div($span, $cols)*100%) + $span*math.div($column-gutter, $cols), 3, 'floor' );\n }\n\n // Gutterless offset\n .gutless .offset-#{$span}#{$suffix} { margin-left: decimal-round( (math.div($span, $cols)*100%), 3, 'floor' ); }\n\n $span: $span - 1;\n }\n}\n\n//flex grid\n.container-flex {\n display: flex;\n flex-wrap: wrap;\n\n .flex-item-half {\n flex-grow: 1;\n display: flex;\n width: 50%;\n }\n}\n\n.flex-justify-center {\n justify-content: center;\n}\n\n.flex-justify-right {\n justify-content: right;\n}\n\n.flex-justify-left {\n justify-content: left;\n}\n\n.container-flex-center {\n @extend .container-flex;\n align-items: center;\n}\n\n// Equal height columns\n.row-full-height {\n height: 100%;\n}\n\n.col-full-height {\n height: 100%;\n vertical-align: middle;\n}\n\n.row-same-height {\n display: table;\n width: 100%;\n /* fix overflow */\n table-layout: fixed;\n}\n\n\n//breakpoint stuff here\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_form.scss",
"content": "$spacing: 10px;\n\nINPUT:not([type]),\nINPUT[type='text'],\nINPUT[type='password'],\nINPUT[type='number'],\nINPUT[type='date'],\nINPUT[type='email'],\nINPUT[type='search']:not(.vs__search),\nINPUT[type='tel'],\nINPUT[type='url'],\nSELECT,\nTEXTAREA,\n.labeled-input,\n.labeled-select,\n.unlabeled-input,\n.unlabeled-select {\n position: relative;\n display: block;\n box-sizing: border-box;\n width: 100%;\n opacity: 1;\n padding: $input-padding-sm;\n background-color: var(--input-bg);\n border-radius: var(--border-radius);\n border: solid var(--border-width) var(--input-border);\n color: var(--input-text);\n\n @include input-status-color;\n\n LABEL {\n color: var(--input-label);\n }\n &:hover {\n &, .vs__dropdown-menu {\n background: var(--input-hover-bg);\n }\n }\n\n &::placeholder {\n color: var(--input-placeholder);\n }\n\n &.disabled, &.disabled .selected, &[disabled], &[disabled]:hover, &.view {\n color: var(--input-disabled-text);\n background-color: var(--input-disabled-bg);\n outline-width: 0;\n border-color: var(--input-disabled-border);\n cursor: not-allowed;\n label {\n color: var(--input-disabled-label);\n display: inline-block;\n z-index: 1;\n }\n &::placeholder {\n color: var(--input-disabled-placeholder);\n }\n }\n\n LABEL {\n margin: $spacing 0 0 0;\n }\n}\n\nINPUT[type='search']:not(.vs__search) {\n padding: calc(#{$input-padding-sm} + 2px);\n}\n\nTEXTAREA {\n padding: $input-padding-lg 10px 10px 10px;\n line-height: $input-line-height;\n}\n\nFORM {\n LABEL {\n color: var(--input-label);\n display: inline-block;\n margin: $spacing 0 $spacing 0;\n font-size: 12px;\n\n .radio-label,\n .checkbox-label {\n font-size: 14px;\n }\n\n &.radio, &.checkbox {\n cursor: pointer;\n margin: 5px 0;\n\n > INPUT {\n margin-right: 5px;\n }\n }\n\n &.radio + LABEL.radio,\n &.checkbox + LABEL.checkbox {\n margin-left: 20px;\n }\n }\n\n .actions {\n padding-top: $spacing;\n }\n\n .detail {\n margin-top: 2px;\n @extend .text-small;\n color: var(--muted);\n }\n\n .group {\n border: 1px solid var(--input-border);\n padding: 20px;\n }\n}\n\n.field-required {\n color: var(--error);\n font-weight: bold;\n}\n\nINPUT.inline-input {\n display: inline-block;\n width: 75px;\n margin: 0 10px;\n}\n\n.input-title {\n clear: both;\n margin-left: 24px;\n font-size: 12px;\n}\n\n.fixed select, .fixed.v-select, .fixed input:not(.vs__search){\n height: 50px;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_gauges.scss",
"content": "@media only screen and (min-width: map-get($breakpoints, \"--viewport-7\")) {\n .resource-gauges {\n grid-template-columns: 1fr 1fr;\n }\n\n .hardware-resource-gauges {\n &,\n &.live {\n grid-template-columns: 1fr;\n }\n }\n}\n@media only screen and (min-width: map-get($breakpoints, \"--viewport-9\")) {\n .resource-gauges {\n grid-template-columns: 1fr 1fr 1fr;\n }\n\n .hardware-resource-gauges {\n grid-template-columns: 1fr 1fr 1fr;\n\n &.live {\n grid-template-columns: 1fr 1fr;\n }\n }\n}\n@media only screen and (min-width: map-get($breakpoints, \"--viewport-12\")) {\n .resource-gauges {\n grid-template-columns: 1fr 1fr 1fr;\n }\n}\n\n.resource-gauges {\n display: grid;\n grid-column-gap: 10px;\n grid-row-gap: 15px;\n margin-top: 25px;\n\n & > * {\n width: 100%;\n height: 100%;\n }\n}\n\n.hardware-resource-gauges {\n display: grid;\n grid-column-gap: 15px;\n grid-row-gap: 20px;\n &:first-of-type {\n margin-top: 35px;\n }\n\n & > * {\n width: 100%;\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_labeled-input.scss",
"content": ".labeled-input {\n position: relative;\n display: table;\n border-collapse: separate;\n min-height: $input-height;\n\n LABEL {\n position: absolute;\n transform: translate(0, -10px) scale(1);\n transform-origin: top left;\n transition-property: transform, font-size;\n transition-duration: 0.1s;\n transition-timing-function: ease-in-out;\n color: var(--input-label);\n pointer-events: none;\n i {\n pointer-events: initial;\n }\n }\n\n .corner {\n top: 5px;\n right: 10px;\n margin: 0;\n padding: 0;\n text-align: right;\n z-index: 3;\n transform: none !important;\n }\n\n .required {\n color: var(--error);\n }\n\n INPUT, SELECT {\n position: relative;\n font-size: 14px;\n display: block;\n width: 100%;\n }\n\n SELECT.empty {\n color: var(--input-placeholder);\n }\n\n SELECT {\n -webkit-appearance: textfield;\n user-select: none;\n }\n\n INPUT, INPUT:hover, INPUT:focus,\n TEXTAREA, TEXTAREA:hover, TEXTAREA:focus,\n SELECT, SELECT:hover, SELECT:focus {\n border: none;\n background-color: transparent;\n outline: 0;\n box-shadow: none;\n padding: $input-padding-lg 0 0 0;\n line-height: calc(#{$input-line-height} + 1px);\n\n &.no-label {\n padding: $input-padding-sm 0px $input-padding-sm 0px;\n }\n }\n\n &.view > DIV:not(.addon) {\n font-size: 14px;\n padding: $input-padding-lg 0 0 0;\n\n &.no-label {\n padding-top:0px;\n }\n }\n\n &.create,\n &.edit,\n &.view {\n .addon,\n .addon.btn {\n display: table-cell;\n vertical-align: middle;\n width: 1%;\n white-space: nowrap;\n vertical-align: middle;\n color: #{$secondary};\n }\n\n .addon {\n padding: 6px 12px;\n font-size: 14px;\n font-weight: normal;\n line-height: 1;\n text-align: center;\n border-left: solid thin #{$secondary};\n }\n }\n\n &.suffix INPUT {\n padding-right: 8px;\n }\n\n .cron-label{\n position: absolute;\n top: 100%;\n padding-top: 5px;\n left: 0;\n color: var(--input-label);\n }\n\n\n\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_resource.scss",
"content": ".create-resource-container {\n .subtypes-container {\n display: flex;\n flex-wrap: wrap;\n width: 100%;\n }\n .subtype-content {\n width: 100%;\n }\n\n .subtype-banner {\n border-left: 5px solid var(--primary);\n border-radius: var(--border-radius);\n display: flex;\n flex-basis: 40%;\n margin: 10px;\n min-height: 80px;\n padding: 10px;\n box-shadow: 0 0 20px var(--shadow);\n\n &.disabled {\n cursor: not-allowed !important;\n background-color: var(--disabled-bg);\n }\n\n &.selected {\n background-color: var(--accent-btn);\n }\n\n &.top {\n background-image: linear-gradient(\n -90deg,\n var(--body-bg),\n var(--accent-btn)\n );\n\n h2 {\n margin: 0px;\n }\n }\n\n .title {\n align-items: center;\n display: flex;\n width: 100%;\n\n h5 {\n margin: 0;\n }\n\n .flex-right {\n margin-left: auto;\n }\n }\n\n .description {\n color: var(--input-label);\n display: flex;\n flex-direction: column;\n justify-content: center;\n }\n\n &:not(.top) {\n align-items: top;\n flex-direction: row;\n justify-content: start;\n &:hover {\n cursor: pointer;\n box-shadow: 0px 0px 1px var(--outline-width) var(--outline);\n }\n }\n\n .round-image {\n border-radius: 50%;\n height: 50px;\n margin-right: 10px;\n width: 50px;\n overflow: hidden;\n }\n\n .banner-abbrv {\n align-items: center;\n background-color: var(--primary);\n color: white;\n display: flex;\n font-size: 2.5em;\n height: 100%;\n justify-content: center;\n width: 100%;\n }\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_select.scss",
"content": ".labeled-select {\n cursor: text;\n padding: 0;\n width: 100%;\n\n .selected {\n padding-top: $input-padding-lg;\n }\n}\n\n.col {\n > .labeled-select:not(.taggable),\n > .unlabeled-select:not(.taggable) {\n min-height: $input-height;\n padding-bottom: calc(#{$input-padding-sm}/2);\n }\n}\n\n.labeled-select,\n.unlabeled-select {\n min-width: 75px;\n // line-height: $input-line-height;\n\n .required {\n color: var(--error);\n }\n\n .v-select {\n &.inline {\n\n .vs__search {\n background-color: transparent;\n }\n\n .vs__dropdown-toggle,\n .vs__dropdown-toggle > * {\n background-color: transparent;\n border: transparent;\n }\n\n .vs__dropdown-menu {\n outline: none;\n }\n\n .selected {\n position: relative;\n top: 1.4em;\n }\n }\n }\n .v-select.inline.vs--single {\n\n &.vs--searching .vs__selected {\n display: none;\n }\n &:not(.vs--searching) {\n .vs__selected-options {\n overflow: hidden;\n flex-wrap: nowrap;\n .vs__selected {\n overflow: hidden;\n white-space: nowrap;\n text-overflow: ellipsis;\n display: inline-block;\n }\n }\n }\n }\n\n .v-select.inline:not(.vs--single) {\n margin-bottom: -5px; // targets multi-select tag boxes to make the same size as rows next to it\n min-height: 30px;\n\n .vs__selected {\n min-height: 25px;\n padding: 0 7px;\n\n &:not(:only-child) {\n margin-bottom: 3px;\n }\n }\n }\n\n &.focused {\n outline: none;\n box-shadow: 0 0 0 var(--outline-width) var(--outline);\n .v-select {\n // Can toggle this to get full width dd - maybe make an option?\n .vs__dropdown-menu {\n min-width: max-content;\n background: var(--dropdown-bg);\n }\n }\n }\n}\n\n.unlabeled-select {\n background-color: var(--input-bg);\n border-radius: var(--border-radius);\n color: var(--input-text);\n padding: 3px 0;\n\n &.disabled {\n border: solid var(--border-width) var(--input-disabled-border);\n\n .vs__dropdown-toggle, input {\n cursor: not-allowed;\n }\n }\n\n .vs--single .vs__selected-options {\n flex-wrap: nowrap;\n }\n\n .v-select {\n\n &.inline {\n height: 100%;\n\n .vs__dropdown-toggle {\n height: 100%;\n }\n .vs__actions {\n width: auto;\n }\n }\n }\n\n &:not(.view) {\n background-color: var(--input-bg);\n border: solid var(--border-width) var(--input-border);\n\n &:hover {\n &,\n .vs__dropdown-menu {\n background: var(--input-hover-bg);\n }\n }\n\n &.disabled .v-select {\n background-color: var(--input-disabled-bg);\n border-color: var(--input-disabled-border);\n cursor: not-allowed;\n\n .vs__dropdown-toggle, input {\n cursor: not-allowed;\n }\n .vs__selected {\n color: var(--input-disabled-text);\n }\n }\n }\n\n .labeled-tooltip .status-icon {\n top: $input-padding-sm;\n }\n}"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_table.scss",
"content": "//bordered table\n.bordered-table {\n width: 100%;\n max-width: 100%;\n margin-bottom: 1rem;\n // background-color: var(--body-bg);\n border-collapse: collapse;\n\n th,\n td {\n padding: 12px;\n border-top: 1px solid var(--border);\n }\n\n thead th {\n vertical-align: bottom;\n border-bottom: 2px solid var(--border);\n }\n\n tbody + tbody {\n border-top: 2px solid var(--border);\n }\n\n table {\n // background-color: var(--body-bg);\n }\n}\n\n\n//zebra table\n.zebra-table {\n border-collapse: collapse;\n margin: 25px 0;\n min-width: 400px;\n border-radius: 5px 5px 0 0;\n overflow: hidden;\n box-shadow: 0 0 20px var(--shadow);\n\n thead {\n tr {\n background-color: var(--sortable-table-header-bg);\n color: #ffffff;\n text-align: left;\n }\n }\n\n th {\n padding: 12px 15px;\n font-weight: normal;\n border: 0;\n }\n\n td {\n padding: 12px 15px;\n border: 0;\n }\n\n tbody {\n tr {\n border-bottom: 1px solid var(--sortable-table-top-divider);\n\n &:nth-of-type(even) {\n background-color: var(--sortable-table-accent-bg);\n }\n\n &:last-of-type {\n border-bottom: 2px solid var(--sortable-table-top-divider);\n }\n }\n\n tr.active-row {\n color: var(--sortable-table-header-bg);\n }\n }\n}\n\n .for-inputs{\n & TABLE.sortable-table {\n width: 100%;\n border-collapse: collapse;\n margin-bottom: $spacing;\n\n >TBODY>TR>TD, >THEAD>TR>TH {\n padding-right: $spacing;\n padding-bottom: $spacing;\n\n &:last-of-type {\n padding-right: 0;\n }\n }\n\n >TBODY>TR:first-of-type>TD {\n padding-top: $spacing;\n }\n\n >TBODY>TR:last-of-type>TD {\n padding-bottom: 0;\n }\n }\n\n &.edit, &.create, &.clone {\n TABLE.sortable-table>THEAD>TR>TH {\n border-color: transparent;\n }\n }\n }\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/global/_tooltip.scss",
"content": ".v-popper__popper.v-popper--theme-tooltip {\n $triangle-size: 8px;\n $triangle-inner-size: $triangle-size - 1px;\n $center: calc(50% - #{$triangle-size});\n\n display: block !important;\n z-index: z-index('tooltip');\n max-width: 50vw;\n\n .v-popper__inner {\n background: var(--tooltip-bg);\n color: var(--tooltip-text);\n border-radius: var(--border-radius);\n padding: 8px;\n }\n\n .v-popper__arrow-container {\n border: 0 solid transparent;\n z-index: 1;\n position: absolute;\n width: $triangle-size;\n height: $triangle-size;\n\n .v-popper__arrow-outer {\n border-radius: 0;\n border: $triangle-size solid transparent;\n width: 0;\n height: 0;\n box-sizing: content-box;\n margin-left: -2px;\n }\n .v-popper__arrow-inner {\n border: $triangle-inner-size solid transparent;\n border-radius: 0;\n width: 0;\n height: 0;\n box-sizing: content-box;\n margin-left: -1px;\n }\n }\n\n :is(&[data-popper-placement^=\"top\"], &[data-popper-placement^=\"bottom\"]) {\n .v-popper__arrow-inner {\n margin-top: -$triangle-size;\n }\n }\n\n :is(&[data-popper-placement^=\"left\"], &[data-popper-placement^=\"right\"]) {\n .v-popper__arrow-inner {\n margin-top: calc(-2 * $triangle-size);\n }\n }\n\n &[data-popper-placement^=\"top\"] {\n .v-popper__wrapper {\n margin-bottom: $triangle-size;\n }\n .v-popper__arrow-container > * {\n border-top-color: var(--tooltip-bg);\n border-bottom-width: 0;\n }\n }\n\n &[data-popper-placement^=\"bottom\"] {\n .v-popper__inner {\n margin-top: $triangle-size;\n }\n .v-popper__arrow-container {\n top: 0;\n & > * {\n border-bottom-color: var(--tooltip-bg);\n border-top-width: 0;\n }\n }\n }\n\n &[data-popper-placement^=\"right\"] {\n .v-popper__inner {\n margin-left: calc(#{$triangle-size} - 2px);\n }\n .v-popper__arrow-container > * {\n border-right-color: var(--tooltip-bg);\n border-left-width: 0;\n }\n }\n\n &[data-popper-placement^=\"left\"] {\n .v-popper__inner {\n margin-right: $triangle-size;\n }\n .v-popper__arrow-container > * {\n border-left-color: var(--tooltip-bg);\n border-right-width: 0;\n }\n }\n\n &.tooltip-warning {\n .v-popper__inner {\n background: var(--tooltip-bg-warning);\n color: var(--tooltip-text-warning);\n }\n\n &[data-popper-placement^=\"top\"] {\n .v-popper__arrow-container {\n .v-popper__arrow-outer {\n border-top-color: var(--tooltip-bg-warning);\n }\n }\n }\n\n\n &[data-popper-placement^=\"bottom\"] {\n .v-popper__arrow-container {\n .v-popper__arrow-outer {\n border-bottom-color: var(--body-bg);\n }\n }\n }\n\n &[data-popper-placement^=\"right\"] {\n .v-popper__arrow-container {\n .v-popper__arrow-outer {\n border-right-color: var(--tooltip-bg-warning);\n }\n }\n }\n\n &[data-popper-placement^=\"left\"] {\n .v-popper__arrow-container {\n .v-popper__arrow-outer {\n border-left-color: var(--tooltip-bg-warning);\n }\n }\n }\n }\n}\n\n.v-popper__popper {\n $color: var(--popover-bg);\n top: 0;\n left: 0;\n border-radius: var(--border-radius-lg);\n\n &:focus {\n outline: none;\n }\n\n .v-popper__inner {\n background: $color;\n color: var(--popover-text);\n padding: 0;\n border-radius: var(--border-radius-lg);\n overflow: hidden; /* for border-radius */\n border: 1px solid var(--dropdown-border);\n\n li {\n padding: 10px;\n &:not(.divider):hover {\n background-color: var(--dropdown-hover-bg);\n color: var(--dropdown-hover-text);\n cursor: pointer;\n }\n }\n\n a {\n color: var(--popover-text);\n }\n\n .resize-observer, .resize-observer object {\n position: absolute;\n }\n }\n\n .v-popper__arrow-container {\n border-color: transparent;\n .v-popper__arrow-outer {\n border-color: transparent;\n }\n }\n}\n\n.v-popper__popper.v-popper--theme-dropdown {\n z-index: z-index('tooltip');\n\n &.containerLogsDropdown, &.fleet-summary-tooltip{\n .v-popper__arrow-container {\n display: none;\n }\n }\n}\n\n.v-popper {\n display: inline;\n}\n\n.v-popper__popper.v-popper--theme-tooltip,\n.v-popper {\n &[aria-hidden='true'] {\n // This removes it from the layout of ButtonDropDown (so it doesn't render huge for SSR) but\n // still allows it to maintain its dimensions for v-tooltip to calculate the appropriate position.\n position: absolute;\n visibility: hidden;\n opacity: 0;\n transition: opacity .15s, visibility .15s;\n }\n\n &[aria-hidden='false'] {\n visibility: visible;\n opacity: 1;\n transition: opacity .15s;\n }\n}\n\n//icon tooltip\n.icon-info.v-popper--has-tooltip {\n font-size: 14px;\n}\n\n.tooltip-footer {\n top: 0;\n font-size: 12px;\n\n .v-popper__inner {\n font-size: 12px;\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/rancher-desktop.scss",
"content": "/** Rancher Desktop specific styles */\nbody {\n background-color: var(--body-bg);\n color: var(--body-text);\n font-size: 14px;\n}\n\n.labeled-input {\n margin-bottom: 1em;\n}\nlabel > button:first-child:not(.btn-sm) {\n margin-right: 1em;\n}\n\n.locked-radio .radio-container span.radio-custom {\n &[aria-checked=\"true\"] {\n opacity: 1;\n }\n\n &:not([aria-checked=\"true\"]) {\n opacity: 1;\n background-color: var(--radio-locked-bg);\n box-shadow: var(--radio-locked-shadow);\n }\n}\n\n@media screen and (prefers-color-scheme: dark) {\n option {\n background-color: var(--input-bg);\n }\n}\n\n:is(.btn, button, [class*='btn-']):not([class*='role-']):not([class*=bg-primary]) {\n /* buttons should have one of the role- classes:\n * .role-primary, .role-secondary, .role-tertiary, .role-multi-action, etc.\n */\n outline: 10px dashed red !important;\n}\n\n.btn-icon-text {\n display: flex;\n align-items: center;\n gap: 0.5rem;\n}\n\n:root {\n --preferences-content-padding: 0.75rem;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/themes/_dark.scss",
"content": ":root {\n // Local variables for reused colors\n\n //dark sidebar\n $darkest: #141419;\n\n //dark body\n $darker: #1b1c21;\n\n //dark inputs\n $dark: #27292e;\n\n //dark borders and button\n $medium: #4a4b52;\n\n // dark disabled,\n $light: #6c6c76;\n\n //dark secondary\n $lighter: #b6b6c2;\n\n // dark main text\n $lightest: #ffffff;\n\n $secondary: $lighter;\n $disabled: $light;\n\n //Contrast colors\n $contrasted-dark: $lightest !default;\n $contrasted-light: $darkest !default;\n\n\n --default : #{$dark};\n --default-text : #{$light};\n --default-hover-bg : #{darken($dark, 10%)};\n --default-hover-text : #{saturate($lightest, 20%)};\n --default-active-bg : #{darken($dark, 25%)};\n --default-active-text : #{contrast-color(darken($dark, 25%))};\n --default-border : #($dark);\n --default-banner-bg : #{rgba($dark, 0.15)};\n --default-light-bg : #{rgba($dark, 0.05)};\n\n --muted : #{$disabled};\n\n --body-bg : #{$darker};\n --body-text : #{$lightest};\n --scrollbar-thumb : #{$medium};\n --scrollbar-thumb-dropdown : #{$medium};\n\n --header-bg : #{$darker};\n --header-border : #{$medium};\n --header-btn-bg : #{$dark};\n --header-btn-text : #{$lightest};\n --footer-bg : #{$darker};\n --footer-border : #{$medium};\n\n --nav-bg : #{$darkest};\n --nav-active : var(--primary-active-bg);\n --nav-border : #{$medium};\n --nav-hover : var(--primary);\n --nav-expander-hover : var(--primary-banner-bg);\n\n --disabled-bg : #{darken($disabled, 10%)};\n --disabled-text : #{$secondary};\n --box-bg : #{$darkest};\n --subtle-border : #{$darkest};\n --border : #{$medium};\n\n --topmenu-bg : #{$darkest};\n --topmenu-text : #{$lightest};\n --topmost-border : #{$medium};\n --topmost-shadow : #{lighten($darkest, 5%)};\n --topmost-light-hover : #{$medium};\n\n --accent-btn : var(--primary-banner-bg);\n --accent-btn-hover : var(--primary);\n --accent-btn-hover-text : #{$lightest};\n\n --modal-bg : #{$dark};\n --modal-border : #{$medium};\n --overlay-bg : #{rgba($darkest, 0.75)};\n --shadow : #{rgba($darkest, 0.9)};\n\n --checkbox-tick : #{$lightest};\n --checkbox-border : #{$medium};\n --checkbox-tick-disabled : #{lighten($disabled, 50%)};\n --checkbox-disabled-bg : #{$disabled};\n --checkbox-tick-locked : #{$darkest};\n --checkbox-locked-bg : #{lighten($disabled, 50%)};\n --checkbox-ticked-bg : var(--primary);\n --checkbox-locked-border : #{lighten($disabled, 50%)};\n --checkbox-locked-shadow : #{lighten($disabled, 50%)};\n\n --dropdown-bg : #{mix($medium, $dark, 10%)};\n --dropdown-border : #{$light};\n --dropdown-divider : #{$light};\n --dropdown-text : #{$link};\n --dropdown-active-text : #{$lightest};\n --dropdown-active-bg : #{$selected};\n --dropdown-hover-text : #{$lightest};\n --dropdown-hover-bg : #{$link};\n --dropdown-disabled-bg : #{$disabled};\n --dropdown-disabled-text : #{$disabled};\n --dropdown-locked-text : #{$lightest};\n\n --input-text : #{$lightest};\n --input-label : #{$lighter};\n --input-placeholder : #{$disabled};\n --input-border : var(--border);\n --input-bg : var(--body-bg);\n --input-bg-accent : #{darken($dark, 3%)};\n --input-hover-bg : var(--box-bg);\n --input-focus-bg : var(--box-bg);\n --input-disabled-text : #{darken($lightest, 50%)};\n --input-disabled-label : #{darken($lighter, 30%)};\n --input-disabled-bg : #{darken($disabled, 30%)};\n --input-disabled-border : #{darken($medium, 30%)};\n --input-disabled-placeholder : #{darken($disabled, 10%)};\n --input-addon-bg : #{$darker};\n --input-locked-text : #{$lightest};\n\n --radio-locked-bg : var(--body-bg);\n --radio-locked-shadow : var(--body-bg);\n\n --progress-bg : #{$medium};\n --progress-divider : #{$lightest};\n\n --sortable-table-bg : #{lighten($darkest, 10%)};\n --sortable-table-row-bg : #{$darker};;\n --sortable-table-header-bg : #{$darkest};\n --sortable-table-accent-bg : #{$darker};\n --sortable-table-accent-alt : #{$dark};\n --sortable-table-top-divider : var(--border);\n --sortable-table-hover-bg : #{$darkest};\n --sortable-table-selected-bg : var(--primary-light-bg);\n --sortable-table-group-label : #{$lighter};\n\n --tag-primary : #{$lightest};\n --tag-bg : #{$medium};\n\n --popover-bg : var(--body-bg);\n --popover-border : var(--border);\n --popover-text : var(--body-text);\n\n --tooltip-bg : #{$medium};\n --tooltip-border : var(--tag-primary);\n --tooltip-text : var(--body-text);\n --tooltip-text-warning : var(--body-text);\n\n --icon-circle : #{$medium};\n\n --tabbed-border : #{$medium};\n --tabbed-sidebar-bg : #{$darkest};\n --tabbed-container-bg : #{mix($medium, $dark, 20%)};\n\n --yaml-editor-bg : #{$darkest};\n\n --diff-border : var(--border);\n --diff-header-bg : var(--nav-bg);\n --diff-header-border : var(--border);\n --diff-header : #{rgba($darkest, 0.3)};\n --diff-linenum-bg : var(--nav-bg);\n --diff-linenum : var(--muted);\n --diff-linenum-border : var(--border);\n --diff-line-ins-bg : $success;\n --diff-line-del-bg : #{rgba($error, 0.75)};\n --diff-del-bg : #{rgba($error, 0.3)};\n --diff-del-border : #{$error};\n --diff-ins-bg : #{rgba($success, 0.3)};\n --diff-ins-border : #{rgba($success, 0.5)};\n --diff-chg-ins : #{rgba($success, 0.25)};\n --diff-chg-del : #{rgba($warning, 0.5)};\n --diff-empty-placeholder : #{$darker};\n\n\n --wm-tabs-bg : #{mix($medium, $dark, 10%)};\n --wm-tab-bg : #{$darkest};\n --wm-closer-hover-bg : #{$medium};\n --wm-tab-active-bg : #{$darker};\n --wm-title-bg : #{$darkest};\n --wm-title-border : #{$medium};\n --wm-body-bg : #{$darkest};\n --wm-border : black;\n\n --glance-divider : #{$medium};\n\n --resource-gauge-back-circle : 74, 75, 82, 0.5;\n\n --simple-box-bg : #{$darker};\n --simple-box-border : #{$darkest};\n --simple-box-divider : #{$medium};\n --simple-box-shadow : rgba(0, 0, 0, 0.15);\n\n --terminal-bg : var(--wm-body-bg);\n --terminal-cursor : var(--warning);\n --terminal-selection : #{$selected};\n --terminal-text : var(--body-text);\n\n --logs-bg : var(--wm-body-bg);\n --logs-highlight : var(--wm-body-bg);\n --logs-highlight-bg : var(--warning);\n --logs-text : var(--body-text);\n\n --gauge-divider : rgba(255, 255, 255, 0.3);\n --gauge-success-primary : 75, 95, 64;\n --gauge-success-secondary : 150, 189, 127;\n --gauge-warning-primary : 218, 195, 66;\n --gauge-warning-secondary : 109, 98, 33;\n --gauge-error-primary : 239, 90, 83;\n --gauge-error-secondary : 120, 45, 42;\n\n --product-icon : #{$lighter};\n --product-icon-active : #{$lightest};\n\n --button-icon : #{$medium};\n --button-icon-bg : #{$lightest};\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/themes/_light.scss",
"content": "// Local variables for reused colors\n//light main text\n$darkest : #141419;\n\n//light secondary\n$darker : #6C6C76;\n\n//light disabled\n$dark : #B6B6C2;\n\n//light border and buttons\n$medium : #DCDEE7;\n\n//light inputs\n$light : #EEEFF4;\n\n//light sidebar and box\n$lighter : #F4F5FA;\n\n//light body bg\n$lightest : #FFFFFF;\n\n//color for items that are not enabled\n$disabled : $medium;\n\n$primary : #3D98D3;\n$secondary : $darker;\n$link : #3D98D3;\n\n// Status colors\n$success : #5D995D;\n$warning : #DAC342;\n$error : #F64747;\n$info : #3D98D3;\n\n$contrasted-dark: $darkest !default;\n$contrasted-light: $lightest !default;\n\n// Text selection color for terminal window (we don't want this to change with the primary color)\n// The terminal alway uses a light background, so okay to use a fixed color\n$selected: rgba(#3D98D3, .5);\n\n:root {\n\n --primary : #{$primary};\n --primary-text : #{contrast-color($primary)};\n --primary-hover-bg : #{darken($primary, 10%)};\n --primary-hover-text : #{saturate($lightest, 20%)};\n --primary-active-bg : #{darken($primary, 25%)};\n --primary-active-text : #{contrast-color(darken($primary, 25%))};\n --primary-border : #($primary);\n --primary-banner-bg : #{rgba($primary, 0.15)};\n --primary-light-bg : #{rgba($primary, 0.05)};\n\n\n .text-primary {\n color: var(--primary) !important;\n }\n\n .bg-primary {\n background-color: var(--primary);\n color: var(--primary-text);\n\n &.btn:hover {\n color: var(--primary-hover-text);\n background: var(--primary-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--primary-active-text);\n background: var(--primary-active-bg);\n }\n }\n\n --link : #{$link};\n --link-text : #{contrast-color($link)};\n --link-hover-bg : #{darken($link, 10%)};\n --link-hover-text : #{saturate($lightest, 20%)};\n --link-active-bg : #{darken($link, 25%)};\n --link-active-text : #{contrast-color(darken($link, 25%))};\n --link-border : #($link);\n --link-banner-bg : #{rgba($link, 0.15)};\n --link-light-bg : #{rgba($link, 0.05)};\n\n\n .text-link {\n color: var(--link) !important;\n }\n\n .bg-link {\n background-color: var(--link);\n color: var(--link-text);\n\n &.btn:hover {\n color: var(--link-hover-text);\n background: var(--link-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--link-active-text);\n background: var(--link-active-bg);\n }\n }\n\n --default : #{$light};\n --default-text : #{contrast-color($light)};\n --default-hover-bg : #{darken($light, 10%)};\n --default-hover-text : #{saturate($lightest, 20%)};\n --default-active-bg : #{darken($light, 25%)};\n --default-active-text : #{contrast-color(darken($light, 25%))};\n --default-border : #($light);\n --default-banner-bg : #{rgba($light, 0.15)};\n --default-light-bg : #{rgba($light, 0.05)};\n\n\n .text-default {\n color: var(--default) !important;\n }\n\n .bg-default {\n background-color: var(--default);\n color: var(--default-text);\n\n &.btn:hover {\n color: var(--default-hover-text);\n background: var(--default-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--default-active-text);\n background: var(--default-active-bg);\n }\n }\n\n --muted : #{$dark};\n\n .text-muted {\n color: var(--muted) !important;\n }\n\n --darker : #{$darker};\n --darker-text : #{contrast-color($darker)};\n --darker-hover-bg : #{darken($darker, 10%)};\n --darker-hover-text : #{saturate($lightest, 20%)};\n --darker-active-bg : #{darken($darker, 25%)};\n --darker-active-text : #{contrast-color(darken($darker, 25%))};\n --darker-border : #($darker);\n --darker-banner-bg : #{rgba($darker, 0.15)};\n --darker-light-bg : #{rgba($darker, 0.05)};\n\n .text-darker {\n color: var(--default) !important;\n }\n\n .bg-darker {\n background-color: var(--darker);\n color: var(--darker-text);\n\n &.btn:hover {\n color: var(--darker-hover-text);\n background: var(--darker-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--darker-active-text);\n background: var(--darker-active-bg);\n }\n }\n\n\n\n --success : #{$success};\n --success-text : #{contrast-color($success)};\n --success-hover-bg : #{darken($success, 10%)};\n --success-hover-text : #{saturate($lightest, 20%)};\n --success-active-bg : #{darken($success, 25%)};\n --success-active-text : #{contrast-color(darken($success, 25%))};\n --success-border : #($success);\n --success-banner-bg : #{rgba($success, 0.15)};\n --success-light-bg : #{rgba($success, 0.05)};\n\n .text-success {\n color: var(--success) !important;\n }\n\n .bg-success {\n background-color: var(--success);\n color: var(--success-text);\n\n &.btn:hover {\n color: var(--success-hover-text);\n background: var(--success-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--success-active-text);\n background: var(--success-active-bg);\n }\n }\n\n\n --info : #{$info};\n --info-text : #{contrast-color($info)};\n --info-hover-bg : #{darken($info, 10%)};\n --info-hover-text : #{saturate($lightest, 20%)};\n --info-active-bg : #{darken($info, 25%)};\n --info-active-text : #{contrast-color(darken($info, 25%))};\n --info-border : #($info);\n --info-banner-bg : #{rgba($info, 0.15)};\n --info-light-bg : #{rgba($info, 0.05)};\n\n .text-info {\n color: var(--info) !important;\n }\n\n .bg-info {\n background-color: var(--info);\n color: var(--info-text);\n\n &.btn:hover {\n color: var(--info-hover-text);\n background: var(--info-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--info-active-text);\n background: var(--info-active-bg);\n }\n }\n\n\n --warning : #{$warning};\n --warning-text : #{contrast-color($warning)};\n --warning-hover-bg : #{darken($warning, 10%)};\n --warning-hover-text : #{saturate($lightest, 20%)};\n --warning-active-bg : #{darken($warning, 25%)};\n --warning-active-text : #{contrast-color(darken($warning, 25%))};\n --warning-border : #($warning);\n --warning-banner-bg : #{rgba($warning, 0.15)};\n --warning-light-bg : #{rgba($warning, 0.05)};\n\n .text-warning {\n color: var(--error) !important;\n }\n\n .bg-warning {\n background-color: var(--warning);\n color: var(--warning-text);\n\n &.btn:hover {\n color: var(--warning-hover-text);\n background: var(--warning-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--warning-active-text);\n background: var(--warning-active-bg);\n }\n }\n\n\n --error : #{$error};\n --error-text : #{contrast-color($error)};\n --error-hover-bg : #{darken($error, 10%)};\n --error-hover-text : #{saturate($lightest, 20%)};\n --error-active-bg : #{darken($error, 25%)};\n --error-active-text : #{contrast-color(darken($error, 25%))};\n --error-border : #($error);\n --error-banner-bg : #{rgba($error, 0.15)};\n --error-light-bg : #{rgba($error, 0.05)};\n\n\n .text-error {\n color: var(--error) !important;\n }\n\n .bg-error {\n background-color: var(--error);\n color: var(--error-text);\n\n &.btn:hover {\n color: var(--error-hover-text);\n background: var(--error-hover-bg);\n transition: all 0.3s ease;\n }\n\n &.btn:active {\n color: var(--error-active-text);\n background: var(--error-active-bg);\n }\n }\n\n\n --body-bg : #{$lightest};\n --body-text : #{$darkest};\n --scrollbar-thumb : #{$dark};\n --scrollbar-thumb-dropdown : #{$lighter};\n --scrollbar-track : transparent;\n\n --header-bg : #{$lightest};\n --header-btn-bg : #{$light};\n --header-btn-text : #{$darker};\n --header-input-text : #{$lightest};\n --header-height : 55px;\n --header-border : #{$medium};\n --header-border-size : 1px;\n --nav-width : 230px;\n --nav-bg : #{$lightest};\n --nav-active : #{$light};\n --nav-hover : #{$medium};\n --nav-expander-hover : #{darken($medium, 10%)};\n --nav-border : #{$medium};\n --nav-border-size : 1px;\n --footer-bg : #{$lightest};\n --footer-border : #{$medium};\n\n --topmenu-bg : #{$lightest};\n --topmenu-text : #{$darkest};\n --topmost-border : #{$medium};\n --topmost-shadow : #{lighten($lightest, 10%)};\n --topmost-light-hover : #{$light};\n\n --disabled-bg : #{$disabled};\n --disabled-text : #{$secondary};\n --box-bg : #{$lighter};\n --subtle-border : #{$medium};\n --border : #{$medium};\n --border-width : 1px;\n --border-radius : 4px;\n --border-radius-md : 6px;\n --border-radius-lg : 8px;\n --outline : var(--primary);\n --outline-width : 1px;\n\n --accent-btn : var(--primary-banner-bg);\n --accent-btn-hover : var(--primary);\n --accent-btn-hover-text : #{$lightest};\n\n --modal-bg : #{$lightest};\n --modal-border : #{$dark};\n --overlay-bg : #{rgba($lighter, 0.75)};\n --shadow : #{rgba($medium, 0.85)};\n\n --checkbox-tick : #{$lightest};\n --checkbox-border : #{$medium};\n --checkbox-tick-disabled : #{darken($disabled, 40%)};\n --checkbox-disabled-bg : #{$disabled};\n --checkbox-tick-locked : #{$darkest};\n --checkbox-locked-bg : #{lighten($disabled, 5%)};\n --checkbox-ticked-bg : #{$link};\n --checkbox-locked-border : #{lighten($disabled, 5%)};\n --checkbox-locked-shadow : #{lighten($disabled, 5%)};\n\n --dropdown-bg : #{$lightest};\n --dropdown-border : #{$medium};\n --dropdown-divider : #{$medium};\n --dropdown-text : #{$link};\n --dropdown-active-text : #{$lightest};\n --dropdown-active-bg : #{$dark};\n --dropdown-hover-text : var(--body-text);\n --dropdown-hover-bg : #{$light};\n --dropdown-disabled-text : var(--muted);\n --dropdown-disabled-bg : #{$disabled};\n --dropdown-locked-text : #{$darkest};\n\n // UNUSED?\n --card-header : var(--primary-banner-bg);\n\n --input-text : #{$darkest};\n --input-label : #{$secondary};\n --input-placeholder : #{darken($disabled, 10%)};\n --input-border : var(--border);\n --input-bg : var(--body-bg);\n --input-bg-accent : #{darken($light, 2%)};\n --input-hover-bg : var(--box-bg);\n --input-focus-bg : var(--box-bg);\n --input-disabled-text : #{darken($disabled, 60%)};\n --input-disabled-label : #{darken($disabled, 40%)};\n --input-disabled-bg : #{$disabled};\n --input-disabled-border : #{darken($medium, 10%)};\n --input-disabled-placeholder : #{darken($medium, 15%)};\n --input-addon-bg : #{$darker};\n --input-locked-text : #{$darkest};\n\n --radio-locked-bg : var(--body-bg);\n --radio-locked-shadow : var(--body-bg);\n\n --progress-bg : #{$medium};\n --progress-divider : #{$medium};\n\n --sortable-table-bg : #{darken($lightest, 5%)};\n --sortable-table-row-bg : #{$lightest};\n --sortable-table-header-bg : #{$lighter};\n --sortable-table-accent-bg : #{$lighter};\n --sortable-table-accent-alt : #{$lightest};\n --sortable-table-top-divider : var(--border);\n --sortable-table-body-divider : #{$medium};\n\n --sortable-table-hover-bg : #{$lighter};\n //--sortable-table-selected-bg : #{rgba($primary, 0.02)};\n\n --sortable-table-selected-bg : var(--primary-light-bg);\n --sortable-table-group-label : #{$secondary};\n\n --tag-primary : #{$darkest};\n --tag-bg : #{$medium};\n\n --popover-bg : var(--body-bg);\n --popover-border : var(--border);\n --popover-text : var(--body-text);\n --popover-border-radius : var(--border-radius);\n --tooltip-bg : #{$medium};\n --tooltip-border : var(--tag-primary);\n --tooltip-text : var(--tag-primary);\n --tooltip-bg-warning : #{rgba($warning, 0.8)};\n --tooltip-text-warning : var(--body-text);\n\n --icon-circle : #{$medium};\n\n --tabbed-border : #{$medium};\n --tabbed-sidebar-bg : #{$lighter};\n --tabbed-container-bg : #{mix($light, $lighter, 15%)};\n\n --yaml-editor-bg : #{$lighter};\n\n --diff-border : var(--border);\n --diff-header-bg : var(--nav-bg);\n --diff-header-border : var(--border);\n --diff-header : #{rgba($darkest, 0.3)};\n --diff-linenum-bg : var(--nav-bg);\n --diff-linenum : var(--muted);\n --diff-linenum-border : var(--border);\n --diff-line-ins-bg : $success;\n --diff-line-del-bg : #{rgba($error, 0.75)};\n --diff-del-bg : #{rgba($error, 0.3)};\n --diff-del-border : #{$error};\n --diff-ins-bg : #{rgba($success, 0.3)};\n --diff-ins-border : #{rgba($success, 0.5)};\n --diff-chg-ins : #{rgba($success, 0.25)};\n --diff-chg-del : #{rgba($warning, 0.5)};\n --diff-empty-placeholder : #{$lightest};\n\n --wm-tabs-bg : #{$medium};\n --wm-tab-bg : #{$light};\n --wm-closer-hover-bg : #{$lighter};\n --wm-tab-active-bg : #{$lighter};\n --wm-title-bg : #{$lightest};\n --wm-title-border : #{$medium};\n --wm-body-bg : #{$lighter};\n --wm-border : var(--border);\n --wm-tab-height : 29px;\n\n --glance-bg-rgb : 61, 152, 211;\n --glance-divider : #{$medium};\n\n --resource-gauge-back-circle : 255, 255, 255, 0.15;\n\n --simple-box-bg : #{$lightest};\n --simple-box-border : #{$medium};\n --simple-box-divider : #{$medium};\n --simple-box-shadow : none;\n\n --terminal-bg : var(--body-bg);\n --terminal-cursor : var(--warning);\n --terminal-selection : #{$selected};\n --terminal-text : var(--body-text);\n\n --logs-bg : var(--wm-body-bg);\n --logs-highlight : var(--wm-body-bg);\n --logs-highlight-bg : var(--warning);\n --logs-text : var(--body-text);\n\n --gauge-divider : #{$lightest};\n --gauge-zero : #{$medium};\n --gauge-success-primary : 150, 189, 127;\n --gauge-success-secondary : 190, 211, 172;\n --gauge-warning-primary : 238, 226, 176;\n --gauge-warning-secondary : 218, 195, 66;\n --gauge-error-primary : 249, 186, 171;\n --gauge-error-secondary : 239, 90, 83;\n\n --sizzle-0 : 180, 210, 30;\n --sizzle-1 : 225, 45, 74;\n --sizzle-2 : 212, 66, 148;\n --sizzle-3 : 0, 169, 217;\n --sizzle-4 : 244, 136, 68;\n --sizzle-5 : 0, 147, 128;\n --sizzle-6 : 136, 81, 165;\n --sizzle-7 : 45, 47, 149;\n --sizzle-8 : 255, 235, 0;\n\n --sizzle-success : #{red($success)}, #{green($success)}, #{blue($success)};\n --sizzle-info : #{red($info)}, #{green($info)}, #{blue($info)};\n --sizzle-warning : #{red($warning)}, #{green($warning)}, #{blue($warning)};\n --sizzle-error : #{red($error)}, #{green($error)}, #{blue($error)};\n --sizzle-unknown : #{red($disabled)},#{green($disabled)},#{blue($disabled)};\n\n $rancher : $primary;\n $partner : #FEA424;\n $other : #614EA2;\n\n --app-rancher-accent : #{$rancher};\n --app-rancher-accent-text : #{$darkest};\n\n --app-partner-accent : #{$partner};\n --app-partner-accent-text : black;\n\n --app-color1-accent : rgba(var(--sizzle-1), 1);\n --app-color1-accent-text : white;\n\n --app-color2-accent : rgba(var(--sizzle-2), 1);\n --app-color2-accent-text : white;\n\n --app-color3-accent : rgba(var(--sizzle-3), 1);\n --app-color3-accent-text : white;\n\n --app-color4-accent : rgba(var(--sizzle-4), 1);\n --app-color4-accent-text : white;\n\n --app-color5-accent : rgba(var(--sizzle-5), 1);\n --app-color5-accent-text : white;\n\n --app-color6-accent : rgba(var(--sizzle-6), 1);\n --app-color6-accent-text : white;\n\n --app-color7-accent : rgba(var(--sizzle-7), 1);\n --app-color7-accent-text : white;\n\n --app-color8-accent : rgba(var(--sizzle-8), 1);\n --app-color8-accent-text : white;\n\n --product-icon : #{$darker};\n --product-icon-active : #{$darkest};\n\n --button-icon : #{$dark};\n --button-icon-bg : #{$secondary};\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/themes/_suse.scss",
"content": ".suse {\n $primary: hsl(151, 59%, 46%);\n $info: mix($primary, $secondary, 50%);\n $selected: rgba($primary, .5);\n\n --primary : #{$primary};\n --primary-text : #{contrast-color($primary)};\n --primary-hover-bg : #{darken($primary, 10%)};\n --primary-hover-text : #{saturate($lightest, 20%)};\n --primary-active-bg : #{darken($primary, 25%)};\n --primary-active-text : #{contrast-color(darken($primary, 25%))};\n --primary-border : #($primary);\n --primary-banner-bg : #{rgba($primary, 0.15)};\n --primary-light-bg : #{rgba($primary, 0.05)};\n\n --info : #{$info};\n --info-text : #{contrast-color($info)};\n --info-hover-bg : #{darken($info, 10%)};\n --info-hover-text : #{saturate($lightest, 20%)};\n --info-active-bg : #{darken($info, 25%)};\n --info-active-text : #{contrast-color(darken($info, 25%))};\n --info-border : #($info);\n --info-banner-bg : #{rgba($info, 0.15)};\n --info-light-bg : #{rgba($info, 0.05)};\n\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/vendor/normalize.scss",
"content": "/*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */\n\n/* Document\n ========================================================================== */\n\n/**\n * 1. Correct the line height in all browsers.\n * 2. Prevent adjustments of font size after orientation changes in iOS.\n */\n\nhtml {\n line-height: 1.15; /* 1 */\n -webkit-text-size-adjust: 100%; /* 2 */\n}\n\n/* Sections\n ========================================================================== */\n\n/**\n * Remove the margin in all browsers.\n */\n\nbody {\n margin: 0;\n}\n\n/**\n * Render the `main` element consistently in IE.\n */\n\nmain {\n display: block;\n}\n\n/**\n * Correct the font size and margin on `h1` elements within `section` and\n * `article` contexts in Chrome, Firefox, and Safari.\n */\n\nh1 {\n font-size: 2em;\n margin: 0.67em 0;\n}\n\n/* Grouping content\n ========================================================================== */\n\n/**\n * 1. Add the correct box sizing in Firefox.\n * 2. Show the overflow in Edge and IE.\n */\n\nhr {\n box-sizing: content-box; /* 1 */\n height: 0; /* 1 */\n overflow: visible; /* 2 */\n}\n\n/**\n * 1. Correct the inheritance and scaling of font size in all browsers.\n * 2. Correct the odd `em` font sizing in all browsers.\n */\n\npre {\n font-family: monospace, monospace; /* 1 */\n font-size: 1em; /* 2 */\n}\n\n/* Text-level semantics\n ========================================================================== */\n\n/**\n * Remove the gray background on active links in IE 10.\n */\n\na {\n background-color: transparent;\n}\n\n/**\n * 1. Remove the bottom border in Chrome 57-\n * 2. Add the correct text decoration in Chrome, Edge, IE, Opera, and Safari.\n */\n\nabbr[title] {\n border-bottom: none; /* 1 */\n text-decoration: underline; /* 2 */\n text-decoration: underline dotted; /* 2 */\n}\n\n/**\n * Add the correct font weight in Chrome, Edge, and Safari.\n */\n\nb,\nstrong {\n font-weight: bolder;\n}\n\n/**\n * 1. Correct the inheritance and scaling of font size in all browsers.\n * 2. Correct the odd `em` font sizing in all browsers.\n */\n\ncode,\nkbd,\nsamp {\n font-family: monospace, monospace; /* 1 */\n font-size: 1em; /* 2 */\n}\n\n/**\n * Add the correct font size in all browsers.\n */\n\nsmall {\n font-size: 80%;\n}\n\n/**\n * Prevent `sub` and `sup` elements from affecting the line height in\n * all browsers.\n */\n\nsub,\nsup {\n font-size: 75%;\n line-height: 0;\n position: relative;\n vertical-align: baseline;\n}\n\nsub {\n bottom: -0.25em;\n}\n\nsup {\n top: -0.5em;\n}\n\n/* Embedded content\n ========================================================================== */\n\n/**\n * Remove the border on images inside links in IE 10.\n */\n\nimg {\n border-style: none;\n}\n\n/* Forms\n ========================================================================== */\n\n/**\n * 1. Change the font styles in all browsers.\n * 2. Remove the margin in Firefox and Safari.\n */\n\nbutton,\ninput,\noptgroup,\nselect,\ntextarea {\n font-family: inherit; /* 1 */\n font-size: 100%; /* 1 */\n line-height: 1.15; /* 1 */\n margin: 0; /* 2 */\n}\n\n/**\n * Show the overflow in IE.\n * 1. Show the overflow in Edge.\n */\n\nbutton,\ninput { /* 1 */\n overflow: visible;\n}\n\n/**\n * Remove the inheritance of text transform in Edge, Firefox, and IE.\n * 1. Remove the inheritance of text transform in Firefox.\n */\n\nbutton,\nselect { /* 1 */\n text-transform: none;\n}\n\n/**\n * Correct the inability to style clickable types in iOS and Safari.\n */\n\nbutton,\n[type=\"button\"],\n[type=\"reset\"],\n[type=\"submit\"] {\n -webkit-appearance: button;\n}\n\n/**\n * Remove the inner border and padding in Firefox.\n */\n\nbutton::-moz-focus-inner,\n[type=\"button\"]::-moz-focus-inner,\n[type=\"reset\"]::-moz-focus-inner,\n[type=\"submit\"]::-moz-focus-inner {\n border-style: none;\n padding: 0;\n}\n\n/**\n * Restore the focus styles unset by the previous rule.\n */\n\nbutton:-moz-focusring,\n[type=\"button\"]:-moz-focusring,\n[type=\"reset\"]:-moz-focusring,\n[type=\"submit\"]:-moz-focusring {\n outline: 1px dotted ButtonText;\n}\n\n/**\n * Correct the padding in Firefox.\n */\n\nfieldset {\n padding: 0.35em 0.75em 0.625em;\n}\n\n/**\n * 1. Correct the text wrapping in Edge and IE.\n * 2. Correct the color inheritance from `fieldset` elements in IE.\n * 3. Remove the padding so developers are not caught out when they zero out\n * `fieldset` elements in all browsers.\n */\n\nlegend {\n box-sizing: border-box; /* 1 */\n color: inherit; /* 2 */\n display: table; /* 1 */\n max-width: 100%; /* 1 */\n padding: 0; /* 3 */\n white-space: normal; /* 1 */\n}\n\n/**\n * Add the correct vertical alignment in Chrome, Firefox, and Opera.\n */\n\nprogress {\n vertical-align: baseline;\n}\n\n/**\n * Remove the default vertical scrollbar in IE 10+.\n */\n\ntextarea {\n overflow: auto;\n}\n\n/**\n * 1. Add the correct box sizing in IE 10.\n * 2. Remove the padding in IE 10.\n */\n\n[type=\"checkbox\"],\n[type=\"radio\"] {\n box-sizing: border-box; /* 1 */\n padding: 0; /* 2 */\n}\n\n/**\n * Correct the cursor style of increment and decrement buttons in Chrome.\n */\n\n[type=\"number\"]::-webkit-inner-spin-button,\n[type=\"number\"]::-webkit-outer-spin-button {\n height: auto;\n}\n\n/**\n * 1. Correct the odd appearance in Chrome and Safari.\n * 2. Correct the outline style in Safari.\n */\n\n[type=\"search\"] {\n -webkit-appearance: textfield; /* 1 */\n outline-offset: -2px; /* 2 */\n}\n\n/**\n * Remove the inner padding in Chrome and Safari on macOS.\n */\n\n[type=\"search\"]::-webkit-search-decoration {\n -webkit-appearance: none;\n}\n\n/**\n * 1. Correct the inability to style clickable types in iOS and Safari.\n * 2. Change font properties to `inherit` in Safari.\n */\n\n::-webkit-file-upload-button {\n -webkit-appearance: button; /* 1 */\n font: inherit; /* 2 */\n}\n\n/* Interactive\n ========================================================================== */\n\n/*\n * Add the correct display in Edge, IE 10+, and Firefox.\n */\n\ndetails {\n display: block;\n}\n\n/*\n * Add the correct display in all browsers.\n */\n\nsummary {\n display: list-item;\n}\n\n/* Misc\n ========================================================================== */\n\n/**\n * Add the correct display in IE 10+.\n */\n\ntemplate {\n display: none;\n}\n\n/**\n * Add the correct display in IE 10.\n */\n\n[hidden] {\n display: none;\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/styles/vendor/vue-select.scss",
"content": ".v-select {\n position: relative;\n font-family: inherit;\n\n &.auto-width {\n display: inline-block;\n width: auto;\n min-width: 2em;\n }\n}\n\n.v-select,\n.v-select * {\n box-sizing: border-box;\n}\n\n.vs__dropdown-toggle {\n cursor: pointer;\n}\n\n.vs--disabled {\n .vs__dropdown-toggle,\n .vs__clear,\n .vs__search,\n .vs__open-indicator {\n cursor: not-allowed;\n color: var(--dropdown-disabled-text);\n }\n}\n\n.vs__dropdown-menu {\n display: block;\n position: absolute;\n left: -2px;\n z-index: z-index('dropdownContent');\n padding: $input-padding-sm 0;\n margin: 0;\n width: calc(100% + 4px);\n max-height: 350px;\n min-width: 160px;\n overflow-y: auto;\n border: 1px solid var(--dropdown-border);\n border-radius: var(--border-radius);\n text-align: left;\n list-style: none;\n background: var(--dropdown-bg);\n\n &::-webkit-scrollbar-thumb {\n background-color: var(--scrollbar-thumb-dropdown) !important;\n border-radius: 4px;\n }\n\n &[data-popper-placement='top'] {\n border-radius: 4px 4px 0 0;\n border-top-style: solid;\n box-shadow: 0px -8px 16px 0px var(--shadow);\n }\n}\n\n.vs__dropdown-option {\n line-height: 1.42857143; /* Normalize line height */\n display: block;\n padding: 0 calc(#{$input-padding-sm}/2);\n clear: both;\n color: var(--dropdown-text);\n white-space: nowrap;\n z-index: 1000;\n\n &:hover {\n cursor: pointer;\n }\n\n a {\n display: block;\n\n &:hover {\n color: var(--body-text);\n }\n }\n\n &.vs__dropdown-option--disabled {\n color: var(--dropdown-disabled-text);\n cursor: not-allowed;\n\n hr {\n cursor: default;\n }\n }\n\n &.vs__dropdown-option--selected {\n background-color: var(--dropdown-active-bg);\n color: var(--dropdown-active-text);\n text-decoration: none;\n }\n\n &.vs__dropdown-option--highlight {\n color: var(--dropdown-hover-text);\n background: var(--dropdown-hover-bg);\n\n a {\n color: var(--dropdown-hover-text);\n text-decoration: none;\n }\n }\n}\n\n.vs__dropdown-toggle {\n appearance: none;\n display: flex;\n background: var(--input-bg);\n border: 1px solid var(--dropdown-border);\n border-radius: var(--border-radius);\n white-space: normal;\n}\n\n.vs__selected-options {\n display: flex;\n flex-basis: 100%;\n flex-grow: 1;\n flex-wrap: wrap;\n padding: 0;\n position: relative;\n}\n\n.lg .vs__selected-options {\n margin: 8px;\n}\n\n.vs__actions {\n display: flex;\n align-items: center;\n pointer-events: none;\n position: relative;\n width: 100%;\n justify-content: flex-end;\n flex-shrink: 8;\n\n svg {\n display: none;\n }\n\n &:after {\n content: $icon-chevron-down;\n font-family: 'icons';\n font-size: 2rem;\n color: var(--secondary);\n }\n}\n\n.vs--searchable .vs__dropdown-toggle {\n cursor: text;\n}\n\n.vs--unsearchable .vs__dropdown-toggle {\n cursor: pointer;\n}\n\n$transition-timing-function: cubic-bezier(1, -0.115, 0.975, 0.855);\n$transition-duration: 150ms;\n\n.vs__action:after {\n fill: var(--dropdown-disabled-text);\n transform: scale(1);\n transition: transform $transition-duration $transition-timing-function;\n transition-timing-function: $transition-timing-function;\n}\n\n.vs--open .vs__actions:after {\n transform: rotate(180deg) scale(1);\n}\n\n.vs--loading .vs__open-indicator {\n opacity: 0;\n}\n\n/**\n * Super weird bug... If this declaration is grouped\n * below, the cancel button will still appear in chrome.\n * If it's up here on it's own, it'll hide it.\n */\n.vs__search::-webkit-search-cancel-button {\n display: none;\n}\n\n.vs__search::-webkit-search-decoration,\n.vs__search::-webkit-search-results-button,\n.vs__search::-webkit-search-results-decoration,\n.vs__search::-ms-clear {\n display: none;\n}\n\n.vs__search,\n.vs__search:focus {\n appearance: none;\n border-left: none;\n outline: none;\n margin: 0;\n background: none;\n box-shadow: none;\n width: 0;\n max-width: 100%;\n flex-grow: 1;\n margin-left: $input-padding-sm;\n}\n\n.vs__search::placeholder {\n color: var(--input-placeholder);\n}\n\n.vs--unsearchable {\n .vs__search {\n opacity: 1;\n\n &:hover {\n cursor: pointer;\n }\n }\n}\n.vs--single.vs--searching:not(.vs--open):not(.vs--loading) {\n .vs__search {\n opacity: 0.2;\n }\n}\n\n/* States */\n\n.vs--single {\n .vs__selected {\n background-color: transparent;\n border-color: transparent;\n }\n\n &.vs--searching .vs__selected {\n display: none;\n }\n}\n\n.vs__selected {\n display: flex;\n align-items: center;\n background-color: var(--accent-btn);\n border: 1px solid var(--primary);\n border-radius: 3px;\n color: var(--link);\n margin-left: $input-padding-sm;\n\n &:not(:last-of-type) {\n margin-right: 2px;\n }\n}\n\n.vs__deselect {\n display: inline-flex;\n appearance: none;\n margin-left: 8px;\n padding: 0;\n border: 0;\n cursor: pointer;\n background: none;\n fill: var(--primary);\n\n svg {\n display: none;\n }\n\n &:after {\n content: $icon-close;\n font-family: 'icons';\n color: var(--link);\n }\n}\n\n/*inline single-option select*/\n\n.v-select.inline {\n background-color: transparent;\n\n &.vs--single {\n min-height: 29px;\n &.vs--open {\n .vs__selected {\n position: absolute;\n opacity: 0.4;\n }\n .vs__search {\n margin-left: $input-padding-sm;\n }\n }\n .vs__selected {\n color: var(--input-text);\n }\n }\n\n .vs__dropdown-menu {\n min-width: 0px;\n margin-top: 2px;\n }\n .vs__dropdown-toggle {\n background-color: var(--input-bg);\n border: none;\n padding: none;\n border-radius: var(--border-radius);\n border: 1px solid var(--dropdown-border);\n }\n\n &.vs--single .vs__selected-options {\n align-items: center;\n }\n .vs__search {\n background-color: rgba(0, 0, 0, 0);\n &:hover {\n background-color: rgba(0, 0, 0, 0);\n }\n }\n .vs__open-indicator {\n fill: var(--input-label);\n }\n .vs__clear {\n display: none;\n }\n}\n\n.v-select.mini {\n position: relative;\n top: 2px;\n\n .vs__dropdown-toggle {\n padding: 5px 0;\n }\n\n .vs__selected {\n margin: 0;\n }\n\n input {\n padding: 0;\n }\n}\n\n.vs__selected-options input {\n width: 0;\n display: inline-block;\n border: 0;\n background-color: var(--input-bg);\n color: var(--input-text);\n}\n\nheader .vs__selected-options input {\n color: var(--header-input-text);\n}\n\nheader .vs-select .vs__dropdown-toggle {\n background: var(--error) !important;\n}\n\n.vs__no-options {\n color: var(--dropdown-text);\n padding: 3px 20px;\n}\n\nheader {\n .unlabeled-select {\n padding: 0;\n\n &.focused {\n border: 0;\n }\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/assets/translations/en-us.yaml",
"content": "##############################\n# Special stuff\n##############################\ngeneric:\n add: Add\n back: Back\n cancel: Cancel\n close: Close\n comingSoon: Coming Soon\n copy: Copy\n create: Create\n created: Created\n customize: Customize\n default: Default\n disabled: Disabled\n done: Done\n enabled: Enabled\n ignored: Ignored\n invalidCron: Invalid cron schedule\n labelsAndAnnotations: Labels & Annotations\n loading: Loading…\n members: Members\n na: n/a\n name: Name\n never: Never\n none: None\n notFound: Not Found\n number: '{prefix}{value, number}{suffix}'\n overview: Overview\n plusMore: \"+ {n} more\"\n readFromFile: Read from File\n register: Register\n remove: Remove\n resource: |-\n {count, plural,\n one {resource}\n other {resources}\n }\n resourceCount: |-\n {count, plural,\n one {1 resource}\n other {# resources}\n }\n save: Save\n showAdvanced: Show Advanced\n hideAdvanced: Hide Advanced\n type: Type\n unknown: Unknown\n key: Key\n value: Value\n yes: Yes\n no: No\n units:\n time:\n 5s: 5s\n 10s: 10s\n 30s: 30s\n 1m: 1m\n 5m: 5m\n 15m: 15m\n 30m: 30m\n 1h: 1h\n 2h: 2h\n 6h: 6h\n 1d: 1d\n 7d: 7d\n 30d: 30d\n\nlocale:\n en-us: English\n zh-hans: 简体中文\n none: (None)\n\nnav:\n backToRancher: Cluster Manager\n clusterTools: Cluster Tools\n kubeconfig: Download KubeConfig\n import: Import YAML\n home: Home\n shell: Kubectl Shell\n support: Get Support\n group:\n cluster: Cluster\n inUse: More Resources\n rbac: RBAC\n serviceDiscovery: Service Discovery\n starred: Starred\n storage: Storage\n workload: Workload\n monitoring: Monitoring\n ns:\n all: All Namespaces\n clusterLevel: Only Cluster Resources\n namespace: \"{name}\"\n namespaced: Only Namespaced Resources\n orphan: Not in a Project\n project: \"Project: {name}\"\n system: Only System Namespaces\n user: Only User Namespaces\n apps: Apps\n categories:\n explore: Explore Cluster\n multiCluster: Global Apps\n legacy: Legacy Apps\n configuration: Configuration\n search:\n placeholder: Type to search clusters\n noResults: No matching clusters\n resourceSearch:\n label: Resource Search\n toolTip: Resource Search {key}\n placeholder: Type to search for a resource...\n header:\n setLoginPage: Set as login page\n restoreCards: Restore hidden cards\n userMenu:\n clusterDashboard: Cluster Dashboard\n preferences: Preferences\n accountAndKeys: Account & API Keys\n logOut: Log Out\n\nproduct:\n apps: Apps & Marketplace\n auth: Users & Authentication\n backup: Rancher Backups\n cis: CIS Benchmark\n ecm: Cluster Manager\n explorer: Cluster Explorer\n fleet: Continuous Delivery\n longhorn: Longhorn\n manager: Cluster Management\n gatekeeper: OPA Gatekeeper\n istio: Istio\n logging: Logging\n rio: Rio\n settings: Global Settings\n clusterManagement: Cluster Management\n monitoring: Monitoring\n mcapps: Multi-cluster Apps\n version: Version\n versionChecking: (checking...)\n networkStatus: Network status\n kubernetesVersion: Kubernetes\n containerEngine:\n fullName: Container Engine\n abbreviation: CE\n notFound: not found\n deactivated: deactivated\n\nsuffix:\n percent: \"%\"\n milliCpus: milli CPUs\n cpus: CPUs\n ib: iB\n mib: MiB\n gb: GB\n revisions: |-\n {count, plural,\n =1 { Revision }\n other { Revisions }\n }\n seconds: |-\n {count, plural,\n =1 { Second }\n other { Seconds }\n }\n sec: Sec\n times: |-\n {count, plural,\n =1 { Time }\n other { Times }\n }\n##############################\n# Components & Pages\n##############################\napp:\n name: Rancher Desktop\n update: \"There's one last step to finish updating Rancher Desktop\"\nfirstRun:\n kubernetesVersion:\n legend: Kubernetes Version\n cachedOnly: (cached versions only)\n ok: OK\nmarketplace:\n title: Extensions\n noResults: No extension found for the search criteria\n tabs:\n catalog: Catalog\n installed: Installed\n banners:\n install: Extension {name} has been installed.\n uninstall: Extension {name} has been removed.\n labels:\n install: Install\n uninstall: Remove\n upgrade: Upgrade\n loading:\n install: Installing...\n uninstall: Removing...\n upgrade: Upgrading...\n moreInfo: More information\ncontainers:\n title: Containers\n sortableTables:\n noRows: There are no containers to show\n logs:\n title: Container Logs\n loading: Loading container logs...\n noLogs: No logs available\n refresh: Refresh\n fetchError: Failed to fetch container logs\n manage:\n table:\n header:\n state: State\n containerName: Name\n image: Image\n ports: Port(s)\n started: Uptime\n actions: Actions\n\nvolumes:\n title: Volumes\n sortableTables:\n noRows: There are no volumes to show\n manage:\n table:\n header:\n volumeName: Volume Name\n driver: Driver\n mountpoint: Mount Point\n created: Created\n manager:\n table:\n action:\n browse: Browse Files\n delete: Delete\n files:\n title: Volume Files\n loading: Loading volume files...\n volumeNotFound: 'Volume \"{name}\" not found'\n checkError: Error checking volume status\n listError: 'Error listing files: {error}'\n noFiles: This volume is empty\n table:\n header:\n name: Name\n size: Size\n modified: Modified\n permissions: Permissions\n\nimages:\n title: Images\n sortableTables:\n noRows: There are no images to show\n state:\n k8sUnready: Waiting for Kubernetes to be ready\n imagesUnready: Waiting for image manager to be ready\n unknown: 'Error: Unknown state; please reload.'\n close: Close Output to Continue\n action:\n add: Add Image\n manager:\n close: Close Output to Continue\n title: Image Output\n input:\n pull:\n label: 'Name of image to pull:'\n placeholder: 'registry.example.com/namespace/image'\n button: Pull\n build:\n label: 'Name of image to build:'\n placeholder: 'registry.example.com/namespace/image:tag'\n button: Build\n table:\n label: All images\n header:\n imageName: Image\n tag: Tag\n imageId: Image ID\n size: Size\n action:\n push: Push\n delete: Delete\n scan: Scan...\n add:\n title: Add Image\n action:\n build: Build\n pull: Pull\n pastTense:\n build: Built\n pull: Pulled\n loadingText: '{action}ing image...'\n successText: '{action} image'\n errorText: Error trying to { action } ''{ image }'' - see console output for more information\n scan:\n title: Scan details for ''{ image }''\n loadingText: Scanning ''{ image }''\n errorText: Error trying to scan ''{ image }'' - see console output for more information\n results:\n headers:\n severity: Severity\n package: Package\n vulnerabilityId: Vulnerability ID\n installed: Installed\n fixed: Fixed\n labels:\n critical: CRITICAL\n high: HIGH\n medium: MEDIUM\n low: LOW\n issuesFound: Issues Found\n details:\n description: Description\n primaryUrl: Primary URL\n references: References\nk8s:\n title: Kubernetes Settings\n dialog:\n ok: OK\n cancel: Cancel\nportForwarding:\n title: Port Forwarding\n sortableTables:\n noRows: There are no port forwarding entries to show\ngeneral:\n title: Welcome to Rancher Desktop by SUSE\n description: Rancher Desktop provides Kubernetes and image management through the use of a desktop application.\nabout:\n title: About\n versions:\n title: Versions\n component: Component\n version: Version\n cli: CLI\n helm: Helm\n machine: Machine\n releaseNotes: 'View release notes'\n os:\n mac: macOS\n windows: Windows\n linux: Linux\n downloadImageList:\n title: Image Lists\n downloadCLI:\n title: CLI Downloads\n\napplication:\n behavior:\n autoStart:\n legendText: Startup\n label: Automatically start at login\n background:\n legendText: Background\n legendTooltip: >\n Hide the app window when Rancher Desktop is running in the background.\n It can be opened via the Notification Icon (if visible) or by running Rancher Desktop from the Applications menu.\n startInBackground:\n label: Start in the background\n windowQuitOnClose:\n label: Quit when closing application window\n notificationIcon:\n legendText: Notification Icon\n label: Hide Notification Icon\n theme:\n legendText: Appearance\n options:\n system:\n label: System\n description: Follow the operating system setting\n light:\n label: Light\n description: Always use light mode\n dark:\n label: Dark\n description: Always use dark mode\n\nvirtualMachine:\n networkingTunnel:\n legend: Networking Tunnel\n label: Enable networking tunnel\n mount:\n type:\n legend: Mount Type\n options:\n reverse-sshfs:\n label: reverse-sshfs\n description: Exposes the filesystem by running an SFTP server.\n 9p:\n label: 9p\n description: Exposes the filesystem by using QEMU's virtio-9p-pci devices.\n options:\n cacheMode:\n legend: Cache Mode\n tooltip: Caching policy to be used\n options:\n none: none\n loose: loose\n fscache: fscache\n mmap: mmap\n mSizeInKib:\n legend: Memory Size In KiB\n tooltip: Maximum package size in KiB\n protocolVersion:\n legend: Protocol Version\n tooltip: 9P protocol version\n options:\n 9p2000: 9p2000\n 9p2000u: '9p2000.u'\n 9p2000L: '9p2000.L'\n securityModel:\n legend: Security Model\n tooltip: Security model used for the export path\n options:\n passthrough: passthrough\n 'mapped-xattr': mapped-xattr\n 'mapped-file': mapped-file\n none: none\n virtiofs:\n label: virtiofs\n description: Exposes the filesystem by using an Apple Virtualization framework shared directory device.\n proxy:\n legend: WSL Proxy\n label: Enable the proxy used by rancher-desktop\n addressTitle: Proxy address\n address: Address\n port: Port\n authTitle: Authentication information\n username: Username\n password: Password\n noproxy:\n legend: No proxy hostname list\n placeholder: Hostname to not redirect to the proxy\n errors:\n duplicate: Error, item is duplicate.\n type:\n legend: Virtual Machine Type\n options:\n qemu:\n label: QEMU\n description: Use the QEMU emulator.\n vz:\n label: VZ\n description: Use the Apple Virtualization framework.\n useRosetta:\n legend: VZ Option\n label: Enable Rosetta support\n\ncontainerEngine:\n label: Container Engine\n options:\n moby:\n label: dockerd (moby)\n description: Docker API; use with Docker CLI.\n containerd:\n label: containerd\n description: Namespaces for container images; use with nerdctl.\n\nwebAssembly:\n label: WebAssembly (Wasm)\n enabled: Enabled\n description: Please read the documentation before enabling the experimental WebAssembly feature!\n\nallowedImages:\n label: Allowed Image Patterns\n patterns:\n placeholder: Type the image pattern\n errors:\n duplicate: Error, item is duplicate.\n enable: Enable\n alert:\n The image name needs to match one of the patterns defined in the Allowed Images preference tab.\n\npathManagement:\n label: Configure PATH\n tooltip: Rancher Desktop ships with tools, such as kubectl, nerdctl, helm and docker. In order to use these tools, $HOME/.rd/bin must be in your PATH.\n options:\n rcFiles:\n label: Automatic\n description: Rancher Desktop edits your shell profile for you. Restart any open shells for changes to take effect.\n manual:\n label: Manual\n description: 'Rancher Desktop does not change your PATH configuration; add $HOME/.rd/bin to your path manually.'\n accept: Accept\n\nlegacyIntegrations:\n title: Legacy Integrations Found\n messageFirstPart: Rancher Desktop detected legacy tool symlinks in\n messageSecondPart: but did not have the permissions required to remove them.\n messageThirdPart: >\n Legacy symlinks have the potential to cause path conflicts.\n Please remove them at your earliest convenience.\n details: >\n Rancher Desktop creates symlinks from bundled tools, such as kubectl and docker,\n to a directory in order to make them usable. This directory changed in Rancher Desktop\n 1.3.0. If you are seeing this message, Rancher Desktop was unable to remove the symlinks\n from the old directory automatically. You should remove them manually to prevent future\n path conflicts.\n ok: OK\n\nsudoPrompt:\n title: Administrative Access Required\n message: 'Rancher Desktop requires administrative access (\"sudo access\") for the following reasons:'\n messageSecondPart: The prompt will be displayed once this window is closed. Cancelling the prompt or disabling administrative access requires you to switch the docker context to rancher-desktop in order to continue using Rancher Desktop.\n explanation: 'This will modify the following paths:'\n buttonText: OK\n\nunmetPrerequisites:\n title: Rancher Desktop is unable to start\n message: 'Rancher Desktop cannot start because requirements are missing or not configured:'\n action: 'Please ensure all requirements are met and try again. Rancher Desktop will now close.'\n buttonText: OK\n\naccountAndKeys:\n title: Account and API Keys\n account:\n title: Account\n change: Change Password\n apiKeys:\n title: API Keys\n notAllowed: You do not have permission to manage API Keys\n add:\n description:\n label: Description\n placeholder: Optionally enter a description to help you identify this API Key\n label: Create API Key\n expiry:\n label: Automatically expire\n options:\n never: Never\n day: A day from now\n month: A month from now\n year: A year from now\n custom: Custom\n maximum: \"{value} - Maximum allowed\"\n customExpiry:\n options:\n minute: Minutes\n hour: Hours\n day: Days\n month: Months\n year: Years\n scope: Scope\n noScope: No Scope\n info:\n accessKey: Access Key\n secretKey: Secret Key\n bearerToken: Bearer Token\n saveWarning: Save the info above! This is the only time you'll be able to see it. If you lose it, you'll need to create a new API key.\n keyCreated: A new API Key has been created\n bearerTokenTip: \"Access Key and Secret Key can be sent as the username and password for HTTP Basic auth to authorize requests. You can also combine them to use as a Bearer token:\"\n ttlLimitedWarning: The Expiry time for this API Key was reduced due to system configuration\n\nauthConfig:\n accessMode:\n label: 'Configure who should be able to log in and use {vendor}'\n required: Restrict access to only the authorized users & groups\n restricted: 'Allow members of clusters and projects, plus authorized users & groups'\n unrestricted: Allow any valid user\n allowedPrincipalIds:\n title: Authorized Users & Groups\n associatedWarning: 'Note: The {provider} user you authenticate as will be associated as an alternate way to log in to the {vendor} user you are currently logged in as {username}; all the global permissions, project, and cluster role bindings of this {vendor} user will also apply to the {provider} user.'\n github:\n clientId:\n label: Client ID\n clientSecret:\n label: Client Secret\n form:\n app:\n label: Application name\n value: 'Anything you like, e.g. My {vendor}'\n calllback:\n label: Authorization callback URL\n description:\n label: Application description\n value: 'Optional, can be left blank'\n homepage:\n label: Homepage URL\n instruction: 'Fill in the form with these values:'\n prefix:\n 1: Open GitHub application settings in a new window.\n 2: Click on the \"OAuth Apps\" tab.\n 3: Click the \"New OAuth App\" button.\n suffix:\n 1: Click \"Register application\"\n 2: Copy and paste the Client ID and Client Secret of your newly created OAuth app into the fields below\n host:\n label: GitHub Enterprise Host\n placeholder: e.g. github.mycompany.example\n target:\n label: Which version of GitHub do you want to use?\n private: A private installation of GitHub Enterprise\n public: Public GitHub.com\n table:\n server: Server\n clientId: Client ID\n googleoauth:\n adminEmail: Admin Email\n domain: Domain\n oauthCredentials:\n label: OAuth Credentials\n tip: The OAuth Credentials JSON can be found in the Google API developers console.\n serviceAccountCredentials:\n label: Service Account Credentials\n tip: The Service Account Credentials JSON can be found in the service accounts section of the Google API developers console.\n steps:\n 1:\n title: 'Open applications settings in a new window'\n body:\n 1: Login to your account. Navigate to \"APIs & Services\" and then select \"OAuth consent screen\".\n 2: 'Authorized domains:'\n 3: 'Application homepage link: '\n 4: 'Under Scopes for Google APIs, enable \"email\", \"profile\", and \"openid\".'\n 5: 'Click on \"Save\".'\n topPrivateDomain: 'Top private domain of:'\n 2:\n title: 'Navigate to the \"Credentials\" tab to create your OAuth client ID'\n body:\n 1: 'Select the \"Create Credentials\" dropdown, and select \"OAuth clientID\", then select \"Web application\".'\n 2: 'Authorized JavaScript origins:'\n 3: 'Authorized redirect URIs:'\n 4: 'Click \"Create\", and then click on the \"Download JSON\" button.'\n 5: 'Upload the downloaded JSON file in the OAuth credentials box.'\n 3:\n title: 'Create Service Account credentials'\n introduction: 'Follow this guide to:'\n body:\n 1: Create a service account.\n 2: Generate a key for the service account.\n 3: Add the service account as an OAuth client in your google domain.\n ldap:\n freeipa: Configure a FreeIPA server\n activedirectory: Configure an Active Directory account\n openldap: Configure an OpenLDAP server\n defaultLoginDomain:\n label: Default Login Domain\n placeholder: eg mycompany\n hint: This domain will be used if a user logs in without specifying one.\n cert: Certificate\n disabledStatusBitmask: Disabled Status Bitmask\n groupDNAttribute: Group DN Attribute\n groupMemberMappingAttribute: Group Member Mapping Attribute\n groupMemberUserAttribute: Group Member User Attribute\n groupSearchBase:\n label: Group Search Base\n placeholder: 'ou=groups,dc=mycompany,dc=com'\n hostname: Hostname/IP\n loginAttribute: Login Attribute\n nameAttribute: Name Attribute\n nestedGroupMembership:\n label: Nested Group Membership\n options:\n direct: Search only direct group memberships\n nested: Search direct and nested group memberships\n objectClass: Object Class\n password: Password\n port: Port\n customizeSchema: Customize Schema\n users: Users\n groups: Groups\n searchAttribute: Search Attribute\n searchFilter: Search Filter\n serverConnectionTimeout: Server Connection Timeout\n serviceAccountDN: Service Account Distinguished Name\n serviceAccountPassword: Service Account Password\n serviceAccountInfo: '{vendor} needs a service account that has read-only access to all of the domains that will be able to login, so that we can determine what groups a user is a member of when they make a request with an API key.'\n starttls:\n label: Start TLS\n tip: Upgrades non-encrypted connections by wrapping with TLS during the connection process. Cannot be used in conjunction with TLS.\n tls: TLS\n userEnabledAttribute: User Enabled Attribute\n userMemberAttribute: User Member Attribute\n userSearchBase:\n label: User Search Base\n placeholder: 'e.g. ou=users,dc=mycompany,dc=com'\n username: Username\n usernameAttribute: Username Attribute\n table:\n server: Server\n clientId: Client ID\n saml:\n entityID: Entity ID Field\n UID: UID Field\n adfs: Configure an AD FS account\n api: '{vendor} API Host'\n cert:\n label: Certificate\n placeholder: Paste in the certificate, starting with -----BEGIN CERTIFICATE-----\n displayName: Display Name Field\n groups: Groups Field\n key:\n label: Private Key\n placeholder: Paste in the private key, typically starting with -----BEGIN RSA PRIVATE KEY-----\n keycloak: Configure a Keycloak account\n metadata:\n label: Metadata XML\n placeholder: Paste in the IDP Metadata XML\n okta: Configure an Okta account\n ping: Configure a Ping account\n shibboleth: Configure a Shibboleth account\n showLdap: Configure an OpenLDAP Server\n userName: User Name Field\n azuread:\n tenantId: Tenant ID\n applicationId: Application ID\n endpoint: Endpoint\n graphEndpoint: Graph Endpoint\n tokenEndpoint: Token Endpoint\n authEndpoint: Auth Endpoint\n oidc:\n oidc: Configure an OIDC account\n keycloakoidc: Configure a Keycloak OIDC account\n rancherUrl: Rancher URL\n clientId: Client ID\n clientSecret: Client Secret\n customEndpoint:\n label: Endpoints\n custom: Specify\n standard: Generate\n keycloak:\n url: Keycloak URL\n realm: Keycloak Realm\n issuer: Issuer\n authEndpoint: Auth Endpoint\n cert:\n label: Certificate\n placeholder: Paste in the certificate, starting with -----BEGIN CERTIFICATE-----\n key:\n label: Private Key\n placeholder: Paste in the private key, typically starting with -----BEGIN RSA PRIVATE KEY-----\n stateBanner:\n disabled: 'The {provider} authentication provider is currently disabled.'\n enabled: 'The {provider} authentication provider is currently enabled.'\n testAndEnable: Test and Enable Authentication\n noneEnabled: Local Authentication is always enabled, but you may select another additional authentication provider from those shown below.\n localEnabled: '{vendor} is configured to allow access to accounts in its local database.'\n manageLocal: Manage Accounts\n\nauthGroups:\n actions:\n refresh: Refresh Group Memberships\n assignRoles: Assign Global Roles\n assignEdit:\n assignTitle: Assign Global Roles To Group\n\nassignTo:\n title: |-\n {count, plural,\n =1 { Assign Cluster To… }\n other { Assign {count} Clusters To… }\n }\n labelsTitle: |-\n {count, plural,\n =1 { Assign Cluster To… }\n other { Assign {count} Clusters To… }\n }\n workspace: Workspace\n\nasyncButton:\n apply:\n action: Apply\n success: Applied\n waiting: Applying…\n continue:\n action: Continue\n success: Saved\n waiting: Saving…\n copy:\n action: Click to Copy\n success: Copied!\n create:\n action: Create\n success: Created\n waiting: Creating…\n default:\n action: Action\n error: Error\n success: Success\n waiting: Waiting\n delete:\n action: Delete\n success: Deleted\n waiting: Deleting…\n disable:\n action: Disable\n success: Disabled\n waiting: Disabling…\n activate:\n action: Activate\n waiting: Activating…\n success: Activated\n deactivate:\n action: Deactivate\n waiting: Deactivating…\n success: Deactivated\n done:\n action: Done\n success: Saved\n waiting: Saving…\n download:\n action: Download\n success: Saving\n waiting: Downloading…\n edit:\n action: Save\n success: Saved\n waiting: Saving…\n enable:\n action: Enable\n success: Enabled\n waiting: Enabling…\n finish:\n action: Finish\n success: Finished\n waiting: Finishing…\n import:\n action: Import\n success: Imported\n waiting: Importing…\n install:\n action: Install\n success: Installing\n waiting: Starting…\n refresh:\n action: ''\n actionIcon: refresh\n error: ''\n errorIcon: error\n success: ''\n successIcon: checkmark\n waiting: ''\n waitingIcon: refresh\n remove:\n action: Remove\n success: Removed\n waiting: Removing…\n restore:\n action: Restore\n waiting: Restoring…\n success: Restored\n snapshot:\n action: Snapshot Now\n waiting: Snapshotting…\n success: Snapshot Creating\n uninstall:\n action: Uninstall\n success: Uninstalled\n waiting: Uninstalling…\n update:\n action: Update\n success: Updated\n waiting: Updating…\n upgrade:\n action: Upgrade\n success: Upgrading\n waiting: Starting…\n\nbackupRestoreOperator:\n backupFilename: Backup Filename\n deleteTimeout:\n label: Delete Timeout\n tip: Seconds to wait for a resource delete to succeed before removing finalizers to force deletion.\n deployment:\n rancherNamespace: Rancher ResourceSet Namespace\n size: Size\n storage:\n label: Default Storage Location\n options:\n defaultStorageClass: 'Use the default storage class ({name})'\n none: No default storage location\n pickPV: Use an existing persistent volume\n pickSC: Use an existing storage class\n s3: Use an S3-compatible object store\n persistentVolume:\n label: Persistent Volume\n storageClass:\n label: Storage Class\n tip: 'Configure a storage location where all backups are saved by default. You will have the option to override this with each backup, but will be limited to using an S3-compatible object store.'\n warning: 'This {type} does not have its reclaim policy set to \"Retain\". Your backups may be lost if the volume is changed or becomes unbound.'\n encryption: Encryption\n encryptionConfigName:\n backuptip: 'Any secret in the cattle-resource-system namespace that has an encryption-provider-config.yaml key.
The contents of this file are necessary to perform a restore from this backup, and are not stored by Rancher Backup.'\n label: Encryption Config Secret\n options:\n none: Store the contents of the backup unencrypted\n secret: 'Encrypt backups using an Encryption Config Secret (Recommended)'\n restoretip: 'If the backup was performed with encryption enabled, a secret containing the same encryption-provider-config should be used during restore.'\n warning: 'The contents of this file are necessary to perform a restore from this backup, and are not stored by Rancher Backup.'\n lastBackup: Last Backup\n nextBackup: Next Backup\n noResourceSet: You must define a ResourceSet in this namespace to create a backup CR.\n prune:\n label: Prune\n tip: Delete the resources managed by Rancher that are not present in the backup. (Recommended)\n resourceSetName: Resource Set\n restoreFrom:\n default: The default storage target\n existing: An existing backup config\n s3: An S3-compatible object store\n retentionCount:\n label: Retention Count\n units: |-\n {count, plural,\n =1 { File }\n other { Files }\n }\n s3:\n bucketName: Bucket Name\n credentialSecretName: Credential Secret\n endpoint: Endpoint\n endpointCA: Endpoint CA\n folder: Folder\n insecureTLSSkipVerify: Skip TLS Verifications\n region: Region\n storageLocation: Storage Location\n titles:\n backupLocation: Backup Source\n location: Storage Location\n s3: S3\n schedule:\n label: Schedule\n options:\n disabled: One-Time Backup\n enabled: Recurring Backups\n placeholder: e.g. @midnight or 0 0 * * *\n storageSource:\n configureS3: Use an S3-compatible object store\n useBackup: Use the s3 location specified on the Backup CR\n useDefault: Use the default storage location configured during installation\n targetBackup: Target Backup\n\n\n\ncatalog:\n app:\n managed: Managed\n section:\n notes: Release Notes\n readme: Chart README\n resources: Resources\n values: Values YAML\n chart:\n header:\n charts: Charts\n info:\n appVersion: Application Version\n chartVersions:\n label: Chart Versions\n showMore: Show More\n showLess: Show Less\n home: Home\n maintainers: Maintainers\n related: Related\n chartUrls: Chart\n keywords: Keywords\n errors:\n clusterToolExists: This chart has a fixed namespace and name. A matching application has been found and any changes will be made to it.\n charts:\n all: All\n categories:\n all: All Categories\n certified:\n other: Other\n partner: Partner\n rancher: '{vendor}'\n header: Deploy Chart\n noCharts: 'There are no charts available, have you added any repos?'\n noWindows: Your catalogs do not contain any charts capable of being deployed on a Windows cluster.\n search: Filter\n install:\n action:\n goToUpgrade: Edit/Upgrade\n appReadmeMissing: This chart doesn't have any additional chart information.\n appReadmeTitle: Chart Information (Helm README)\n chart: Chart\n error:\n requiresFound: '{name} must be installed before you can install this chart.'\n requiresMissing: 'This chart requires another chart that provides {name}, but none was found.'\n insufficientCpu: 'This chart requires {need, number} CPU cores, but the cluster only has {have, number} available.'\n insufficientMemory: 'This chart requires {need} of memory, but the cluster only has {have} available.'\n header:\n install: 'Install {name}'\n installGeneric: Install Chart\n upgrade: 'Upgrade {name}'\n helm:\n atomic: Atomic\n cleanupOnFail: Cleanup on Failure\n crds: Apply custom resource definitions\n dryRun: Dry Run\n force: Force\n historyMax:\n label: Keep last\n unit: |-\n {value, plural,\n =1 { revision }\n other { revisions }\n }\n hooks: Execute chart hooks\n openapi: Validate OpenAPI schema\n resetValues: Reset Values\n timeout:\n label: Timeout\n unit: |-\n {value, plural,\n =1 { second }\n other { seconds }\n }\n wait: Wait\n namespaceIsInProject: \"This chart's target namespace, {namespace}, already exists and cannot be added to a different project.\"\n project: Install into Project\n section:\n chartOptions: Edit Options\n valuesYaml: Edit YAML\n diff: Compare Changes\n slideIn:\n dock: Dock to bottom\n steps:\n basics:\n label: Metadata\n subtext: Set App metadata\n description: This process will help {action, select,\n install { create }\n upgrade { upgrade }\n update { update }\n } the {existing, select,\n true { app}\n false { chart}\n }. Start by setting some basic information used by {vendor} to manage the App.\n nsCreationDescription: \"To install the app into a new namespace enter it's name and select it in the Namespace field.\"\n createNamespace: \"Namespace {namespace} will be created.\"\n helmValues:\n label: Values\n subtext: Change how the App works\n description: Configure Values used by Helm that help define the App.\n chartInfo:\n button: View Chart Info\n label: Chart Info\n helmCli:\n checkbox: Customize Helm options before install\n label: Helm Options\n subtext: Change how the app is deployed\n description: Supply additional deployment options\n version: Version\n versions:\n current: '{ver} (Current)'\n linux: '{ver} (Linux-only)'\n windows: '{ver} (Windows-only)'\n operation:\n tableHeaders:\n action: Action\n releaseName: Release Name\n releaseNamespace: Release Namespace\n repo:\n action:\n refresh: Refresh\n all: All\n gitBranch:\n label: Git Branch\n placeholder: e.g. master\n gitRepo:\n label: Git Repo URL\n placeholder: 'e.g. https://github.com/your-company/charts.git'\n name:\n rancher-charts: '{vendor}'\n rancher-partner-charts: Partners\n rancher-rke2-charts: RKE2\n target:\n git: Git Repository containing Helm chart definitions\n http: http(s) URL to an index generated by Helm\n label: Target\n url:\n label: Index URL\n placeholder: 'e.g. https://charts.rancher.io'\n tools:\n header: Cluster Tools\n action:\n install: Install\n upgrade: Upgrade/Edit\n edit: Edit\n remove: Remove\n manage: Manage\n\nchangePassword:\n title: Change Password\n cancel: Cancel\n deleteKeys:\n label: Delete all existing API keys\n changeOnLogin:\n label: Ask user to change their password on first login\n generatePassword:\n label: Generate a random password\n currentPassword:\n label: Current Password\n userGen:\n newPassword:\n label: New Password\n confirmPassword:\n label: Confirm Password\n randomGen:\n generated:\n label: Generated Password\n newGeneratedPassword: Suggest a password\n errors:\n missmatchedPassword: Passwords do not match\n failedToChange: Failed to change password\n failedDeleteKey: Failed to delete key\n failedDeleteKeys: Failed to delete keys\n\nchartHeading:\n overview: Overview\n poweredBy: \"Powered by:\"\n\ncis:\n addTest: Add Test ID\n alertNeeded: |-\n Alerting must be enabled within the CIS chart values.yaml.\n This requires that the {vendor} Monitoring and Alerting app is installed\n and the Receivers and Routes are configured to send out alerts.\n alertOnComplete: Alert on scan completion\n alertOnFailure: Alert on scan failure\n benchmarkVersion: Benchmark Version\n clusterProvider: Cluster Provider\n cronSchedule:\n label: Schedule\n placeholder: \"e.g. 0 * * * *\"\n customConfigMap: Custom Benchmark ConfigMap\n deleteBenchmarkWarning: |-\n {count, plural,\n =1 { Any profiles using this benchmark version will no longer work. }\n other { Any profiles using these benchmark versions will no longer work }\n }\n deleteProfileWarning: |-\n {count, plural,\n =1 { Any scheduled scans using this profile will no longer work. }\n other { Any scheduled scans using either of these profiles will no longer work. }\n }\n downloadAllReports: Download All Saved Reports\n downloadLatestReport: Download Latest Report\n downloadReport: Download Report\n maxKubernetesVersion: Maximum allowed Kubernetes version\n minKubernetesVersion: Minimum required Kubernetes version\n noProfiles: There are no valid ClusterScanProfiles for this cluster type to select.\n noReportFound: No scan report found\n profile: Profile\n reports: Reports\n retention: Retention Count\n scan:\n description: Description\n fail: Fail\n lastScanTime: Last Scan Time\n notApplicable: N/A\n number: Number\n pass: Pass\n remediation: Remediation\n scanDate: Scan Date\n scanReport: Scan Report\n skip: Skip\n total: Total\n warn: Warn\n scheduling:\n disable: Run scan once\n enable: Run scan on a schedule\n scoreWarning:\n label: Scan state for \"warn\" results\n protip: Scans with no failures will be marked \"Pass\" by default even if some of the tests generate \"warn\" output. This behavior can be changed by selecting the \"fail\" option from this section.\n testID: Test ID\n testsSkipped: Tests Skipped\n testsToSkip: Tests to Skip\n\ncluster:\n agentEnvVars:\n label: Agent Environment\n detail: Add additional environment variables to the agent container. This is most commonly useful for configuring a HTTP proxy.\n custom:\n nodeRole:\n label: Node Role\n detail: Choose what roles the node will have in the cluster. The cluster needs to have at least one node with each role.\n advanced:\n label: Advanced\n detail: Additional control over how the node will be registered. These values will often need to be different for each node registered.\n registrationCommand:\n label: Registration Command\n detail: Run this command on each of the existing machines you want to register.\n insecure: \"Insecure: Select this to skip TLS verification if your server has a self-signed certificate.\"\n credential:\n aws:\n accessKey:\n label: Access Key\n placeholder: Your AWS Access Key\n defaultRegion:\n help: The default region to use when creating clusters. Also contacted to verify that this credential works.\n label: Default Region\n secretKey:\n label: SecretKey\n placeholder: Your AWS Secret Key\n digitalocean:\n accessToken:\n help: Paste in a Personal Access Token from the DigitalOcean Applications & API screen.\n label: Access Token\n placeholder: Your DigitalOcean API Access Token\n label: Cloud Credential\n name:\n label: Credential Name\n placeholder: Name for this credential (optional)\n vmwarevsphere:\n server:\n label: vCenter or ESXi Server\n placeholder: vcenter.domain.com\n port:\n label: Port\n username:\n label: Username\n password:\n label: Password\n note: 'Note: The free ESXi license does not support API access. Only servers with a valid or evaluation license are supported.'\n description:\n label: Cluster Description\n placeholder: Any text you want that better describes this cluster\n import:\n commandInstructions: 'Run the kubectl command below on an existing Kubernetes cluster running a supported Kubernetes version to import it into {vendor}:'\n commandInstructionsInsecure: 'If you get a "certificate signed by unknown authority" error, your {vendor} installation has a self-signed or untrusted SSL certificate. Run the command below instead to bypass the certificate verification:'\n clusterRoleBindingInstructions: 'If you get permission errors creating some of the resources, your user may not have the cluster-admin role. Use this command to apply it:'\n clusterRoleBindingCommand: 'kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user '\n\n importAction: Import Existing\n kubernetesVersion:\n label: Kubernetes Version\n toolsTip: Use the new Cluster Tools to manage and install Monitoring, Logging and other tools\n name:\n label: Cluster Name\n placeholder: A unique name for the cluster\n machineConfig:\n aws:\n sizeLabel: |-\n {apiName}: {cpu}, {memory, number} GiB Memory, {storageSize, plural,\n =0 {EBS-Only}\n other {{storageSize, number} GiB {storageType}}\n }\n digitalocean:\n sizeLabel: |-\n {plan, select,\n s {Basic: }\n g {General: }\n gd {General: }\n c {CPU: }\n m {Memory: }\n so {Storage: }\n standard {Standard: }\n other {}\n }{memoryGb} GB, {vcpus, plural,\n =1 {# vCPU}\n other {# vCPUs}\n }, {disk} GB Disk ({value})\n\n machinePool:\n name:\n label: Pool Name\n placeholder: A random one will be generated by default\n nodeTotals:\n label:\n controlPlane: '{count} Control Plane'\n etcd: '{count} etcd'\n worker: '{count} Worker'\n tooltip:\n controlPlane: |-\n {count, plural,\n =0 { A cluster needs at least one control plane node to be usable. }\n =1 { A cluster with only one control plane node is not fault-tolerant. }\n other {}\n }\n etcd: |-\n {count, plural,\n =0 { A cluster needs at least one etcd node to be usable. }\n =1 { A cluster with only one etcd node is not fault-tolerant. }\n =2 { Clusters should have an odd number of nodes. A cluster with 2 etcd nodes is not fault-tolerant. }\n =3 {}\n =4 { Clusters should have an odd number of nodes. }\n =5 {}\n =6 { Clusters should have an odd number of nodes. }\n =7 {}\n other { More than 7 etcd nods is not recommended. }\n }\n worker: |-\n {count, plural,\n =0 { A cluster needs at least one worker node to be usable. }\n =1 { A cluster with only one worker node is not fault-tolerant. }\n other {}\n }\n provider:\n aliyunecs: Aliyun ECS\n aliyunkubernetescontainerservice: Alibaba ACK\n aliyun: Alibaba ACK\n amazonec2: Amazon EC2\n amazoneks: Amazon EKS\n aws: Amazon AWS\n azure: Azure\n azureaks: Azure AKS\n aks: Azure AKS\n baiducloudcontainerengine: Baidu CCE\n baidu: Baidu CCE\n cloudca: Cloud.ca\n custom: Custom\n digitalocean: DigitalOcean\n docker: Docker\n eks: Amazon EKS\n exoscale: Exoscale\n google: Google GCE\n googlegke: Google GKE\n gke: Google GKE\n huaweicce: Huawei CCE\n import: Generic\n imported: Imported\n k3s: K3s\n kubeAdmin: KubeADM\n linode: Linode\n local: Local\n minikube: Minikube\n oci: Oracle Cloud Infrastructure\n openstack: OpenStack\n opentelekomcloudcontainerengine: Open Telekom Cloud CCE\n otccce: Open Telekom Cloud CCE\n oracleoke: Oracle OKE\n otc: Open Telekom Cloud\n other: Other\n packet: Packet\n pinganyunecs: Pinganyun ECS\n rackspace: RackSpace\n rancherkubernetesengine: RKE\n rke2: RKE2\n rke: RKE1\n rkeWindows: Windows\n softlayer: SoftLayer\n tencenttke: Tencent TKE\n upcloud: UpCloud\n vmwarevsphere: vSphere\n zstack: ZStack\n providerGroup:\n create-custom1: Use existing nodes and create a cluster using RKE\n create-custom2: Use existing nodes and create a cluster using RKE2\n create-kontainer: Create a cluster in a hosted Kubernetes provider\n register-kontainer: Register an existing cluster in a hosted Kubernetes provider\n create-rke1: Provision new nodes and create a cluster using RKE\n create-rke2: Provision new nodes and create a cluster using RKE2\n create-template: Use a Catalog Template to create a cluster\n register-custom: Import any Kubernetes cluster\n rke2:\n systemService:\n rke2-coredns: 'CoreDNS'\n rke2-ingress-nginx: 'NGINX Ingress Controller'\n rke2-kube-proxy: 'Kube Proxy'\n rke2-metrics-server: 'Metrics Server'\n tabs:\n ace: Authorized Endpoint\n advanced: Advanced\n agentEnv: Agent Environment Vars\n basic: Basics\n cluster: Cluster Configuration\n etcd: etcd\n networking: Networking\n machinePools: Machine Pools\n registry: Private Registry\n upgrade: Upgrade Strategy\n\nclusterIndexPage:\n hardwareResourceGauge:\n consumption: \"{useful} of {total} {units} {suffix}\"\n cores: Cores\n pods: Pods\n ram: Memory\n used: Used\n reserved: Reserved\n header: Cluster Dashboard\n resourceGauge:\n totalResources: Total Resources\n sections:\n capacity:\n label: Capacity\n events:\n label: Events\n resource:\n label: Resource\n date:\n label: Date\n alerts:\n label: Alerts\n clusterMetrics:\n label: Cluster Metrics\n etcdMetrics:\n label: Etcd Metrics\n k8sMetrics:\n label: Kubernetes Components Metrics\n gatekeeper:\n buttonText: Configure Gatekeeper\n disabled: OPA Gatekeeper is not configured.\n label: OPA Gatekeeper Constraint Violations\n noRows: There are no constraints with violations to show.\n nodes:\n label: Unhealthy Nodes\n noRows: There are no unhealthy nodes to show.\n\nconfigmap:\n tabs:\n data:\n label: Data\n protip: Use this area for anything that's UTF-8 text data\n binaryData:\n label: Binary Data\n\ncontainerResourceLimit:\n cpuPlaceholder: e.g. 1000\n helpText: Configure how much resources the container can consume by default.\n helpTextDetail: The amount of resources the container can consume by default.\n label: Container Default Resource Limit\n limitsCpu: CPU Limit\n limitsMemory: Memory Limit\n memPlaceholder: e.g. 128\n requestsCpu: CPU Reservation\n requestsMemory: Memory Reservation\n\ncruResource:\n backToForm: Back to Form\n backBody: You will lose any changes made to the YAML.\n cancelBody: You will lose any changes made to the YAML.\n confirmBack: \"Okay\"\n confirmCancel: \"Okay\"\n reviewForm: \"Keep editing YAML\"\n reviewYaml: \"Keep editing YAML\"\n previewYaml: Edit as YAML\n\ndetailText:\n collapse: Hide\n binary: ''\n empty: ''\n unsupported: ''\n plusMore: |-\n {n, plural,\n =1 {+ 1 more char}\n other {+ {n, number} more chars}\n }\n\netcdInfoBanner:\n hasLeader: \"Etcd has a leader:\"\n leaderChanges: \"Number of leader changes:\"\n failedProposals: \"Number of failed proposals:\"\n\nfleet:\n cluster:\n summary: Resource Summary\n nonReady: Non-Ready Bundles\n fleetSummary:\n state:\n success: 'Ready'\n info: 'Transitioning'\n warning: 'Warning'\n error: 'Error'\n unknown: 'Unknown'\n gitRepo:\n tabs:\n resources: Resources\n unready: Non-Ready\n auth:\n label: Authentication\n git: Git Authentication\n helm: Helm Authentication\n caBundle:\n label: Certificates\n placeholder: \"Paste in one or more certificates, starting with -----BEGIN CERTIFICATE----\"\n paths:\n label: Paths\n placeholder: e.g. /directory/in/your/repo\n addLabel: Add Path\n empty: The root of the repo is used by default. To use one or more different directories, add them here.\n repo:\n label: Repository URL\n placeholder: 'e.g. https://github.com/rancher/fleet-examples.git'\n ref:\n label: Watch\n branch: A Branch\n revision: A Revision\n branchLabel: Branch Name\n branchPlaceholder: e.g. master\n revisionLabel: Tag or Commit Hash\n revisionPlaceholder: e.g. v1.0.0\n serviceAccount:\n label: Service Account Name\n placeholder: \"Optional: Use a service account in the target clusters\"\n targetNamespace:\n label: Target Namespace\n placeholder: \"Optional: Require all resources to be in this namespace\"\n target:\n selectLabel: Target\n advanced: Advanced\n cluster: Cluster\n clusterGroup: Cluster Group\n label: Deploy To\n labelLocal: Deploy With\n targetDisplay:\n advanced: Advanced\n cluster: \"Cluster\"\n clusterGroup: \"Group\"\n all: All\n none: None\n local: Local\n tls:\n label: TLS Certificate Verification\n verify: Require a valid certificate\n specify: Specify additional certificates to be accepted\n skip: Accept any certificate (insecure)\n workspace:\n label: Workspace\n clusterGroup:\n selector:\n label: Cluster Selectors\n matchesAll: Matches all {total, number} existing clusters\n matchesNone: Matches no existing clusters\n matchesSome: |-\n {matched, plural,\n =1 {Matches 1 of {total, number} existing clusters: \"{sample}\"}\n other {Matches {matched, number} of {total, number} existing clusters, including \"{sample}\"}\n }\nfooter:\n docs: Docs\n download: Download CLI\n forums: Forums\n issue: File an Issue\n slack: Slack\n\ngatekeeperConstraint:\n match:\n title: Match\n tab:\n enforcementAction:\n title: Enforcement Action\n rules:\n title: Rules\n sub:\n labelSelector:\n addLabel: Add Label\n title: Label Selector\n namespaces:\n sub:\n excludedNamespaces: Excluded Namespaces\n namespaces: Namespaces\n namespaceSelector:\n addNamespace: Add Namespace\n title: Namespace Selector\n scope:\n title: Scope\n title: Namespaces\n parameters:\n addParameter: Add Parameter\n editAsForm: Edit as Form\n editAsYaml: Edit as YAML\n title: Parameters\n template: Template\n violations:\n title: Violations\n\ngatekeeperIndex:\n poweredBy: OPA Gatekeeper\n unavailable: OPA + Gatekeeper is not available in the system-charts catalog.\n violations: Violations\n\nglance:\n created: Created\n cpu: CPU Usage\n memory: Memory\n nodes:\n total:\n label: |-\n {count, plural,\n =1 { Node }\n other { Total Nodes }\n }\n pods: Pods\n provider: Provider\n version: Kubernetes Version\n monitoringDashboard: Monitoring Dashboard\n installMonitoring: Install Monitoring\n v1MonitoringInstalled: V1 Monitoring Installed\n\ngrafanaDashboard:\n failedToLoad: Failed to load graph\n reload: Reload\n grafana: Grafana\n\ngraphOptions:\n detail: Detail\n summary: Summary\n refresh: Refresh\n range: Range\n\nhpa:\n detail:\n currentMetrics:\n header: Current Metrics\n noMetrics: No Current Metrics\n metricHeader: '{source} Metric'\n metricIdentifier:\n name:\n label: Metric Name\n placeholder: e.g. packets-per-second\n selector:\n label: Add Selector\n metricTarget:\n averageVal:\n label: Average Value\n quantity:\n label: Quantity\n type:\n label: Type\n utilization:\n label: Average Utilization\n value:\n label: Value\n metrics:\n headers:\n metricName: Name\n objectKind: Object Kind\n objectName: Object Name\n quantity: Quantity\n resource: Resource Name\n targetName: Target Name\n value: Value\n source: Source\n objectReferance:\n api:\n label: Referent API Version\n placeholder: e.g. apps/v1beta1\n kind:\n label: Referent Kind\n placeholder: e.g. Deployment\n name:\n label: Referent Name\n placeholder: e.g. php-apache\n tabs:\n labels: Labels\n metrics: Metrics\n target: Target\n workload: Workload\n types:\n cpu: CPU\n memory: Memory\n warnings:\n custom: In order to use custom metrics with HPA, you need to deploy the custom metrics server such as prometheus adapter.\n external: In order to use external metrics with HPA, you need to deploy the external metrics server such as prometheus adapter.\n noMetric: In order to use resource metrics with HPA, you need to deploy the metrics server.\n resource: The selected target reference does not have the correct resource requests on the spec. Without this the HPA metric will have no effect.\n workloadTab:\n current: Current Replicas\n last: Last Scale Time\n max: Maximum Replicas\n min: Minimum Replicas\n targetReference: Target Reference\n\nimport:\n title: Import YAML\n defaultNamespace:\n label: Default Namespace\n success: |-\n Applied {count, plural,\n =1 {1 Resource}\n other {# Resources}\n }\n\ningress:\n certificates:\n addCertificate: Add Certificate\n addHost: Add Host\n certificate:\n label: Certificate - Secret Name\n doesntExist: The selected certificate does not exist\n defaultCertLabel: Default Ingress Controller Certificate\n headers:\n certificate: Certificate\n hosts: Hosts\n host:\n label: Host\n placeholder: e.g. example.com\n label: Certificates\n removeHost: Remove\n defaultBackend:\n label: Default Backend\n noServiceSelected: No default backend is configured.\n port:\n label: Port\n placeholder: e.g. 80 or http\n targetService:\n label: Target Service\n doesntExist: The selected service does not exist\n warning: \"Warning: Default backend is used globally for the entire cluster.\"\n rules:\n addPath: Add Path\n addRule: Add Rule\n headers:\n pathType: Path Type\n path: Path\n port: Port\n target: Target Service\n certificates: Certificates\n hostname: Hostname\n path:\n label: Path\n placeholder: e.g. /foo\n port:\n label: Port\n placeholder: e.g. 80 or http\n removePath: Remove\n requestHost:\n label: Request Host\n placeholder: e.g. example.com\n target:\n label: Target Service\n doesntExist: The selected service does not exist\n title: Rules\n rulesAndCertificates:\n title: Rules and Certificates\n defaultCertificate: default\n target:\n default: Default\n\ninternalExternalIP:\n none: None\n\nistio:\n links:\n kiali:\n label: Kiali\n description: 'Visualization of services within a service mesh and how they are connected. For Kiali to display data, you need Prometheus installed. If you need a monitoring solution, install {vendor} monitoring.'\n jaeger:\n label: Jaeger\n description: Monitor and Troubleshoot microservices-based distributed systems.\n disabled: '{app} is not installed'\n cni: Enabled CNI\n customOverlayFile:\n label: Custom Overlay File\n tip: 'The overlay file allows for additional configuration on top of the base {vendor} Istio installation. You can utilize the IstioOperator API to make changes and additions for all components and apply those changes via this overlay YAML file.'\n description: '{vendor} Istio helm chart installs a minimal Istio configuration for you to get started integrating with your applications.\n If you would like to get additional information about Istio, visit https://istio.io/latest/docs/concepts/what-is-istio/'\n egressGateway: Enabled Egress Gateway\n ingressGateway: Enabled Ingress Gateway\n istiodRemote: Enabled istiodRemote\n kiali: Enabled Kiali\n pilot: Enabled Pilot\n policy: Enabled Policy\n poweredBy: Powered by Istio\n telemetry: Enabled Telemetry\n titles:\n components: Components\n customAnswers: Custom Answers\n advanced: Advanced Settings\n description: Description\n tracing: Enabled Jaeger Tracing (limited)\n v1Warning: Please uninstall the current Istio version in the istio-system namespace before attempting to install this version.\n\nlabels:\n addLabel: Add Label\n addSetLabel: Add/Set Label\n addAnnotation: Add Annotation\n labels:\n title: Labels\n annotations:\n title: Annotations\n\nlanding:\n clusters:\n title: Clusters\n provider: Provider\n kubernetesVersion: Kubernetes Version\n explorer: Explorer\n explore: Explore\n cores: |-\n {count, plural,\n =1 {core}\n other {cores}}\n seeWhatsNew: Learn more about the improvements and new capabilities in this version.\n whatsNewLink: \"What's new in 2.5\"\n learnMore: Learn More\n gettingStarted:\n title: Getting Started\n body: Take a look at the quick getting started guide. For Cluster Manager users, learn more about where you can find you favorite features in the Dashboard UI.\n community:\n title: Community Support\n docs: Docs\n forums: Forums\n commercial:\n title: Commercial Support\n body: Learn about commercial support\n landingPrefs:\n title: What do you want to see when you log in?\n body: \"You can change where you land when you login:\"\n options:\n homePage: Take me to the home page\n lastVisited: Take me to the area I last visited\n custom: \"Take me to cluster:\"\n welcomeToRancher: 'Welcome to {vendor}'\n\nlogging:\n clusterFlow:\n noOutputsBanner: There are no cluster outputs in the selected namespace.\n flow:\n clusterOutputs:\n doesntExistTooltip: This cluster output doesn't exist\n label: Cluster Outputs\n matches:\n label: Matches\n addSelect: Add Include Rule\n addExclude: Add Exclude Rule\n filters:\n label: Filters\n outputs:\n doesntExistTooltip: This output doesn't exist\n label: Outputs\n install:\n k3sContainerEngine: K3S Container Engine\n enableAdditionalLoggingSources: Enable enhanced cloud provider logging\n dockerRootDirectory: Docker Root Directory\n elasticsearch:\n host: Host\n scheme: Scheme\n port: Port\n indexName: Index Name\n user: User\n password: Password from Secret\n caFile:\n label: CA File from Secret\n clientCert:\n label: Client Cert from Secret\n placeholder: Paste in the CA certificate\n clientKey:\n label: Client Key from Secret\n placeholder: Paste in the client key\n clientKeyPass: Client Key Pass from Secret\n kafka:\n brokers: Brokers\n defaultTopic: Default Topic\n saslOverSsl: SASL Over SSL\n scramMechanism: Scram Mechanism\n username: Username from Secret\n password: Password from Secret\n sslCaCert:\n label: CA Cert from Secret\n placeholder: Paste in the CA certificate\n sslClientCert:\n label: Cert from Secret\n placeholder: Paste in the client cert\n sslClientCertChain:\n label: Cert Chain from Secret\n placeholder: Paste in the client cert chain\n sslClientCertKey: Cert Key from Secret\n loki:\n url: URL\n tenant: Tenant\n username: User from Secret\n password: Password from Secret\n configureKubernetesLabels: Configure Kubernetes metadata in a Prometheus like format\n extractKubernetesLabels: Extract Kubernetes labels as Loki labels\n dropSingleKey: If a record only has 1 key, then just set the log line to the value and discard the key\n caCert: CA Cert from Secret\n cert: Cert from Secret\n key: Key from Secret\n awsElasticsearch:\n url: URL\n keyId: Key ID from Secret\n secretKey: Secret Key from Secret\n azurestorage:\n storageAccount: Account from Secret\n accessKey: Access Key from Secret\n container: Container\n path: Path\n storeAs: Store As\n cloudwatch:\n keyId: Key ID from Secret\n secretKey: Secret Key from Secret\n endpoint: Endpoint\n region: Region\n datadog:\n apiKey: API Key from Secret\n useSSL: Use SSL\n useCompression: Use Compression\n host: Host\n file:\n path: Path\n gcs:\n project: Project\n credentialsJson: Credentials from Secret\n bucket: Bucket\n path: Path\n overwriteExistingPath: Overwrite Existing Path\n kinesisStream:\n streamName: Stream Name\n keyId: Key ID from Secret\n secretKey: Secret Key from Secret\n logdna:\n apiKey: API Key\n hostname: Hostname\n app: App\n logz:\n url: URL\n port: Port\n token: Api Token from Secret\n enableCompression: Enable Compression\n newrelic:\n apiKey: API Key from Secret\n licenseKey: License Key from Secret\n baseURI: Base URI\n sumologic:\n endpoint: Endpoint from Secret\n sourceName: Source Name\n syslog:\n host: Host\n port: Port\n transport: Transport\n insecure: insecure\n trustedCaPath: CA Path from Secret\n format:\n title: Format\n type: Type\n addNewLine: Add New Line\n messageKey: Message Key\n buffer:\n title: Buffer\n tags: Tags\n chunkLimitSize: Chunk Limit Size\n chunkLimitRecords: Chunk Limit chunkLimitRecords\n totalLimitSize: Total Limit Size\n flushInterval: Flush Interval\n timekey: Timekey\n timekeyWait: Timekey Wait\n timekeyUseUTC: Timekey Use UTC\n s3:\n keyId: Key ID from Secret\n secretKey: Secret Key from Secret\n endpoint: Endpoint\n bucket: Bucket\n path: Path\n overwriteExistingPath: Overwrite Existing Path\n output:\n selectOutputs: Select Outputs\n selectBanner: Select to configure an output\n sections:\n target: Target\n access: Access\n certificate: Connection\n labels: Labels\n outputProviders:\n elasticsearch: Elasticsearch\n splunkHec: Splunk\n kafka: Kafka\n forward: Fluentd\n loki: Loki\n awsElasticsearch: Amazon Elasticsearch\n azurestorage: Azure Storage\n cloudwatch: Cloudwatch\n datadog: Datadog\n file: File\n gcs: GCS\n kinesisStream: Kinesis Stream\n logdna: LogDNA\n logz: LogZ\n newrelic: New Relic\n sumologic: SumoLogic\n syslog: Syslog\n s3: S3\n unknown: Unknown\n overview:\n poweredBy: Banzai Cloud\n clusterLevel: Cluster-Level\n namespaceLevel: Namespace-Level\n provider: Provider\n splunk:\n host: Host\n port: Port\n protocol: Protocol\n index: Index\n token: Token from Secret\n insecureSsl: Insecure SSL\n indexName: Index Name\n source: Source\n caFile: CA File from Secret\n caPath: CA Path from Secret\n clientCert: Client Cert from Secret\n clientKey: Client Key from Secret\n forward:\n host: Host\n port: Port\n sharedKey: Shared Key from Secret\n username: Username from Secret\n password: Password from Secret\n clientCertPath: Client Cert Path from Secret\n clientPrivateKeyPath: Client Private Key Path from Secret\n clientPrivateKeyPassphrase: Client Private Key Passphrase from Secret\n\nlonghorn:\n overview:\n title: Overview\n subtitle: \"Powered By: Longhorn\"\n linkedList:\n longhorn:\n label: 'Longhorn'\n description: 'Manage storage system via UI'\n na: Resource Unavailable\n\nlogin:\n howdy: Howdy!\n welcome: Welcome to {vendor}\n loggedOut: You have been logged out.\n loginAgain: Log in again to continue.\n error: An error occurred logging in. Please try again.\n useLocal: Use a local user\n loginWithProvider: Log in with {provider}\n username: Username\n password: Password\n loggingIn: Logging in...\n loggedIn: Logged in\n loginWithLocal: Log in with Local User\n useProvider: Use a {provider} user\n\nmembers:\n clusterMembers: Cluster Members\n createActionLabel: Add\n clusterPermissions:\n noDescription: User created - no description\n label: Cluster Permissions\n description: Controls what access users have to the Cluster\n createProjects: Create Projects\n manageClusterBackups: Manage Cluster Backups\n manageClusterCatalogs: Manage Cluster Catalogs\n manageClusterMembers: Manage Cluster Members\n manageNodes: Manage Nodes\n manageStorage: Manage Storage\n viewAllProjects: View All Projects\n viewClusterCatalogs: View Cluster Catalogs\n viewClusterMembers: View Cluster Members\n viewNodes: View Nodes\n owner:\n label: Owner\n description: Owners have full control over the Cluster and all resources inside it.\n member:\n label: Member\n description: Members can manage the resources inside the Cluster but not change the Cluster itself.\n custom:\n label: Custom\n description: Choose individual roles for this user.\n\nmonitoring:\n accessModes:\n many: ReadWriteMany\n once: ReadWriteOnce\n readOnlyMany: ReadOnlyMany\n aggregateDefaultRoles:\n label: Aggregate to Default Kubernetes Roles\n tip: 'Adds labels to the ClusterRoles deployed by the Monitoring chart to aggregate to the corresponding default k8s admin, edit, and view ClusterRoles.'\n alerting:\n config:\n label: Alert Manager Config\n enable:\n label: Deploy Alertmanager\n secrets:\n additional:\n info: Secrets should be mounted at /etc/alertmanager/secrets/
\n label: Additional Secrets\n existing: Choose an existing config secret\n info: |\n Create default config: A Secret containing your Alertmanager Config will be created in the cattle-monitoring-system
namespace on deploying this chart under the name alertmanager-rancher-monitoring-alertmanager
. By default, this Secret will never be modified on an uninstall or upgrade of this chart.
\n Once you have deployed this chart, you should edit the Secret via the UI in order to add your custom notification configurations that will be used by Alertmanager to send alerts.
\n Choose an existing config secret: You must specify a Secret that exists in the cattle-monitoring-system
namespace. If the namespace does not exist, you will not be able to select an existing secret.\n label: Alertmanager Secret\n new: Create default config\n radio:\n label: Config Secret\n templates:\n keyLabel: File Name\n label: Template Files\n valueLabel: YAML Template\n title: Configure Alertmanager\n clusterType:\n label: Cluster Type\n placeholder: Select cluster type\n createDefaultRoles:\n label: Create Default Monitoring Cluster Roles\n tip: 'Creates monitoring-admin, monitoring-edit, and monitoring-view ClusterRoles that can be assigned to users to provide permissions to CRDs installed by the Monitoring chart.'\n etcdNodeDirectory:\n label: etcd Node Certificate Directory\n tooltip: 'For clusters that use RancherOS for the etcd nodes, this option should be set to /opt/rke/etc/kubernetes/ssl
. Hybrid environments that require specifying multiple certificate directories (e.g. an etcd plane composed of both RancherOS and Ubuntu hosts) are not supported.'\n grafana:\n storage:\n annotations: PVC Annotations\n className: Storage Class Name\n existingClaim: Use Existing Claim\n finalizers: PVC Finalizers\n label: Grafana Storage\n mode: Access Mode\n selector: Selector\n size: Size\n subpath: Use Subpath\n type: Persistent Storage Types\n types:\n existing: Enable With Existing PVC\n statefulset: Enable with StatefulSet Template\n template: Enable with PVC Template\n volumeMode: Volume Mode\n volumeName: Volume Name\n title: Configure Grafana\n hostNetwork:\n label: Use Host Network For Prometheus Operator\n tip: If you are using a managed Kubernetes cluster with custom CNI (e.g. Calico), you must enable this option to allow a managed control plane to contact the admission webhook exposed by Prometheus Operator to mutate or validate incoming PrometheusRules.\n overview:\n alertsList:\n ends:\n label: Ends At\n label: Active Alerts\n message:\n label: Message\n severity:\n label: Severity\n start:\n label: Starts At\n linkedList:\n alertManager:\n description: Active Alerts\n label: Alertmanager\n grafana:\n description: Metrics Dashboards\n label: Grafana\n na: Resource Unavailable\n prometheusPromQl:\n description: PromQL Graph\n label: Prometheus Graph\n prometheusRules:\n description: Configured Rules\n label: Prometheus Rules\n prometheusTargets:\n description: Configured Targets\n label: Prometheus Targets\n subtitle: 'Powered By: Prometheus'\n title: Dashboard\n prometheus:\n config:\n adminApi: Admin API\n evaluation: Evaluation Interval\n ignoreNamespaceSelectors:\n help: 'Ignoring Namespace Selectors allows Cluster Admins to limit teams from monitoring resources outside of namespaces they have permissions to but can break the functionality of Apps that rely on setting up Monitors that scrape targets across multiple namespaces, such as Istio.'\n label: Namespace Selectors\n radio:\n enforced: 'Use: Monitors can access resources based on namespaces that match the namespace selector field'\n ignored: 'Ignore: Monitors can only access resources in the namespace they are deployed in'\n limits:\n cpu: CPU Limit\n memory: Memory Limit\n requests:\n cpu: Requested CPU\n memory: Requested Memory\n resourceLimits: Resource Limits\n retention: Retention\n retentionSize: Retention Size\n scrape: Scrape Interval\n storage:\n className: Storage Class Name\n label: Persistent Storage for Prometheus\n mode: Access Mode\n selector: Selector\n selectorWarning: 'If you are using a dynamic provisioner (e.g. Longhorn), no Selectors should be specified since a PVC with a non-empty selector can''t have a PV dynamically provisioned for it.'\n size: Size\n volumeMode: Volume Mode\n volumeName: Volume Name\n title: Configure Prometheus\n warningInstalled: |\n Warning: Prometheus Operators are currently deployed. Deploying multiple Prometheus Operators onto one cluster is not currently supported. Please remove all other Prometheus Operator deployments from this cluster before trying to install this chart.\n If you are migrating from an older version of {vendor} with Monitoring enabled, please disable Monitoring on this cluster completely before attempting to install this chart.\n receiver:\n fields:\n name: Name\n tls:\n label: SSL\n caFilePath:\n label: CA File Path\n placeholder: e.g. ./ca-file.csr\n certFilePath:\n label: Cert File Path\n placeholder: e.g. ./cert-file.crt\n keyFilePath:\n label: Key File Path\n placeholder: e.g. ./key-file.pfx\n secretsBanner: The file paths below must be referenced in alertmanager.alertmanagerSpec.secrets
when deploying the Monitoring chart. For more information see our documentation.\n\n route:\n fields:\n groupBy: Group By\n groupInterval: Group Interval\n groupWait: Group Wait\n receiver: Receiver\n repeatInterval: Repeat Interval\n routesAndReceivers: Routes and Receivers\n monitors: Monitors\n installSteps:\n uninstallV1:\n stepTitle: Uninstall V1\n stepSubtext: Uninstall Previous Monitoring\n warning1: V1 Monitoring is currently deployed. This needs to be uninstalled before V2 monitoring can be installed.\n warning2: Learn more about migrating to V2 Monitoring.\n success1: V1 monitoring successfully uninstalled.\n success2: Press Next to continue\n tabs:\n alerting: Alerting\n general: General\n grafana: Grafana\n prometheus: Prometheus\n v1Warning: 'Monitoring is currently deployed from Cluster Manager. If you are migrating from an older version of {vendor} with monitoring enabled, please disable monitoring in Cluster Manager before attempting to install the new {vendor} Monitoring chart in Cluster Explorer.'\n volume:\n modes:\n block: Block\n file: Filesystem\n\nmonitoringReceiver:\n addButton: Add {type}\n custom:\n label: Custom\n title: Custom Config\n info: The YAML provided here will be directly appended to your receiver within the Alertmanager Config Secret.\n email:\n label: Email\n title: Email Config\n opsgenie:\n label: Opsgenie\n title: Opsgenie Config\n pagerduty:\n label: PagerDuty\n title: PagerDuty Config\n info: \"See additional info on creating an Integration Key for PagerDuty.\"\n slack:\n label: Slack\n title: Slack Config\n info: \"See additional info on creating Incoming Webhooks for Slack .\"\n webhook:\n label: Webhook\n title: Webhook Config\n urlTooltip: For some webhooks this a url that points to the service DNS\n modifyNamespace: If rancher-alerting-drivers
default values were changed, please update the url below in the format http://<new_service_name>.<new_namespace>.svc.<port>/<path>\n banner: To use MS Teams or SMS you will need to have rancher-alerting-drivers
installed first.\n add:\n generic: Generic\n msTeams: MS Teams\n alibabaCloudSms: SMS\n auth:\n label: Auth\n authType: Auth Type\n username: Username\n password: Password\n none:\n label: None\n bearerToken:\n label: Bearer Token\n placeholder: e.g. secret-token\n basicAuth:\n label: Basic Auth\n bearerTokenFile:\n label: Bearer Token File\n placeholder: e.g. ./user_token\n shared:\n proxyUrl:\n label: Proxy URL\n placeholder: e.g. http://my-proxy/\n sendResolved:\n label: Enable send resolved alerts\n\nmonitoringRoute:\n groups:\n label: Group By\n info: This is the top-level Route used by Alertmanager as the default destination for any Alerts that do not match any other Routes. This Route must exist and cannot be deleted.\n interval:\n label: Group Interval\n matching:\n info: The root route has to match everything so matching cannot be configured.\n label: Match\n receiver:\n label: Receiver\n regex:\n label: Match Regex\n repeatInterval:\n label: Repeat Interval\n wait:\n label: Group Wait\n\nmoveModal:\n title: Move to a new project?\n description: 'You are moving the following namespaces:'\n moveButtonLabel: Move\n\nnameNsDescription:\n name:\n label: Name\n placeholder: 'A unique name'\n namespace:\n label: Namespace\n placeholder:\n workspace:\n label: Workspace\n placeholder:\n description:\n label: Description\n placeholder: Any text you want that better describes this resource\n\nnamespace:\n containerResourceLimit: Container Resource Limit\n project:\n label: Project\n resources: Resources\n enableAutoInjection: Enable Istio Auto Injection\n disableAutoInjection: Disable Istio Auto Injection\n move: Move\n\nnamespaceFilter:\n selected:\n label: \"{total} items selected\"\n\nnamespaceList:\n selectLabel: Namespace\n addLabel: Add Namespace\n\nnode:\n detail:\n detailTop:\n containerRuntime: Container Runtime\n internalIP: Internal IP\n externalIP: External IP\n os: OS\n version: Version\n glance:\n consumptionGauge:\n used: Used\n amount: \"{used} of {total} {unit}\"\n cpu: CPU\n memory: MEMORY\n pods: PODS\n diskPressure: Disk Pressure\n kubelet: kubelet\n memoryPressure: Memory Pressure\n pidPressure: PID Pressure\n tab:\n conditions: Conditions\n images: Images\n metrics: Metrics\n info:\n label: Info\n key:\n architecture: Architecture\n bootID: Boot ID\n containerRuntimeVersion: Container Runtime Version\n kernelVersion: Kernel Version\n kubeProxyVersion: Kube Proxy Version\n kubeletVersion: Kubelet Version\n machineID: Machine ID\n operatingSystem: Operating System\n osImage: Image\n systemUUID: System UUID\n pods: Pods\n taints: Taints\n\npersistentVolume:\n pluginConfiguration:\n label: Plugin configuration\n customize:\n label: Customize\n affinity:\n label: Node Selectors\n addLabel: Add Node Selector\n assignToStorageClass:\n label: Assign to Storage Class\n mountOptions:\n label: Mount Options\n addLabel: Add Option\n accessModes:\n label: Access Modes\n readWriteOnce: Single Node Read-Write\n readOnlyMany: Many Nodes Read-Only\n readWriteMany: Many Nodes Read-Write\n shared:\n partition:\n label: Partition\n placeholder: e.g. 1; 0 for entire device\n readOnly:\n label: Read Only\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext4\n secretName:\n label: Secret Name\n placeholder: e.g. secret\n secretNamespace:\n label: Secret Namespace\n placeholder: e.g. default\n monitors:\n add: Add Monitor\n vsphereVolume:\n label: VMWare vSphere Volume\n volumePath:\n label: Volume Path\n placeholder: e.g. /\n storagePolicyName:\n label: Storage Policy Name\n placeholder: e.g. sp\n storagePolicyId:\n label: Storage Policy ID\n placeholder: e.g. sp1\n csi:\n label: CSI (Unsupported)\n driver:\n label: Driver\n placeholder: e.g. driver.longhorn.io\n volumeHandle:\n label: Volume Handle\n placeholder: e.g. pvc-xxxx\n volumeAttributes:\n add: Add Volume Attribute\n nodePublishSecretName:\n label: Node Publish Secret Name\n placeholder: e.g. secret\n nodePublishSecretNamespace:\n label: Node Publish Secret Namespace\n placeholder: e.g. default\n nodeStageSecretName:\n label: Node Stage Secret Name\n placeholder: e.g. secret\n nodeStageSecretNamespace:\n label: Node Stage Secret Namespace\n placeholder: e.g. default\n controllerExpandSecretName:\n label: Controller Expand Secret Name\n placeholder: e.g. secret\n controllerExpandSecretNamespace:\n label: Controller Expand Secret Namespace\n placeholder: e.g. default\n controllerPublishSecretName:\n label: Controller Publish Secret Name\n placeholder: e.g. secret\n controllerPublishSecretNamespace:\n label: Controller Publish Secret Namespace\n placeholder: e.g. default\n cephfs:\n label: Ceph Filesystem (Unsupported)\n path:\n label: Path\n placeholder: e.g. /var\n user:\n label: User\n placeholder: e.g. root\n secretFile:\n label: Secret File\n placeholder: e.g. secret\n rbd:\n label: Ceph RBD (Unsupported)\n user:\n label: User\n placeholder: e.g. root\n keyRing:\n label: Key Ring\n placeholder: e.g. /etc/ceph/keyring\n pool:\n label: Pool\n placeholder: e.g. rbd\n image:\n label: Image\n placeholder: e.g. image\n fc:\n label: Fibre Channel (Unsupported)\n targetWWNS:\n add: Add Target WWN\n wwids:\n add: Add WWID\n lun:\n label: Lun\n placeholder: e.g. 2\n flexVolume:\n label: Flex Volume (Unsupported)\n driver:\n label: Driver\n placeholder: e.g. driver\n options:\n add: Add Option\n flocker:\n label: Flocker (Unsupported)\n datasetName:\n label: Dataset Name\n placeholder: e.g. dataset\n datasetUUID:\n label: Dataset UUID\n placeholder: e.g. uuid\n glusterfs:\n label: Gluster Volume (Unsupported)\n endpoints:\n label: Endpoints\n placeholder: e.g. glusterfs-cluster\n path:\n label: Path\n placeholder: e.g. kube-vol\n iscsi:\n label: iSCSI Target (Unsupported)\n initiatorName:\n label: Initiator Name\n placeholder: iqn.1994-05.com.redhat:1df7a24fcb92\n iscsiInterface:\n label: iSCSI Interface\n placeholder: e.g. interface\n chapAuthDiscovery:\n label: Chap Auth Discovery\n chapAuthSession:\n label: Chap Auth Session\n iqn:\n label: IQN\n placeholder: iqn.2001-04.com.example:storage.kube.sys1.xyz\n lun:\n label: Lun\n placeholder: e.g. 2\n targetPortal:\n label: Target Portal\n placeholder: e.g. portal\n portals:\n add: Add Portal\n cinder:\n label: Openstack Cinder Volume (Unsupported)\n volumeId:\n label: Volume ID\n placeholder: e.g. vol\n quobyte:\n label: Quobyte Volume (Unsupported)\n volume:\n label: Volume\n placeholder: e.g. vol\n user:\n label: User\n placeholder: e.g. root\n group:\n label: Group\n placeholder: e.g. abc\n registry:\n label: Registry\n placeholder: e.g. abc\n photonPersistentDisk:\n label: Photon Volume (Unsupported)\n pdId:\n label: PD ID\n placeholder: e.g. abc\n portworxVolume:\n label: Portworx Volume (Unsupported)\n volumeId:\n label: Volume ID\n placeholder: e.g. abc\n scaleIO:\n label: ScaleIO Volume (Unsupported)\n volumeName:\n label: Volume Name\n placeholder: e.g. vol-0\n gateway:\n label: Gateway\n placeholder: e.g. https://localhost:443/api\n protectionDomain:\n label: Protection Domain\n placeholder: e.g. pd01\n storageMode:\n label: Storage Mode\n placeholder: e.g. ThinProvisioned\n storagePool:\n label: Storage Pool\n placeholder: e.g. sp01\n system:\n label: System\n placeholder: e.g. scaleio\n sslEnabled:\n label: SSL Enabled\n storageos:\n label: StorageOS (Unsupported)\n volumeName:\n label: Volume Name\n placeholder: e.g. vol\n volumeNamespace:\n label: Volume Namespace\n placeholder: e.g. default\n nfs:\n label: NFS Share\n path:\n label: Path\n placeholder: e.g. /var\n server:\n label: Server\n placeholder: e.g. 10.244.1.4\n longhorn:\n label: Longhorn\n volumeHandle:\n label: Volume Handle\n placeholder: e.g. pvc-xxxx\n options:\n label: Options\n addLabel: Add\n local:\n label: Local\n path:\n label: Path\n placeholder: e.g. /mnt/disks/ssd1\n hostPath:\n label: HostPath\n pathOnTheNode:\n label: Path on the Node\n placeholder: /mnt/disks/ssd1\n mustBe:\n label: The Path on the Node must be\n anything: 'Anything: do not check the target path'\n directory: A directory, or create if it does not exist\n file: A file, or create if it does not exist\n existingDirectory: An existing directory\n existingFile: An existing file\n existingSocket: An existing socket\n existingCharacter: An existing character device\n existingBlock: An existing block device\n gcePersistentDisk:\n label: Google Persistent Disk\n persistentDiskName:\n label: Persistent Disk Name\n placeholder: e.g. abc\n awsElasticBlockStore:\n label: Amazon EBS Disk\n volumeId:\n label: Volume ID\n placeholder: e.g. volume1\n azureFile:\n label: Azure Filesystem\n shareName:\n label: Share Name\n placeholder: e.g. abc\n azureDisk:\n label: Azure Disk\n diskName:\n label: Disk Name\n placeholder: e.g. kubernetes-pvc\n diskURI:\n label: Disk URI\n placeholder: e.g. https://example.com/disk\n kind:\n label: Kind\n dedicated: Dedicated\n managed: Managed\n shared: Shared\n cachingMode:\n label: Caching Mode\n none: None\n readOnly: Read Only\n readWrite: Read Write\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext4\n readOnly:\n label: Read Only\n\npersistentVolumeClaim:\n accessModes: Access Modes\n capacity: Capacity\n storageClass: Storage Class\n useDefault: Use the default class\n volumes: Persistent Volumes\n volumeName: Persistent Volume Name\n source:\n label: Source\n options:\n new: Use a Storage Class to provision a new Persistent Volume\n existing: Use an existing Persistent Volume\n volumeClaim:\n label: Volume Claim\n storageClass: Storage Class\n requestStorage: Request Storage\n persistentVolume: Persistent Volume\n customize:\n label: Customize\n accessModes:\n readWriteOnce: Single Node Read-Write\n readOnlyMany: Many Nodes Read-Only\n readWriteMany: Many Nodes Read-Write\n status:\n label: Status\nprefs:\n title: Preferences\n theme:\n label: Theme\n light: Light\n auto: Auto\n dark: Dark\n autoDetail: Auto uses OS preference if available, or dark from {pm} to {am}\n landing:\n label: Login Landing Page\n vue: Cluster Explorer\n ember: Cluster Manager\n formatting: Formatting\n clusterToShow:\n label: Number of clusters to show in side menu\n value: |-\n {count, number}\n dateFormat:\n label: Date Format\n timeFormat:\n label: Time Format\n perPage:\n label: Table Rows per Page\n value: |-\n {count, number}\n keymap:\n label: YAML Editor Key Mapping\n sublime: 'Normal human'\n emacs: 'Emacs'\n vim: 'Vim'\n advanced: Advanced\n dev:\n label: Enable Developer Tools & Features\n hideDesc:\n label: Hide All Type Description Boxes\n helm:\n 'true': Include Prerelease Versions\n 'false': Show Releases Only\n label: Helm Charts\n experimental: Experimental\n onlyFromVentura_x64: This setting requires macOS 13.0 (Ventura) or later.\n onlyFromVentura_arm64: This setting requires macOS 13.3 (Ventura) or later.\n onlyWithVZ_x64: This setting requires using the VZ emulation mode. VZ is only available on macOS 13.0 (Ventura) or later.\n onlyWithVZ_arm64: This setting requires using the VZ emulation mode. VZ is only available on macOS 13.3 (Ventura) or later.\n\nprincipal:\n loading: Loading…\n error: Unable to fetch principal info\n name: Name\n loginName: Username\n type: Type\n\nprobe:\n checkInterval:\n label: Check Interval\n placeholder: 'Default: 10'\n command:\n label: Command to run\n placeholder: e.g. cat /tmp/health\n failureThreshold:\n label: Failure Threshold\n placeholder: 'Default: 3'\n httpGet:\n headers:\n label: Request Headers\n path:\n label: Request Path\n placeholder: e.g. /healthz\n port:\n label: Check Port\n placeholder: e.g. 80\n placeholderDuex: e.g. 25\n initialDelay:\n label: Initial Delay\n placeholder: 'Default: 0'\n successThreshold:\n label: Success Threshold\n placeholder: 'Default: 1'\n timeout:\n label: Timeout\n placeholder: 'Default: 3'\n type:\n label: Type\n placeholder: Select a check type\n\nproject:\n containerDefaultResourceLimit: Container Default Resource Limit\n resourceQuotas: Resource Quotas\n\nprojectNamespaces:\n createNamespace: Create Namespace\n createProject: Create Project\n label: Projects/Namespaces\n noNamespaces: There are no namespaces defined.\n\nprometheusRule:\n alertingRules:\n addLabel: Add Alert\n annotations:\n description:\n input: Description Annotation Value\n label: Description\n label: Annotations\n message:\n input: Message Annotation Value\n label: Message\n runbook:\n input: Runbook URL Annotation Value\n label: Runbook URL\n summary:\n input: Summary Annotation Value\n label: Summary\n bannerText: 'When firing alerts, the annotations and labels will be passed to the configured AlertManagers to allow them to construct the notification that will be sent to any configured Receivers.'\n for:\n label: Wait to fire for\n placeholder: '60'\n label: Alerting Rules\n labels:\n label: Labels\n severity:\n choices:\n critical: critical\n label: Severity Label Value\n none: none\n warning: warning\n label: Severity\n name: Alert Name\n removeAlert: Remove Alert\n groups:\n add: Add Rule Group\n groupRowLabel: Rule Group {index}\n groupInterval:\n label: Override Group Interval\n placeholder: '60'\n label: Rule Groups\n name: Group Name\n none: Please add at least one rule group that contains at least one alerting or one recording rule.\n removeGroup: Remove Group\n responseStrategy:\n label: Partial Response Strategy\n promQL:\n label: PromQL Expression\n recordingRules:\n addLabel: Add Record\n label: Recording Rules\n labels: Labels\n name: Time Series Name\n removeRecord: Remove Record\n\npromptRemove:\n andOthers: |-\n {count, plural,\n =0 {.}\n =1 { and one other.}\n other { and {count} others.}\n }\n attemptingToRemove: \"You are attempting to delete the {type}\"\n protip: \"Tip: Hold the {alternateLabel} key while clicking delete to bypass this confirmation\"\n confirmName: \"Enter {nameToMatch} below to confirm:\"\n\npromptRestore:\n title: Restore Snapshot\n\npromptSaveAsRKETemplate:\n title: Create RKE Template from {cluster}\n name: Cluster Template Name\n description: Create a new RKE cluster template and initial revision from the current cluster configuration.\n warning: This will modify the cluster, setting it up to use the newly created cluster template and revision.\n\nrancherAlertingDrivers:\n msTeams: Enable Microsoft Teams\n sms: Enable SMS\n selectOne: You must select at least one of the options below.\n\nrbac:\n roleBinding:\n noData: There are no members associated with this resource.\n user:\n label: User\n role:\n label: Role\n add: Add Member\n displayRole:\n fleetworkspace-admin: Admin\n fleetworkspace-member: Member\n fleetworkspace-readonly: Read-Only\n members:\n label: Members\n roletemplate:\n label: Roles\n newUserDefault:\n no: No\n tooltip: This does not affect any bindings to the role that already exist.\n locked:\n label: Locked\n yes: 'Yes: New bindings are not allowed to use this role'\n no: No\n tabs:\n grantResources:\n label: Grant Resources\n tableHeaders:\n verbs: Verbs\n resources: Resource\n nonResourceUrls: Non-Resource URLs\n apiGroups: API Groups\n subtypes:\n GLOBAL:\n createButton: Create Global Role\n label: Global\n yes: \"Yes: Default role for new users\"\n defaultLabel: New User Default\n CLUSTER:\n createButton: Create Cluster Role\n label: Cluster\n yes: \"Yes: Default role for new cluster creation\"\n defaultLabel: Cluster Creator Default\n NAMESPACE:\n createButton: Create Project/Namespaces Role\n label: Project/Namespaces\n yes: \"Yes: Default role for new project creation\"\n defaultLabel: Project Creator Default\n RBAC_ROLE:\n label: Role\n RBAC_CLUSTER_ROLE:\n label: Cluster Role\n noContext:\n label: No Context\n globalRoles:\n types:\n global:\n label: Global Permissions\n description: |-\n Controls what access the {isUser, select,\n true {user}\n false {group}} has to administer the overall {appName} installation.\n custom:\n label: Custom\n description: 'Roles not created by {vendor}.'\n builtin:\n label: Built-in\n description: Additional roles to define more fine-grain permissions model.\n unknownRole:\n description: No description provided\n assignOnlyRole: This role is already assigned\n role:\n admin:\n label: Administrator\n description: Administrators have full control over the entire installation and all resources in all clusters.\n restricted-admin:\n label: Restricted Administrator\n description: Restricted Admins have full control over all resources in all downstream clusters but no access to the local cluster.\n user:\n label: Standard User\n description: Standard Users can create new clusters and manage clusters and projects they have been granted access to.\n user-base:\n label: User-Base\n description: User-Base users have login-access only.\n clusters-create:\n label: Create new Clusters\n description: Allows the user to create new clusters and become the owner of them. Standard Users have this permission by default.\n clustertemplates-create:\n label: Create new RKE Cluster Templates\n description: Allows the user to create new RKE cluster templates and become the owner of them.\n authn-manage:\n label: Configure Authentication\n description: Allows the user to enable, configure, and disable all Authentication provider settings.\n catalogs-manage:\n label: Configure Catalogs\n description: Allows the user to add, edit, and remove Catalogs.\n clusters-manage:\n label: Manage all Clusters\n description: Allows the user to manage all clusters, including ones they are not a member of.\n clusterscans-manage:\n label: Manage CIS Cluster Scans\n description: Allows the user to launch new and manage CIS cluster scans.\n kontainerdrivers-manage:\n label: Create new Cluster Drivers\n description: Allows the user to create new cluster drivers and become the owner of them.\n features-manage:\n label: Configure Feature Flags\n description: Allows the user to enable and disable custom features via feature flag settings.\n nodedrivers-manage:\n label: Configure Node Drivers\n description: Allows the user to enable, configure, and remove all Node Driver settings.\n nodetemplates-manage:\n label: Manage Node Templates\n description: Allows the user to define, edit, and remove Node Templates.\n podsecuritypolicytemplates-manage:\n label: Manage Pod Security Policies (PSPs)\n description: Allows the user to define, edit, and remove PSPs.\n roles-manage:\n label: Manage Roles\n description: Allows the user to define, edit, and remove Role definitions.\n settings-manage:\n label: Manage Settings\n description: 'Allows the user to manage {vendor} Settings.'\n users-manage:\n label: Manage Users\n description: Allows the user to create, remove, and set passwords for all Users.\n catalogs-use:\n label: Use Catalogs\n description: Allows the user to see and deploy Templates from the Catalog. Standard Users have this permission by default.\n nodetemplates-use:\n label: Use Node Templates\n description: Allows the user to deploy new Nodes using any existing Node Templates.\n view-rancher-metrics:\n label: 'View {vendor} Metrics'\n description: Allows the user to view Metrics through the API.\n base:\n label: Login Access\n\nresourceDetail:\n detailTop:\n annotations: Annotations\n created: Created\n deleted: Deleted\n description: Description\n labels: Labels\n ownerReferences: |-\n {count, plural,\n =1 {Owner}\n other {Owners}}\n hideAnnotations: |-\n {annotations, plural,\n =1 {Hide 1 annotation}\n other {Hide {annotations} annotations}}\n showAnnotations: |-\n {annotations, plural,\n =1 {Show 1 annotation}\n other {Show {annotations} annotations}}\n name: Name\n header:\n clone: \"Clone from {subtype} {name}\"\n create: Create {subtype}\n import: Import {subtype}\n edit: \"{subtype} {name}\"\n stage: \"Stage from {subtype} {name}\"\n view: \"{subtype} {name}\"\n masthead:\n age: Age\n defaultBannerMessage:\n error: This resource is currently in an error state, but there isn't a detailed message available.\n transitioning: This resource is currently in a transitioning state, but there isn't a detailed message available.\n sensitive:\n hide: Hide Sensitive Values\n show: Show Sensitive Values\n namespace: Namespace\n workspace: Workspace\n project: Project\n detail: Detail\n config: Config\n yaml: YAML\n managedWarning: |-\n This {type} is managed by {hasName, select,\n no {a {managedBy} app}\n yes {the {managedBy} app {appName}}}; changes made here will likely be overwritten the next time the app is changed.\nresourceList:\n head:\n create: Create\n createFromYaml: Create from YAML\n createResource: \"Create {resourceName}\"\n\nresourceTable:\n groupBy:\n none: Flat List\n namespace: Group by Namespace\n project: Group by Project\n groupLabel:\n cluster: \"Cluster: {name}\"\n namespace: \"Namespace: {name}\"\n machinePool: \"Machine Pool: {name}\"\n notInANamespace: Not Namespaced\n notInAProject: Not in a Project\n project: \"Project: {name}\"\n notInAWorkspace: Not in a Workspace\n workspace: \"Workspace: {name}\"\n\nresourceTabs:\n conditions:\n tab: Conditions\n events:\n tab: Recent Events\n related:\n tab: Related Resources\n from: Referred To By\n to: Refers To\n\n\nresourceYaml:\n errors:\n namespaceRequired: This resource is namespaced, so a namespace must be provided.\n buttons:\n continue: Continue Editing\n edit: Edit YAML\n diff: Show Diff\n unified: Unified\n split: Split\n\nrioConfig:\n configure:\n description: Description\n helpText:\n listItem1: The application deployment engine for Kubernetes.\n listItem2: \"Rio makes it faster and easier for DevOps to build, test, deploy, scale and version stateless applications\"\n requirements:\n header: Requirements\n helpText:\n listItem1: 1 CPU Core\n listItem2: 2 GiB of Memory\n header: Rio\n yaml:\n buttonText: Customize\n\nsecret:\n authentication: Authentication\n certificate:\n certificate: Certificate\n cn: Domain Name\n expires: Expires\n issuer: Issuer\n plusMore: \"+ {n} more\"\n privateKey: Private Key\n data: Data\n registry:\n address: Registry\n domainName: Registry Domain Name\n password: Password\n username: Username\n basic:\n password: Password\n username: Username\n ssh:\n keys: Keys\n public: Public Key\n private: Private Key\n serviceAcct:\n ca: CA Certificate\n token: Token\n type: Type\n types:\n 'opaque': 'Opaque'\n 'kubernetes.io/service-account-token': 'Svc Acct Token'\n 'kubernetes.io/dockercfg': 'Registry'\n 'kubernetes.io/dockerconfigjson': 'Registry'\n 'kubernetes.io/basic-auth': 'HTTP Basic Auth'\n 'kubernetes.io/ssh-auth': 'SSH Key'\n 'kubernetes.io/tls': 'TLS Certificate'\n 'bootstrap.kubernetes.io/token': 'Bootstrap Token'\n 'istio.io/key-and-cert': 'Istio Certificate'\n 'helm.sh/release.v1': 'Helm Release'\n 'fleet.cattle.io/cluster-registration-values': 'Fleet Cluster'\n 'provisioning.cattle.io/cloud-credential': 'Cloud Credential'\n initials:\n 'opaque': 'O'\n 'kubernetes.io/service-account-token': 'SAT'\n 'kubernetes.io/dockercfg': 'R'\n 'kubernetes.io/dockerconfigjson': 'R'\n 'kubernetes.io/basic-auth': 'HTTP'\n 'kubernetes.io/ssh-auth': 'SSH'\n 'kubernetes.io/tls': 'TLS'\n 'bootstrap.kubernetes.io/token': 'Boot'\n 'istio.io/key-and-cert': 'Ist'\n 'helm.sh/release.v1': 'Helm'\n 'fleet.cattle.io/cluster-registration-values': 'F'\n 'provisioning.cattle.io/cloud-credential': 'CC'\n relatedWorkloads: Related Workloads\n\nselectOrCreateAuthSecret:\n label: Authentication\n options:\n none: None\n basic: HTTP Basic Auth\n ssh: SSH Key\n aws: AWS/S3\n custom: Secret Name\n aws:\n accessKey: Access Key\n secretKey: Secret Key\n ssh:\n publicKey: Public Key\n privateKey: Private Key\n basic:\n username: Username\n password: Password\n namespaceGroup: \"Namespace: {name}\"\n chooseExisting: \"Choose an existing secret:\"\n createSsh: Create a SSH Key Secret\n createBasic: Create a HTTP Basic Auth Secret\n createAws: Create an AWS/S3 Auth Secret\n\nservicePorts:\n header:\n label: Port Rules\n rules:\n listening:\n label: Listening Port\n placeholder: e.g. 8080\n name:\n label: Port Name\n placeholder: e.g. myport\n node:\n label: Node Port\n placeholder: e.g. 30000\n protocol:\n label: Protocol\n target:\n label: Target Port\n placeholder: e.g. 80 or http\n\nserviceTypes:\n clusterip: Cluster IP\n externalname: External Name\n headless: Headless\n loadbalancer: Load Balancer\n nodeport: Node Port\n\nservicesPage:\n anyNode: Any Node\n labelsAnnotations:\n label: Labels & Annotations\n affinity:\n actionLabels:\n clientIp: ClientIP\n none: There is no session affinity configured.\n helpText: Map connections to a consistent target based on their source IP.\n label: Session Affinity\n timeout:\n label: Session Sticky Time\n placeholder: e.g. 10800\n externalName:\n define: External Name\n helpText: \"External Name is intended to specify a canonical DNS name. This is a required field. To hardcode an IP address, use a Headless service.\"\n label: External Name\n placeholder: e.g. my.database.example.com\n input:\n label: DNS Name\n ips:\n define: Service Ports\n clusterIpHelpText: The Cluster IP address must be within the CIDR range configured for the API server.\n external:\n label: External IPs\n placeholder: e.g. 1.1.1.1\n protip: List of IP addresses for which nodes in the cluster will also accept traffic for this service.\n input:\n label: Cluster IP\n placeholder: e.g. 10.43.xxx.xxx\n label: IP Addresses\n pods:\n label: Pods\n ports:\n label: Ports\n selectors:\n helpText: \"\"\n label: Selectors\n matchingPods:\n matchesSome: |-\n {matched, plural,\n =0 {Matches 0 of {total, number} pods. If no selector is created, manual endpoints must be made.}\n =1 {Matches 1 of {total, number} pods: \"{sample}\"}\n other {Matches {matched, number} of {total, number} existing pods, including \"{sample}\"}\n }\n serviceTypes:\n clusterIp:\n abbrv: IP\n description: Exposes the service on a cluster-internal IP. Choosing this value makes the service only reachable from within the cluster. This is the default type.\n label: Cluster IP\n externalName:\n abbrv: EN\n description: \"Maps the service to the contents of the `externalName` field (e.g. foo.bar.example.com), by returning a CNAME record with its value. No proxying of any kind is set up.\"\n label: External Name\n headless:\n abbrv: H\n description: Neither a cluster IP or load balancer is defined. These are used to interface with other service discovery mechanisms outside of Kubernetes implementation. A cluster IP is not allocated and kube-proxy does not handle these services.\n label: Headless\n loadBalancer:\n abbrv: LB\n description: Exposes the service externally using a cloud provider's load balancer.\n label: Load Balancer\n nodePort:\n abbrv: NP\n description: \"Exposes the service on each node's IP at a static port (the `NodePort`). You'll be able to contact this type of service, from outside the cluster, by requesting `:`.\"\n label: Node Port\n typeOpts:\n label: Service Type\n\nsetup:\n welcome: Welcome to {vendor}!\n setPassword: The first order of business is to set a strong password for the default admin user. We suggest using this random one generated just for you, but enter your own if you like.\n newPassword: New Password\n confirmPassword: Confirm New Password\n useRandom: Use a randomly generated password\n useManual: Set a specific password to use\n defaultPasswordError: It looks like this is your first time visiting the Rancher UI, but the local admin account password is already set to something unique. Log in with that account below to continue the setup process.\n telemetry:\n label: Allow collection of anonymous statistics to help us improve Rancher\n tip: 'Rancher Labs would like to collect a bit of anonymized information\n about the configuration of your installation to help make Rio better.\n Your data will not be shared with anyone else, and no information about\n what specific resources or endpoints you are deploying is included.\n Once enabled you can view exactly what data will be sent at /v1-telemetry.\n More Info'\n eula: I agree to the terms and conditions for using Rancher.\n serverUrl:\n label: Server URL\n tip: What URL should be used for this Rancher installation? All the nodes in your clusters will need to be able to reach this. You can skip setting this for now, and update it later in General Settings>Advanced Settings.\n skip: Skip\n\nsortableTable:\n bulkActions:\n collapsed:\n label: Actions\n actionAvailability:\n selected: \"{actionable} selected\"\n some: \"Available for {actionable} of the {total} selected\"\n noData: There are no rows which match your search query.\n noRows: There are no rows to show.\n noActions: No actions available\n paging:\n generic: |-\n {pages, plural,\n =0 {No Items}\n =1 {{count} {count, plural, =1 {Item} other {Items}}}\n other {{from} - {to} of {count} Items}}\n resource: |-\n {pages, plural,\n =0 {No {pluralLabel}}\n =1 {{count} {count, plural, =1 {{singularLabel}} other {{pluralLabel}}}}\n other {{from} - {to} of {count} {pluralLabel}}}\n search: Filter\n in: in\n addFilter: Add Filter\n filterFor: Filter for...\n selectCol: Select a column\n resetFilters: Reset\n add: Add\n tableHeader:\n noFilter: This column cannot be filtered by\n groupBy: Group by\n show: Show\n\nstorageClass:\n actions:\n setAsDefault: Set as Default\n resetDefault: Reset Default\n parameters:\n label: Parameters\n customize:\n label: Customize\n reclaimPolicy:\n label: Reclaim Policy\n delete: Delete volumes and underlying device when volume claim is deleted\n retain: Retain the volume for manual cleanup\n allowVolumeExpansion:\n label: Allow Volume Expansion\n enabled: Enabled\n disabled: Disabled\n volumeBindingMode:\n label: Volume Binding Mode\n now: Bind and provision a persistent volume once the PersistentVolumeClaim is created\n later: Bind and provision a persistent volume once a Pod using the PersistentVolumeClaim is created\n mountOptions:\n label: Mount Options\n addlabel: Add Option\n aws-ebs:\n title: Amazon EBS Disk\n volumeType:\n label: Volume Type\n gp2: GP2 - General Purpose SSD\n io1: IO1 - Provisioned IOPS SSD\n st1: ST1 - Throughput-Optimized HDD\n sc1: SC1 - Cold-Storage HDD\n provisionedIops:\n label: Provisioned IOPS\n suffix: per second, per GB\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext4\n availabilityZone:\n label: Availability Zone\n automatic: 'Automatic: Zones the cluster has a node in'\n manual: 'Manual: Choose specific zones'\n placeholder: us-east-1d, us-east-1c\n encryption:\n label: Encryption\n enabled: Enabled\n disabled: Disabled\n keyId:\n label: KMS Key ID for Encryption\n automatic: 'Automatic: Generate a key'\n manual: 'Manual: Use a specific key (full ARN)'\n azure-disk:\n title: Azure Disk\n storageAccountType:\n label: Storage Account Type\n placeholder: e.g. Standard_LRS\n kind:\n label: Kind\n shared: Shared (unmanaged disk)\n dedicated: Dedicated (unmanaged disk)\n managed: Managed\n azure-file:\n title: Azure File\n skuName:\n label: Sku Name\n placeholder: e.g. Standard_LRS\n location:\n label: Location\n placeholder: e.g. eastus\n storageAccount:\n label: Storage Account\n placeholder: e.g. azure_storage_account_name\n gce-pd:\n title: Google Persistent Disk\n volumeType:\n label: Volume Type\n standard: Standard\n ssd: SSD\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext4\n availabilityZone:\n label: Availability Zone\n automatic: 'Automatic: Zones the cluster has a node in'\n manual: 'Manual: Choose specific zones'\n placeholder: us-east-1d, us-east-1c\n replicationType:\n label: Replication Type\n zonal: Zonal\n regional: Regional\n longhorn:\n title: Longhorn\n addLabel: Add Parameter\n vsphere-volume:\n title: VMWare vSphere Volume\n diskFormat:\n label: Disk Format\n thin: Thin\n zeroedthick: Zeroed Thick\n eagerzeroedthick: Eager Zeroed Thick\n storagePolicyName:\n label: Storage Policy Name\n placeholder: e.g. gold\n datastore:\n label: Datastore\n placeholder: e.g. VSANDatastore\n hostFailuresToTolerate:\n label: Host Failures To Tolerate\n placeholder: e.g. 2\n cacheReservation:\n label: Cache Reservation\n placeholder: e.g. 20\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext3\n custom:\n addLabel: Add Parameter\n glusterfs:\n title: Gluster Volume (Unsupported)\n restUrl:\n label: REST URL\n placeholder: e.g. http://127.0.0.1:8081\n restUser:\n label: REST User\n placeholder: e.g. admin\n restUserKey:\n label: REST User Key\n placeholder: e.g. password\n secretNamespace:\n label: Secret Namespace\n placeholder: e.g. default\n secretName:\n label: Secret Name\n placeholder: e.g. heketi-secret\n clusterId:\n label: Cluster ID\n placeholder: e.g. 630372ccdc720a92c681fb928f27b53f\n gidMin:\n label: GID MIN\n placeholder: e.g. 40000\n gidMax:\n label: GID MAX\n placeholder: e.g. 50000\n volumeType:\n label: Volume Type\n placeholder: \"e.g. replicate:3\"\n cinder:\n title: Openstack Cinder Volume (Unsupported)\n volumeType:\n label: Volume Type\n placeholder: e.g. fast\n availabilityZone:\n label: Availability Zone\n automatic: \"Automatic: Zones the cluster has a node in\"\n manual:\n label: \"Manual: Choose specific zones\"\n placeholder: e.g. nova\n rbd:\n title: Ceph RBD (Unsupported)\n monitors:\n label: Monitors\n placeholder: e.g. 10.16.153.105:6789\n adminId:\n label: Admin ID\n placeholder: e.g. kube\n adminSecretNamespace:\n label: Admin Secret Namespace\n placeholder: e.g. kube-system\n adminSecret:\n label: Admin Secret\n placeholder: e.g. Secret\n pool:\n label: Pool\n placeholder: e.g. kube\n userId:\n label: User ID\n placeholder: e.g. kube\n userSecretNamespace:\n label: User Secret Namespace\n placeholder: e.g. default\n userSecretName:\n label: User Secret Name\n placeholder: e.g. ceph-secret-user\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext4\n imageFormat:\n label: Image Format\n placeholder: e.g. 2\n imageFeatures:\n label: Image Features\n placeholder: e.g. layering\n quobyte:\n title: Quobyte Volume (Unsupported)\n quobyteApiServer:\n label: Quobyte API Server\n placeholder: \"e.g. http://138.68.74.142:7860\"\n registry:\n label: Registry\n placeholder: e.g. 138.68.74.142:7861\n adminSecretNamespace:\n label: Admin Secret Namespace\n placeholder: e.g. kube-system\n adminSecretName:\n label: Admin Secret Name\n placeholder: e.g. quobyte-admin-secret\n user:\n label: User\n placeholder: e.g. root\n group:\n label: Group\n placeholder: e.g. root\n quobyteConfig:\n label: Quobyte Config\n placeholder: e.g. BASE\n quobyteTenant:\n label: Quobyte Tenant\n placeholder: e.g. DEFAULT\n portworx-volume:\n title: Portworx Volume (Unsupported)\n filesystem:\n label: Filesystem\n placeholder: e.g. ext4\n blockSize:\n label: Block Size\n placeholder: e.g. 32\n repl:\n label: Repl\n placeholder: e.g.1; 0 for entire device\n ioPriority:\n label: I/O Priority\n placeholder: e.g. low\n snapshotsInterval:\n label: Snapshots Interval\n placeholder: e.g. 70\n aggregationLevel:\n label: Aggregation Level\n placeholder: e.g. 0\n ephemeral:\n label: Ephemeral\n placeholder: e.g. true\n scaleio:\n title: ScaleIO Volume (Unsupported)\n gateway:\n label: Gateway\n placeholder: e.g. https://192.168.99.200:443/api\n system:\n label: System\n placeholder: e.g. scaleio\n protectionDomain:\n label: Protection Domain\n placeholder: e.g. pd0\n storagePool:\n label: Storage Pool\n placeholder: e.g. sp1\n storageMode:\n label: StorageMode\n thin: Thin Provisioned\n thick: Thick Provisioned\n secretRef:\n label: Secret Ref\n placeholder: e.g. sio-secret\n readOnly:\n label: Read Only\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. xfs\n storageos:\n title: StorageOS (Unsupported)\n pool:\n label: Pool\n placeholder: e.g. default\n description:\n label: Description\n placeholder: e.g. Kubernetes volume\n filesystemType:\n label: Filesystem Type\n placeholder: e.g. ext4\n adminSecretNamespace:\n label: Admin Secret Namespace\n placeholder: e.g. default\n adminSecretName:\n label: Admin Secret Name\n placeholder: e.g. storageos-secret\n no-provisioner:\n title: Local Storage (Unsupported)\n\ntableHeaders:\n accessKey: Access Key\n address: Address\n age: Age\n apiGroup: API Groups\n authRoles:\n globalDefault: New User Default\n clusterDefault: Cluster Creator Default\n projectDefault: Project Creator Default\n branch: Branch\n builtIn: Built In\n bundlesReady: Bundles\n bundleDeploymentsReady: Deployments\n builtin: Built-In\n chart: Chart\n clusterCreatorDefault: Cluster Creator Default\n clusterFlow: Cluster Flow\n clusterOutput: Cluster Output\n clusters: Clusters\n clustersReady: Clusters Ready\n clusterGroups: Cluster Groups\n commit: Commit\n condition: Condition\n customVerbs: Custom Verbs\n description: Description\n expires: Expires\n providers: Providers\n cpu: CPU\n date: Date\n default: Default\n destination: Target\n download: Download\n effect: Effect\n endpoints: Endpoints\n flow: Flow\n gitRepos: Git Repos\n host: |-\n {count, plural,\n one { Host }\n other { Hosts }\n }\n image: Image\n imageSize: Size\n ingressDefaultBackend: Default\n ingressTarget: Target\n internalExternalIp: External/Internal IP\n jobs: Jobs\n key: Key\n keys: Data\n lastUpdated: Last Updated\n lastSeen: Last Seen\n loggingOutputProviders: Provider\n machines: Machines\n manual: Manual\n matches: Matches\n maxKubernetesVersion: Max Kubernetes Version\n message: Message\n minKubernetesVersion: Min Kubernetes Version\n memory: Memory\n name: Name\n nameDisplay: Display Name\n nameUnlinked: Name\n namespace: Namespace\n namespaceName: Name\n namespaceNameUnlinked: Name\n node: Node\n nodeName: Name\n nodesReady: Nodes Ready\n nodePort: Node Port\n object: Object\n output: Output\n p95: 95%tile\n persistentVolumeSource: Source\n podImages: Image\n pods: Pods\n port: Port\n protocol: Protocol\n provider: Provider\n publicPorts: Public Ports\n ram: RAM\n rbac:\n create: Create\n delete: Delete\n get: Get\n list: List\n patch: Patch\n update: Update\n watch: Watch\n ready: Ready\n reason: Reason\n repo: Repo\n reposReady: Repos Ready\n replicas: Replicas\n reqRate: Req Rate\n resource: Resource\n resources: Resources\n restarts: Restarts\n rioImage: Image\n role: Role\n roles: Roles\n scale: Scale\n scope: Scope\n selector: Selector\n simpleName: Name\n simpleScale: Scale\n simpleType: Type\n size: Size\n started: Started\n state: State\n status: Status\n storage_class_provisioner: Provisioner\n subject: Subject\n subType: Kind\n success: Success\n summary: Summary\n target: Target\n targetKind: Target Type\n targetPort: Target\n type: Type\n updated: Updated\n upgrade: Upgradable\n url: URL\n userDisplayName: Display Name\n userId: ID\n userStatus: Status\n username: Local Username\n value: Value\n version: Version\n weight: Weight\n\ntarget:\n router:\n label: Router\n placeholder: Select a router\n service:\n label: Service\n placeholder: Select a service\n title: Target\n version:\n label: Version\n placeholder: Select a version\n\nuser:\n detail:\n username: Username\n globalPermissions:\n label: Global Permissions\n description: Access to manage resources that affect the entire installation\n adminMessage: This user is an administrator and has all permissions\n tableHeaders:\n permission: Permission\n clusterRoles:\n label: Cluster Roles\n description: Roles granted to this user for individual clusters\n tableHeaders:\n cluster: Cluster\n projectRoles:\n label: Project Roles\n description: Roles granted to this user for individual projects\n tableHeaders:\n project: Project\n generic:\n tableHeaders:\n role: Role\n granted: Granted\n edit:\n credentials:\n label: Credentials\n username:\n label: Username\n placeholder: e.g. jsmith\n exists: 'Username is already in use. Please choose a new username'\n displayName:\n label: Display Name\n placeholder: e.g. John Smith\n userDescription:\n label: Description\n placeholder: e.g. This account is for John Smith\n list:\n errorRefreshingGroupMemberships: Error refreshing group memberships\nvalidation:\n arrayLength:\n between: '\"{key}\" should contain between {min} and {max} {max, plural, =1 {item} other {items}}'\n exactly: '\"{key}\" should contain {count, plural, =1 {# item} other {# items}}'\n max: '\"{key}\" should contain at most {count} {count, plural, =1 {item} other {items}}'\n min: '\"{key}\" should contain at least {count} {count, plural, =1 {item} other {items}}'\n boolean: '\"{key}\" must be a boolean value.'\n chars: '\"{key}\" contains {count, plural, =1 {an invalid character} other {# invalid characters}}: {chars}'\n custom:\n missing: 'No validator exists for { validatorName }! Does the validator exist in custom-validators? Is the name spelled correctly?'\n dns:\n doubleHyphen: '\"{key}\" Cannot contain two or more consecutive hyphens'\n hostname:\n empty: '\"{key}\" must be at least one character'\n emptyLabel: '\"{key}\" cannot contain two consecutive dots'\n endDot: '\"{key}\" cannot end with a dot'\n endHyphen: '\"{key}\" cannot end with a hyphen'\n startDot: '\"{key}\" cannot start with a dot'\n startHyphen: '\"{key}\" cannot start with a hyphen'\n startNumber: '\"{key}\" cannot start with a number'\n tooLong: '\"{key}\" cannot be longer than {max} characters'\n tooLongLabel: '\"{key}\" cannot contain a section longer than {max} characters'\n label:\n emptyLabel: '\"{key}\" cannot be empty'\n endHyphen: '\"{key}\" cannot end with a hyphen'\n startHyphen: '\"{key}\" cannot start with a hyphen'\n startNumber: '\"{key}\" cannot start with a number'\n tooLongLabel: '\"{key}\" cannot be more than {max} characters'\n flowOutput:\n both: Requires \"Output\" or \"Cluster Output\" to be selected.\n global: Requires \"Cluster Output\" to be selected.\n output:\n logdna:\n apiKey: Required an \"Api Key\" to be set.\n invalidCron: Invalid cron schedule\n k8s:\n identifier:\n emptyLabel: '\"{key}\" cannot have an empty key'\n emptyPrefix: '\"{key}\" cannot have an empty prefix'\n endLetter: '\"{key}\" must end with a letter or number'\n startLetter: '\"{key}\" must start with a letter or number'\n tooLongKey: '\"{key}\" cannot have a key longer than {max} characters'\n tooLongPrefix: '\"{key}\" cannot have a prefix longer than {max} characters'\n noSchema: No schema found to validate\n noType: No type to validate\n number:\n between: '\"{key}\" should be between {min} and {max}'\n exactly: '\"{key}\" should be exactly {val}'\n max: '\"{key}\" should be at most {val}'\n min: '\"{key}\" should be at least {val}'\n podAffinity:\n affinityTitle: Pod Affinity\n antiAffinityTitle: Pod Anti-Affinity\n requiredDuringSchedulingIgnoredDuringExecution: required rules\n preferredDuringSchedulingIgnoredDuringExecution: preferred rules\n topologyKey: Rule [{index}] of {group} {rules} - Topology key is required.\n matchExpressions:\n operator: Rule [{index}] of {group} {rules} - operator must be one of 'In', 'NotIn', 'Exists', 'DoesNotExist'\n valueMustBeEmpty: Rule [{index}] of {group} {rules} - value must be empty if operator is 'Exists' or 'DoesNotExist'\n valuesMustBeDefined: Rule [{index}] of {group} {rules} - value must be defined if operator is 'In' or 'NotIn'\n port: A port must be a number between 1 and 65535.\n prometheusRule:\n groups:\n required: At least one rule group is required.\n singleAlert: A rule may contain alert rules or recording rules but not both.\n valid:\n name: 'Name is required for rule group {index}.'\n rule:\n alertName: 'Rule group {groupIndex} rule {ruleIndex} requires a Alert Name.'\n expr: 'Rule group {groupIndex} rule {ruleIndex} requires a PromQL Expression.'\n labels: 'Rule group {groupIndex} rule {ruleIndex} requires at least one label. Severity is recommended.'\n recordName: 'Rule group {groupIndex} rule {ruleIndex} requires a Time Series Name.'\n singleEntry: 'At least one alert rule or one recording rule is required in rule group {index}.'\n required: '\"{key}\" is required'\n requiredOrOverride: '\"{key}\" is required or must allow override'\n roleTemplate:\n roleTemplateRules:\n missingVerb: You must specify at least one verb for each resource grant\n missingResource: You must specify a Resource for each resource grant\n missingApiGroup: You must specify an API Group for each resource grant\n missingOneResource: You must specify at least one Resource, Non-Resource URL or API Group for each resource grant\n service:\n externalName:\n none: External Name is required on an ExternalName Service.\n ports:\n name:\n required: 'Port Rule [{position}] - Name is required.'\n nodePort:\n requriedInt: 'Port Rule [{position}] - Node Port must be integer values if included.'\n port:\n required: 'Port Rule [{position}] - Port is required.'\n requriedInt: 'Port Rule [{position}] - Port must be integer values if included.'\n targetPort:\n between: 'Port Rule [{position}] - Target Port must be between 1 and 65535'\n iana: 'Port Rule [{position}] - Target Port must be an IANA Service Name or Integer'\n ianaAt: 'Port Rule [{position}] - Target Port '\n required: 'Port Rule [{position}] - Target Port is required'\n stringLength:\n between: '\"{key}\" should be between {min} and {max} {max, plural, =1 {character} other {characters}}'\n exactly: '\"{key}\" should be {count, plural, =1 {# character} other {# characters}}'\n max: '\"{key}\" should be at most {count} {count, plural, =1 {character} other {characters}}'\n min: '\"{key}\" should be at least {count} {count, plural, =1 {character} other {characters}}'\n targets:\n missingProjectId: A target must have a project selected.\n monitoring:\n route:\n match: At least one Match or Match Regex must be selected\n interval: '\"{key}\" must be of a format with digits followed by a unit i.e. 1h, 2m, 30s'\n\nwizard:\n previous: Previous\n finish: Finish\n next: Next\n step: \"Step {number}\"\n\nwm:\n connection:\n connected: Connected\n connecting: Connecting…\n disconnected: Disconnected\n error: Error\n containerLogs:\n clear: Clear\n containerName: \"Container: {label}\"\n download: Download\n follow: Follow\n noData: There are no log entries to show in the current range.\n noMatch: No lines match the current filter.\n previous: Use Previous Container\n range:\n all: Everything\n hours: |-\n {value, number}\n {value, plural,\n =1 {Hour}\n other {Hours}\n }\n label: Show the last\n lines: \"{value, number} Lines\"\n minutes: |-\n {value, number} {value, plural,\n =1 {Minute}\n other {Minutes}\n }\n search: Filter\n timestamps: Show Timestamps\n wrap: Wrap Lines\n containerShell:\n clear: Clear\n containerName: \"Container: {label}\"\n kubectlShell:\n title: \"Kubectl: {name}\"\n\nworkload:\n container:\n command:\n addEnvVar: Add Variable\n args: Arguments\n as: as\n command: Command\n env: Environment Variables\n fromResource:\n key:\n label: Key\n placeholder: \"e.g. metadata.labels['']\"\n name:\n label: Variable Name\n placeholder: \"e.g. FOO\"\n prefix: Prefix\n source:\n label: Source\n placeholder: e.g. my-container\n secret: Secret\n configMap: ConfigMap\n containerName: Container Name\n type: Type\n value:\n label: Value\n placeholder: e.g. bar\n tty: TTY\n workingDir: WorkingDir\n stdin: Stdin\n containerName: Container Name\n healthCheck:\n checkInterval: Check Interval\n command:\n command: Command to run\n failureThreshold: Failure Threshold\n httpGet:\n headers: Request Headers\n path: Request Path\n port: Check Port\n initialDelay: Initial Delay\n livenessProbe: Liveness Check\n livenessTip: Containers will be restarted when this check is failing. Not recommended for most uses.\n noHealthCheck: \"There is not a Readiness Check, Liveness Check or Startup Check configured.\"\n readinessProbe: Readiness Check\n readinessTip: Containers will be removed from service endpoints when this check is failing. Recommended.\n startupProbe: Startup Check\n startupTip: Containers will wait until this check succeeds before attempting other health checks.\n successThreshold: Success Threshold\n timeout: Timeout\n kind:\n none: None\n HTTP: HTTP request returns a successful status (200-399)\n HTTPS: HTTPS request returns a successful status\n tcp: TCP connection opens successfully\n exec: Command run inside the container exits with status 0\n image: Container Image\n imagePullPolicy: Pull Policy\n imagePullSecrets: Pull Secrets\n init: Init Container\n name: Container Name\n noResourceLimits: There are no resource requirements configured.\n noPorts: There are no ports configured.\n ports:\n createService: Service Type\n noCreateService: Do not create a service\n containerPort: Private Container Port\n hostIP: Host IP\n hostPort: Public Host Port\n name: Name\n protocol: Protocol\n listeningPort: Listening Port\n removeContainer: Remove Container\n security:\n addCapabilities: Add Capabilities\n addGroupIDs: Add Group IDs\n allowPrivilegeEscalation:\n label: Privilege Escalation\n 'false': No\n 'true': \"Yes: container can gain more privileges than its parent process\"\n dropCapabilities: Drop Capabilities\n fsGroup: Filesystem Group\n hostIPC: Use Host IPC Namespace\n hostPID: Use Host PID Namespace\n privileged:\n label: Privileged\n 'false': No\n 'true': \"Yes: container has full access to the host\"\n readOnlyRootFilesystem:\n label: Read-Only Root Filesystem\n 'false': No\n 'true': \"Yes: container has a read-only root filesystem\"\n runAsGroup: Run as Group ID\n runAsNonRoot:\n label: Run as Non-Root\n 'false': No\n 'true': \"Yes: container must run as a non-root user\"\n runAsNonRootOptions:\n noOption: \"No\"\n yesOption: \"Yes: containers must run as non-root-user\"\n runAsUser: Run as User ID\n shareProcessNamespace: Share single process namespace\n supplementalGroups: Additional Group IDs\n sysctls: Sysctls\n sysctlsKey: Name\n standard: Standard Container\n titles:\n container: Container\n command: Command\n containers: Containers\n env: Environment Variables\n events: Events\n general: General\n healthCheck: Health Check\n image: Image\n networking: Networking\n networkSettings: Network Settings\n podAnnotations: Pod Annotations\n podLabels: Pod Labels\n metrics: Metrics\n podScheduling: Pod Scheduling\n nodeScheduling: Node Scheduling\n ports: Ports\n resources: Resources\n securityContext: Security Context\n status: Status\n volumeClaimTemplates: Volume Claim Templates\n upgrading: Scaling and Upgrade Policy\n cronSchedule: Schedule\n detail:\n pods:\n title: Pods\n detailTop:\n node: Node\n podIP: Pod IP\n podRestarts: Pod Restarts\n workload: Workload\n pods: Pods by State\n runs: Runs\n gaugeStates:\n active: Active\n transitioning: Transitioning\n warning: Warning\n error: Error\n succeeded: Successful\n running: Running\n failed: Failed\n hideTabs: 'Hide Advanced Options'\n job:\n activeDeadlineSeconds:\n label: Active Deadline\n tip: The duration that the job may be active before the system tries to terminate it.\n backoffLimit:\n label: Back Off Limit\n tip: The number of retries before marking this job failed.\n completions:\n label: Completions\n tip: The number of successfully finished pods the job should be run with.\n failedJobsHistoryLimit:\n label: Failed Job History Limit\n tip: The number of failed finished jobs to retain.\n parallelism:\n label: Parallelism\n tip: The maximum number of pods the job should run at any given time.\n startingDeadlineSeconds:\n label: Starting Deadline Seconds\n tip: The deadline in seconds for starting the job if it misses scheduled time\n successfulJobsHistoryLimit:\n label: Successful Job History Limit\n tip: The number of successful finished jobs to retain.\n suspend: Suspend\n metrics:\n pod: Pod Metrics\n metricsView: Metrics View\n networking:\n dnsPolicy:\n label: DNS Policy\n options:\n clusterFirst: Cluster First\n clusterFirstWithHostNet: Cluster First With Host Network\n default: Default\n none: None\n placeholder: Select a Policy...\n hostAliases:\n add: Add Alias\n keyLabel: IP Address\n keyPlaceholder: e.g. 1.1.1.1\n label: Host Aliases\n tip: Additional /etc/hosts entries to be injected in the container.\n valueLabel: Hostname\n valuePlaceholder: \"e.g. foo.com, bar.com\"\n hostname:\n label: Hostname\n placeholder: e.g. web\n nameservers:\n add: Add Nameserver\n label: Nameservers\n placeholder: e.g. 1.1.1.1\n networkMode:\n label: Network Mode\n options:\n hostNetwork: Host Network\n normal: Normal\n placeholder: Select a Mode...\n dns: DNS\n resolver:\n label: Resolver Options\n add: Add Option\n searches:\n add: Add Search Domain\n label: Search Domains\n placeholder: e.g. mycompany.com\n subdomain:\n label: Subdomain\n placeholder: e.g. web\n validation:\n containers: Containers\n containerImage: Container {name} - \"Container Image\" is required.\n replicas: Replicas\n showTabs: 'Show Advanced Options'\n scheduling:\n activeDeadlineSeconds: Pod Active Deadline\n activeDeadlineSecondsTip: The duration that the pod may be active before the system tries to mark it failed and kill associated containers.\n affinity:\n addNodeSelector: Add Node Selector\n anyNode: Run pods on any available node\n affinityTitle: Run pods on nodes with pods matching these selectors\n antiAffinityTitle: Run pods on nodes without pods matching these selectors\n affinityOption: Affinity\n antiAffinityOption: Anti-Affinity\n matchExpressions:\n addRule: Add Rule\n doesNotExist: Does Not Exist\n exists: Exists\n greaterThan: \">\"\n in: =\n inNamespaces: \"Pods in these namespaces:\"\n key: Key\n lessThan: <\n namespaces: Namespaces\n notIn: ≠\n operator: Operator\n value: Value\n weight: Weight\n noPodRules: There are no pod scheduling rules configured.\n nodeName: Node Name\n priority: Priority\n preferAny: \"Prefer any of:\"\n preferred: Preferred\n required: Required\n requireAny: \"Require any of:\"\n schedulingRules: Run pods on node(s) matching scheduling rules\n specificNode: Run pods on specific node(s)\n thisPodNamespace: This pod's namespace\n topologyKey:\n label: Topology Key\n placeholder: e.g. failure-domain.beta.kubernetes.io/zone\n type: Type\n priority:\n className: Priority Class Name\n priority: Priority\n terminationGracePeriodSeconds: Termination Grace Period\n terminationGracePeriodSecondsTip: The duration that the pod needs to terminate gracefully.\n titles:\n advanced: Advanced\n nodeScheduling: Node Scheduling\n nodeSelector: Nodes with these labels\n podScheduling: Pod Scheduling\n priority: Priority\n tab: Scheduling\n tolerations: Tolerations\n limits: Limits and Reservations\n tolerations:\n addToleration: Add Toleration\n effect: Effect\n effectOptions:\n all: All\n noExecute: NoExecute\n noSchedule: \"NoSchedule,\"\n preferNoSchedule: PreferNoSchedule\n labelKey: Label Key\n operator: Operator\n operatorOptions:\n equal: =\n exists: Exists\n tolerationSeconds: Toleration Seconds\n value: Value\n serviceName: Service Name\n storage:\n subtypes:\n secret: Secret\n configMap: ConfigMap\n hostPath: Bind-Mount\n persistentVolumeClaim: Persistent Volume Claim\n createPVC: Create Persistent Volume Claim\n csi: CSI\n nfs: NFS\n awsElasticBlockStore: Amazon EBS Disk\n azureDisk: Azure Disk\n azureFile: Azure File\n gcePersistentDisk: Google Persistent Disk\n driver.longhorn.io: Longhorn\n vsphereVolume: VMWare vSphere Volume\n addClaim: Add Claim\n addMount: Add Mount\n addVolume: Add Volume\n certificate: Certificate\n csi:\n diskName: Disk Name\n diskURI: Disk URI\n cachingMode:\n label: Caching Mode\n options:\n none: None\n readOnly: Read Only\n readWrite: Read Write\n kind:\n label: Kind\n options:\n dedicated: Dedicated\n managed: Managed\n shared: Shared\n drivers:\n driver.longhorn.io: Longhorn\n fsType: Filesystem Type\n shareName: Share Name\n secretName: Secret Name\n volumeID: Volume ID\n partition: Partition\n pdName: Persistent Disk Name\n storagePolicyID: Storage Policy ID\n storagePolicyName: Storage Policy Name\n volumePath: Volume Path\n defaultMode: Default Mode\n driver: driver\n hostPath:\n label: The Path on the Node must be\n options:\n default: 'Anything: do not check the target path'\n directoryOrCreate: A directory, or create if it doesn't exist\n directory: An existing directory\n fileOrCreate: A file, or create if it doesn't exist\n file: An existing file\n socket: An existing socket\n charDevice: An existing character device\n blockDevice: An existing block device\n mountPoint: Mount Point\n nodePath: Path on Node\n optional:\n label: Optional\n 'no': 'No'\n 'yes': 'Yes'\n path: Path\n readOnly: Read Only\n server: Server\n\n subPath: Sub Path in Volume\n title: 'Storage'\n volumeName: Volume Name\n volumePath: Volume Path\n typeDescriptions:\n apps.daemonset: DaemonSets run exactly one pod on every eligible node. When new nodes are added to the cluster, DaemonSets automatically deploy to them. Recommended for system-wide or vertically-scalable workloads that never need more than one pod per node.\n apps.deployment: Deployments run a scalable number of replicas of a pod distributed among the eligible nodes. Changes are rolled out incrementally and can be rolled back to the previous revision when needed. Recommended for stateless & horizontally-scalable workloads.\n apps.statefulset: StatefulSets manage stateful applications and provide guarantees about the ordering and uniqueness of the pods created. Recommended for workloads with persistent storage or strict identity, quorum, or upgrade order requirements.\n batch.cronjob: CronJobs create Jobs, which then run Pods, on a repeating schedule. The schedule is expressed in standard Unix cron format, and uses the timezone of the Kubernetes control plane (typically UTC).\n batch.job: Jobs create one or more pods to reliably perform a one-time task by running a pod until it exits successfully. Failed pods are automatically replaced until the specified number of completed runs has been reached. Jobs can also run multiple pods in parallel or function as a batch work queue.\n upgrading:\n activeDeadlineSeconds:\n label: Pod Active Deadline\n tip: The duration the pod may be active before the system will try to mark it failed and kill associated containers.\n concurrencyPolicy:\n label: Concurrency\n options:\n allow: Allow CronJobs to run concurrently\n forbid: Skip next run if current run hasn't finished\n replace: Replace run if current run hasn't finished\n maxSurge:\n label: Max Surge\n tip: The maximum number of pods allowed beyond the desired scale at any given time.\n maxUnavailable:\n label: Max Unavailable\n tip: The maximum number of pods which can be unavailable at any given time.\n minReadySeconds:\n label: Minimum Ready\n tip: The minimum duration a pod should be ready without containers crashing for it to be considered available.\n podManagementPolicy:\n label: Pod Management Policy\n progressDeadlineSeconds:\n label: Progress Deadline\n tip: The minimum duration to wait for a deployment to progress before marking it failed.\n revisionHistoryLimit:\n label: Revision History Limit\n tip: The number of old ReplicaSets to retain for rollback.\n strategies:\n labels:\n delete: \"On Delete: New pods are only created when old pods are manually deleted.\"\n recreate: \"Recreate: Kill ALL pods, then start new pods.\"\n rollingUpdate: \"Rolling Update: Create new pods, until max surge is reached, before deleting old pods. Don't stop more pods than max unavailable.\"\n terminationGracePeriodSeconds:\n label: Termination Grace Period\n tip: The duration the pod needs to terminate successfully.\n title: Upgrading\n\n\n##############################\n# Model Properties\n##############################\nmodel:\n account:\n kind:\n admin: Admin\n agent: Agent\n project: Environment\n registeredAgent: Registered Agent\n service: Service\n user: User\n \"catalog.cattle.io.app\":\n firstDeployed: First Deployed\n lastDeployed: Last Deployed\n authConfig:\n description:\n ldap: LDAP\n saml: SAML\n oauth: OAuth\n oidc: OIDC\n name:\n keycloak: Keycloak (SAML)\n keycloakoidc: Keycloak (OIDC)\n provider:\n system: System\n local: Local\n multiple: Multiple\n activedirectory: ActiveDirectory\n azuread: AzureAD\n github: GitHub\n keycloak: Keycloak\n ldap: LDAP\n openldap: OpenLDAP\n shibboleth: Shibboleth\n ping: Ping Identity\n adfs: ADFS\n okta: Okta\n freeipa: FreeIPA\n googleoauth: Google\n oidc: OIDC\n keycloakoidc: Keycloak\n\n cluster:\n name: Cluster Name\n ingress:\n displayKind: L7 Ingress\n machine:\n role:\n controlPlane: Control Plane\n etcd: etcd\n worker: Worker\n openldapconfig:\n domain:\n help: Only users below this base will be used.\n label: User Search Base\n placeholder: \"e.g. ou=Users,dc=mycompany,dc=com\"\n server:\n label: Hostname or IP Address\n serviceAccountPassword:\n label: Service Account Password\n serviceAccountUsername:\n label: Service Account Username\n projectMember:\n role:\n member: Member\n owner: Owner\n readonly: Read-Only\n restricted: Restricted\n service:\n displayKind:\n generic: Service\n loadBalancer: L4 Balancer\n\ntypeDescription:\n # Map of\n # type: Description to be shown on the top of list view describing the type.\n # Should fit on one line.\n # If you link to anything external, it MUST have\n # target=\"_blank\" rel=\"noopener noreferrer nofollow\"\n cis.cattle.io.clusterscanbenchmark: A benchmark version is the name of benchmark to run using kube-bench as well as the valid configuration parameters for that benchmark.\n cis.cattle.io.clusterscanprofile: A profile is the configuration for the CIS scan, which is the benchmark versions to use and any specific tests to skip in that benchmark.\n cis.cattle.io.clusterscan: A scan is created to trigger a CIS scan on the cluster based on the defined profile. A report is created after the scan is completed.\n cis.cattle.io.clusterscanreport: A report is the result of a CIS scan of the cluster.\n management.cattle.io.feature: Feature Flags allow certain {vendor} features to be toggled on and off. Features that are off by default should be considered experimental functionality.\n resources.cattle.io.backup: A backup is created to perform one-time backups or schedule recurring backups based on a ResourceSet.\n resources.cattle.io.restore: A restore is created to trigger a restore to the cluster based on a backup file.\n resources.cattle.io.resourceset: A resource set defines which CRDs and resources to store in the backup.\n monitoring.coreos.com.servicemonitor: A service monitor defines the group of services and the endpoints that Prometheus will scrape for metrics. This is the most common way to define metrics collection.\n monitoring.coreos.com.podmonitor: A pod monitor defines the group of pods that Prometheus will scrape for metrics. The common way is to use service monitors, but pod monitors allow you to handle any situation where a service monitor wouldn't work.\n monitoring.coreos.com.prometheusrule: A Prometheus Rule resource defines both recording and/or alert rules. A recording rule can pre-compute values and save the results. Alerting rules allow you to define conditions on when to send notifications to AlertManager.\n monitoring.coreos.com.prometheus: A Prometheus server is a Prometheus deployment whose scrape configuration and rules are determined by selected ServiceMonitors, PodMonitors, and PrometheusRules and whose alerts will be sent to all selected Alertmanagers with the custom resource's configuration.\n monitoring.coreos.com.alertmanager: An alert manager is deployment whose configuration will be specified by a secret in the same namespace, which determines which alerts should go to which receiver.\n catalog.cattle.io.clusterrepo: 'A chart repository is a Helm repository or {vendor} git based application catalog. It provides the list of available charts in the cluster.'\n catalog.cattle.io.operation: An operation is the list of recent Helm operations that have been applied to the cluster.\n catalog.cattle.io.app: An installed application is a Helm 3 chart that was installed either via our charts or through the Helm CLI.\n logging.banzaicloud.io.clusterflow: Logs from the cluster will be collected and logged to the selected Cluster Output.\n logging.banzaicloud.io.clusteroutput: A cluster output defines which logging providers that logs can be sent to and is only effective when deployed in the namespace that the logging operator is in.\n logging.banzaicloud.io.flow: A flow defines which logs to collect and filter as well as which output to send the logs. The flow is a namespaced resource, which means logs will only be collected from the namespace that the flow is deployed in.\n logging.banzaicloud.io.output: An output defines which logging providers that logs can be sent to. The output needs to be in the same namespace as the flow that is using it.\n group.principal: Assigning global roles to a group only works with external auth providers that support groups. Local authorization does not support groups.\n\ntypeLabel:\n management.cattle.io.token: |-\n {count, plural,\n one { API Key }\n other { API Keys }\n }\n cis.cattle.io.clusterscan: |-\n {count, plural,\n one { Scan }\n other { Scans }\n }\n cis.cattle.io.clusterscanprofile: |-\n {count, plural,\n one { Profile }\n other { Profiles }\n }\n cis.cattle.io.clusterscanbenchmark: |-\n {count, plural,\n one { Benchmark Version }\n other { Benchmark Versions }\n }\n catalog.cattle.io.operation: |-\n {count, plural,\n one { Recent Operation }\n other { Recent Operations }\n }\n catalog.cattle.io.app: |-\n {count, plural,\n one { Installed App }\n other { Installed Apps }\n }\n catalog.cattle.io.clusterrepo: |-\n {count, plural,\n one { Chart Repository }\n other { Chart Repositories }\n }\n catalog.cattle.io.repo: |-\n {count, plural,\n one { Namespaced Repo }\n other { Namespaced Repos }\n }\n chartInstallAction: |-\n {count, plural,\n one { App }\n other { Apps }\n }\n chartUpgradeAction: |-\n {count, plural,\n one { App }\n other { Apps }\n }\n endpoints: |-\n {count, plural,\n one { Endpoint }\n other { Endpoints }\n }\n fleet.cattle.io.cluster: |-\n {count, plural,\n =1 { Cluster }\n other {Clusters }\n }\n fleet.cattle.io.clustergroup: |-\n {count, plural,\n one { Cluster Group }\n other {Cluster Groups }\n }\n management.cattle.io.clusterroletemplatebinding: |-\n {count, plural,\n one { Cluster Member }\n other { Cluster Members }\n }\n fleet.cattle.io.gitrepo: |-\n {count, plural,\n one { Git Repo }\n other {Git Repos }\n }\n management.cattle.io.authconfig: |-\n {count, plural,\n one { Authentication Provider }\n other { Authentication Providers }\n }\n management.cattle.io.feature: |-\n {count, plural,\n one { Feature Flag }\n other { Feature Flags }\n }\n management.cattle.io.setting: |-\n {count, plural,\n one { Advanced Setting }\n other { Advanced Settings }\n }\n management.cattle.io.fleetworkspace: |-\n {count, plural,\n one { Workspace }\n other { Workspaces }\n }\n # pruh-mee-thee-eyes https://www.prometheus.io/docs/introduction/faq/#what-is-the-plural-of-prometheus\n monitoring.coreos.com.prometheus: |-\n {count, plural,\n one { Prometheus }\n other { Prometheis }\n }\n monitoring.coreos.com.servicemonitor: |-\n {count, plural,\n one { Service Monitor }\n other { Service Monitors }\n }\n monitoring.coreos.com.alertmanager: |-\n {count, plural,\n one { Alert Manager }\n other { Alert Managers }\n }\n monitoring.coreos.com.podmonitor: |-\n {count, plural,\n one { Pod Monitor }\n other { Pod Monitors }\n }\n monitoring.coreos.com.prometheusrule: |-\n {count, plural,\n one { Prometheus Rule }\n other { Prometheus Rules }\n }\n monitoring.coreos.com.thanosruler: |-\n {count, plural,\n one { Thanos Rule }\n other { Thanos Rules }\n }\n monitoring.coreos.com.receiver: |-\n {count, plural,\n one { Receiver }\n other { Receivers }\n }\n monitoring.coreos.com.route: |-\n {count, plural,\n one { Route }\n other { Routes }\n }\n 'management.cattle.io.cluster': |-\n {count, plural,\n one { Mgmt Cluster }\n other { Mgmt Clusters }\n }\n 'cluster.x-k8s.io.cluster': |-\n {count, plural,\n one { CAPI Cluster }\n other { CAPI Clusters }\n }\n 'provisioning.cattle.io.cluster': |-\n {count, plural,\n one { Cluster }\n other { Clusters }\n }\n 'management.cattle.io.user': |-\n {count, plural,\n one { User }\n other { Users }\n }\n namespace: |-\n {count, plural,\n one { Namespace }\n other { Namespaces }\n }\n group.principal: |-\n {count, plural,\n one { Group }\n other { Groups }\n }\n token: |-\n {count, plural,\n one { API Key }\n other { API Keys }\n }\n\naction:\n clone: Clone\n disable: Disable\n download: Download YAML\n edit: Edit Config\n editYaml: Edit YAML\n enable: Enable\n openLogs: View Logs\n refresh: Refresh\n remove: Delete\n view: View Config\n viewInApi: View in API\n viewYaml: View YAML\n activate: Activate\n deactivate: Deactivate\n show: Show\n hide: Hide\n copy: Copy\n unassign: 'Unassign'\n uninstall: Uninstall\n\nunit:\n sec: secs\n min: mins\n hour: |-\n {count, plural,\n one { hour }\n other { hours }\n }\n day: |-\n {count, plural,\n one { day }\n other { days }\n }\nworkloadPorts:\n addPort: Add Port\n remove: Remove\n addHost: Add Host\n\npodAffinity:\n addLabel: Add Pod Selector\n\nkeyValue:\n keyPlaceholder: e.g. foo\n valuePlaceholder: e.g. bar\n\n##############################\n### Advanced Settings\n##############################\n\nadvancedSettings:\n label: Advanced Settings\n subtext: Typical users will not need to change these. Proceed with caution, incorrect values can break your {appName} installation. Settings which have been customized from default settings are tagged 'Modified'.\n show: Show\n hide: Hide\n none: None\n edit:\n label: Edit Setting\n changeSetting: \"Change Setting:\"\n trueOption: \"True\"\n falseOption: \"False\"\n value: Value\n useDefault: Copy the default value\n invalidJSON: Invalid JSON - please check and correct your input before saving\n descriptions:\n 'cacerts': \"CA Certificates needed to verify the server's certificate.\"\n 'cluster-defaults': 'Override RKE Defaults when creating new clusters.'\n 'engine-install-url': 'Default Docker engine installation URL (for most node drivers).'\n 'engine-iso-url': 'Default OS installation URL (for vSphere driver).'\n 'engine-newest-version': 'The newest supported version of Docker at the time of this release. A Docker version that does not satisfy supported docker range but is newer than this will be marked as untested.'\n 'engine-supported-range': 'Semver range for supported Docker engine versions. Versions which do not satisfy this range will be marked unsupported in the UI.'\n 'ingress-ip-domain': 'Wildcard DNS domain to use for automatically generated Ingress hostnames. .. will be added to the domain.'\n 'server-url': 'Default {appName} install url. Must be HTTPS. All nodes in your cluster must be able to reach this.'\n 'system-default-registry': 'Private registry to be used for all system Docker images.'\n 'ui-index': 'HTML index location for the Cluster Manager UI.'\n 'ui-dashboard-index': 'HTML index location for the {appName} UI.'\n 'ui-offline-preferred': 'Controls whether UI assets are served locally by the server container or from the remote URL defined in the ui-index and ui-dashboard-index settings. The `Dynamic` option will use local assets in production builds of {appName}.'\n 'ui-pl': 'Private-Label company name.'\n 'ui-issues': \"Use a url address to send new 'File an Issue' reports instead of sending users to the GitHub issues page.\"\n 'telemetry-opt': 'Telemetry reporting opt-in.'\n 'auth-user-info-max-age-seconds': 'The maximum age of a users auth tokens before an auth provider group membership sync will be performed.'\n 'auth-user-info-resync-cron': 'Default cron schedule for resyncing auth provider group memberships.'\n 'cluster-template-enforcement': 'Non-admins will be restricted to launching clusters via preapproved RKE Templates only.'\n 'auth-user-session-ttl-minutes': 'Custom TTL (in minutes) on a user auth session.'\n 'auth-token-max-ttl-minutes': 'Custom max TTL (in minutes) on an auth token.'\n 'kubeconfig-generate-token': 'Automatically generate kubeconfig tokens for users.'\n 'kubeconfig-token-ttl-minutes': 'Custom max TTL (in minutes) on a kubeconfig token.'\n 'rke-metadata-config': 'Configure RKE metadata refresh parameters.'\n 'ui-banners': 'Classification banner is used to display a custom fixed banner in the header, footer, or both.'\n 'ui-default-landing': 'The default page users land on after login.'\n 'brand': Folder name for an alternative theme defined in '/assets/brand'\n editHelp:\n 'ui-banners': This setting takes a JSON object containing 3 root parameters; banner, showHeader, showFooter. banner is an object containing; textColor, background, and text, where textColor and background are any valid CSS color value.\n enum:\n 'ui-default-landing':\n ember: Cluster Manager\n vue: Cluster Explorer\n 'telemetry-opt':\n prompt: Prompt\n in: Opt-in to Telemetry\n out: Opt-out of Telemetry\n 'ui-offline-preferred':\n dynamic: Dynamic\n true: Local\n false: Remote\n\nfeatureFlags:\n label: Feature Flags\n warning: |-\n Feature flags allow {vendor} to gate certain features behind flags.\n Features that are off by default should be considered experimental functionality.\n Some features require a restart of the {vendor} server to change.\n This will result in a short outage of the API and UI, but not affect running clusters or workloads.\n restartRequired: \"Note: Updating this feature flag requires a restart\"\n restart:\n title: Waiting for Restart\n wait: This may take a few moments\n\nbranding:\n label: Branding\n directoryName: Brand Asset Directory Name\n logos:\n label: Logo\n tip: 'Upload a logo to replace the Rancher logo in the top-level navigation header. Image height should be 21 pixels with a max width of 200 pixels. Max file size is 20KB'\n lightPreview: Light Theme Preview\n darkPreview: Dark Theme Preview\n uploadLight: Upload Light Logo\n uploadDark: Upload Dark Logo\n useCustom: Use a Custom Logo\n options:\n default: Default Rancher Theme\n suse: SUSE Theme\n custom: Define a Custom Theme\n uiPL:\n label: Private Label Company Name\n uiIssues:\n label: Issue Reporting URL\n uiBanner:\n label: Fixed Banners\n text: Text\n textColor: Text Color\n background: Background Color\n showHeader: Show Banner in Header\n showFooter: Show Banner in Footer\n color:\n label: Primary Color\n tip: You can override the primary color used throughout the UI with a custom color of your choice.\n useCustom: Use a Custom Color\n\nresourceQuota:\n configMaps: Config Maps\n limitsCpu: CPU Limit\n limitsMemory: Memory Limit\n persistentVolumeClaims: Persistent Volume Claims\n pods: Pods\n replicationControllers: Replication Controllers\n requestsCpu: CPU Reservation\n requestsMemory: Memory Reservation\n requestsStorage: Storage Reservation\n secrets: Secrets\n services: Services\n servicesLoadBalancers: Services Load Balancers\n servicesNodePorts: Service Node Ports\n projectLimit:\n label: Project Limit\n cpuPlaceholder: e.g. 2000\n memoryPlaceholder: e.g. 2048\n storagePlaceholder: e.g. 50\n unitlessPlaceholder: e.g. 50\n namespaceDefaultLimit:\n label: Namespace Default Limit\n cpuPlaceholder: e.g. 500\n memoryPlaceholder: e.g. 1024\n storagePlaceholder: e.g. 10\n unitlessPlaceholder: e.g. 10\n resourceType:\n label: Resource Type\n\nsnapshots:\n title: Snapshots\n action:\n create: Create Snapshot\n card:\n created: \"Created on ''{date}'' at ''{time}''\"\n action:\n restore: Restore\n remove: Delete\n create:\n title: 'Create a new Snapshot'\n name:\n label: Snapshot Name\n description:\n label: Description\n actions:\n submit: Create\n back: Cancel\n info: 'Rancher Desktop will be temporarily unavailable while creating a new Snapshot'\n empty:\n icon: icon-search\n heading: No snapshots found\n body: Click on Create Snapshot to get started\n dialog:\n restore:\n header: Restore snapshot?\n info: 'Restoring this snapshot will replace your current installation, including preferences. If the Preferences window is open, it will be automatically closed and any unsaved changes will be discarded.'\n actions:\n ok: 'Restore'\n cancel: 'Cancel'\n error:\n header: 'Error restoring snapshot'\n description: \"Failed to restore snapshot ''{snapshot}''.'
'Rancher Desktop has performed a Factory Reset and will now exit. Please try to address the issue that led to this error before restarting Rancher Desktop and attempting to restore the snapshot again.\"\n buttonText: 'Quit Rancher Desktop'\n delete:\n header: Permanently delete snapshot?\n info: 'text'\n actions:\n ok: 'Delete'\n cancel: 'Cancel'\n restoring:\n header: 'Restoring {snapshot}'\n message: \"Please wait while snapshot ''{snapshot}'' is being restored. This may take some time depending on your machine's resources.
Rancher Desktop will be temporarily unavailable during this operation. Once completed, the VM will restart with the {snapshot} snapshot active.\"\n actions:\n cancel: 'Cancel'\n creating:\n header: 'Creating {snapshot}'\n message: \"Please wait while snapshot ''{snapshot}'' is being created.'
'This may take some time depending on your machine's resources.'
'Rancher Desktop will be temporarily unavailable during this operation.'
'Once the snapshot is complete, the VM will restart.\"\n actions:\n cancel: 'Cancel'\n buttons:\n error: Close\n generic:\n header: Snapshot operation in progress\n message: \"Please wait while the snapshot operation is active.
This may take some time depending on your machine's resources.
Rancher Desktop will be temporarily unavailable during this operation.
Once the snapshot process is complete, the VM will restart.\"\n showLogs: Show logs\n info:\n when: \" at {time}\"\n restore:\n success: \"Restored ''{snapshot}''\"\n cancel: 'Cancelled restoration of {snapshot}'\n create:\n success: \"Created ''{snapshot}''\"\n cancel: 'Cancelled creation of {snapshot}'\n delete:\n success: \"Deleted ''{snapshot}''\"\n error: 'Delete error: {error}'\n lock:\n info: \"A snapshot lock file has been detected for an unusually long time. If you believe this is an error, you can try to remove the lock file by running rdctl snapshot unlock.\"\n\n\n##############################\n### Troubleshooting Page\n##############################\ntroubleshooting:\n title: Troubleshooting\n description: Use these tools to help identify and resolve issues.\n kubernetes:\n title: Kubernetes\n resetKubernetes:\n title: Reset Kubernetes\n description: Resetting Kubernetes will delete all workloads and configuration.\n buttonText: Reset Kubernetes\n messageBox:\n title: Rancher Desktop - Reset Kubernetes\n message: Reset Kubernetes?\n checkboxLabel: Delete container images\n ok: Reset\n cancel: Cancel\n resetContainer:\n title: 'Reset Kubernetes & Container Images'\n description: All images will be lost and Kubernetes will be reset.\n buttonText: Reset Container Images\n general:\n title: General\n logs:\n title: Logs\n description: Show Rancher Desktop logs\n buttonText: Show Logs\n factoryReset:\n title: Factory Reset\n description: Factory Reset will remove all Rancher Desktop Configurations.\n buttonText: Factory Reset\n messageBox:\n title: Rancher Desktop - Factory Reset\n message: Perform a factory reset?\n detail: Doing a factory reset will remove your cluster and all Rancher Desktop settings, and shut down Rancher Desktop. If you intend to continue using Rancher Desktop, you will need to manually start it and go through the initial set up again.
Are you sure you want to reset everything?
\n checkboxLabel: Keep cached Kubernetes images\n ok: Factory Reset\n cancel: Cancel\n needHelp: 'Still having problems? Start a discussion in the #rancher-desktop channel on the Rancher Users Slack or Report an Issue.'\n\n##############################\n### Diagnostics Page\n##############################\ndiagnostics:\n results:\n muted:\n icon: icon-search\n heading: No results found\n body: Try showing muted diagnostics.\n success:\n icon: icon-checkmark\n heading: No problems detected\n body: Rancher Desktop appears to be functioning correctly.\n\n\n##############################\n### Extensions Page\n##############################\nextensions:\n icon: icon-extension\n installed:\n list:\n upgrade: Upgrade\n uninstall: Remove\n emptyState:\n icon: icon-extension\n heading: No extensions installed\n body: It looks like you don't have any extensions installed yet. Browse the extensions catalog to get started.\n button:\n text: Browse Extensions\n view:\n emptyState:\n heading: Extension removed\n body: '{extensionId} was removed. Please visit the extensions catalog to reinstall the extension or browse for other extensions to enhance your Rancher Desktop experience.'\n\n##############################\n### Preferences Page\n##############################\npreferences:\n actions:\n banner:\n reset: Kubernetes will reset after applying changes.\n restart: Kubernetes will restart after applying changes.\n error: \"There's a problem with the preferences selection.\"\n locked:\n tooltip: Locked due to organization's policy\n incompatibleTypeWarningPre: 'The option requires'\n incompatibleTypeWarningPostSelected: 'to be selected.'\n incompatibleTypeWarningPostDisabled: 'to be unselected.'\n incompatiblePrefWarningOr: 'or'\n##############################\n### Integrations Page\n##############################\nintegrations:\n windows:\n title: WSL Integrations\n description: \"Expose Rancher Desktop's Kubernetes configuration and Docker socket to Windows Subsystem for Linux (WSL) distros\"\n\n##############################\n### Support Page\n##############################\n\nsupport:\n community:\n title: SUSE Rancher provides world-class support\n linksTitle: Community Support\n learnMore: Find out more about SUSE Rancher Support\n pricing: Contact us for pricing\n subscription:\n haveSupport: Already have support?\n addSubscription: Add a Subscription ID\n removeSubscription: Remove your Subscription ID\n addTitle: Add your SUSE Subscription ID\n addLabel: \"Please enter a valid Subscription ID:\"\n removeTitle: Remove your ID?\n removeBody: \"Note: This will not affect your subscription.\"\n suse:\n title: \"Great News - You're covered\"\n editBrand: Customize UI Theme\n access:\n title: Get Support\n text: Login to SUSE Customer Center to access support for your subscription\n action: SUSE Customer Center\n promos:\n one:\n title: 24x7 Support\n text: We provide tightly defined SLAs, and offer round the clock support options.\n two:\n title: Issue Resolution\n text: Run SUSE Rancher products with confidence, knowing that the developers who built them are available to quickly resolve issues.\n three:\n title: Troubleshooting\n text: We focus on uncovering the root cause of any issue, whether it is related to Rancher Labs products, Kubernetes, Docker or your underlying infrastructure.\n four:\n title: Innovate with Freedom\n text: Take advantage of our certified compatibility with a wide range of Kubernetes providers, operating systems, and open source software.\n\nembedding:\n retry: Retry\n unavailable: Cluster Manager UI is not available\n\nv1ClusterTools:\n monitoring:\n label: Monitoring (Legacy)\n description: 'Legacy V1 monitoring. V1 Monitoring is deprecated since Rancher 2.5.0. Learn more about migrating to V2 Monitoring.'\n logging:\n label: Logging (Legacy)\n description: 'Legacy V1 logging. V1 Logging is deprecated since Rancher 2.5.0. Learn more about migrating to V2 Logging.'\n\nlegacy:\n alerts: Alerts\n apps: Apps\n catalogs: Catalogs\n globalDnsEntries: Global DNS Entries\n globalDnsProviders: Global DNS Providers\n logging: Logging\n notifiers: Notifiers\n monitoring: Monitoring\n psps: Pod Security Policies\n project:\n label: Project\n select: \"Use the Project/Namespace filter at the top of the page to select a Project in order to see legacy Project features.\"\n\nharvester:\n tableHeaders:\n actions: Actions\n"
},
{
"path": "pkg/rancher-desktop/assets/translations/zh-hans.yaml",
"content": "##############################\n# Special stuff\n##############################\ngeneric:\n add: 添加\n back: 返回\n cancel: 取消\n close: 关闭\n comingSoon: 即将推出\n copy: 复制\n create: 创建\n created: 创建时间\n customize: 定制\n default: 默认\n disabled: 禁用\n done: 完成\n enabled: 启用\n ignored: 忽略\n invalidCron: 无效的 cron 调度\n labelsAndAnnotations: 标签和注释\n loading: 正在加载中...\n members: 成员\n #na: n/a\n name: 名称\n never: 从不\n none: 无\n #number: '{prefix}{value, number}{suffix}'\n overview: 概述\n readFromFile: 从文件读取\n register: 注册\n remove: 移除\n\n resource: |-\n {count, plural,\n one {资源}\n other {资源}\n }\n resourceCount: |-\n {count, plural,\n one {1 resource}\n other {# resources}\n }\n save: 保存\n type: 类型\n unknown: 未知\n key: 键\n value: 值\n yes: 是\n no: 否\n units:\n time:\n 5s: 5秒\n 10s: 10秒\n 30s: 30秒\n 1m: 1分钟\n 5m: 5分钟\n 15m: 15分钟\n 30m: 30分钟\n 1h: 1小时\n 2h: 2小时\n 6h: 6小时\n 1d: 1小时\n 7d: 7天\n 30d: 30天\n\n#locale:\n #en-us: English\n #zh-hans: 简体中文\n #none: (None)\n\nnav:\n title: 仪表盘\n #backToRancher: Cluster Manager\n clusterTools: 集群工具\n shell: 命令行\n import: 导入 YAML 文件\n home: 返回首页\n support: 帮助\n group:\n cluster: 集群\n inUse: 更多资源\n rbac: RBAC\n serviceDiscovery: 服务发现\n starred: 已收藏\n storage: 存储\n workload: 工作负载\n monitoring: 监控\n ns:\n all: 全部命名空间\n clusterLevel: 集群资源\n #namespace: \"{name}\"\n namespaced: 命名空间资源\n orphan: 不在项目中\n project: \"项目名称: {name}\"\n system: 系统命名空间\n user: 用户命名空间\n apps: 应用商店\n categories:\n explore: 浏览集群\n multiCluster: 全局应用\n configuration: 配置\n search:\n placeholder: 输入关键词,搜索集群\n noResults: 没有与关键词匹配的集群\n resourceSearch:\n label: 资源搜索\n placeholder: 输入关键词,搜索资源\n\nproduct:\n clusterGroup: 集群应用\n globalGroup: 全局应用\n apps: 应用市场\n auth: 用户及认证方式\n backup: 备份\n cis: CIS 基线测试\n ecm: 集群管理员\n explorer: 集群浏览器\n fleet: Fleet\n #longhorn: Longhorn\n manager: 管理集群\n #gatekeeper: OPA Gatekeeper\n #istio: Istio\n logging: 日志\n #rio: Rio\n settings: 全局设置\n monitoring: 监控\n\nsuffix:\n #percent: \"%\"\n #cpus: CPUs\n #ib: iB\n revisions: |-\n {count, plural,\n =1 { 版本 }\n other { 版本 }\n }\n seconds: |-\n {count, plural,\n =1 { 秒 }\n other { 秒 }\n }\n sec: Sec\n times: |-\n {count, plural,\n =1 { 次 }\n other { 次 }\n }\n##############################\n# Components & Pages\n##############################\naccountAndKeys:\n title: 账户和API密钥\n account:\n title: 账户\n change: 修改密码\n apiKeys:\n title: API密钥\n notAllowed: 对不起,您没有权限编辑API密钥\n add:\n description:\n label: 描述\n placeholder: 可选择输入一个描述,以帮助您识别该API密钥。\n label: 创建API密钥\n expiry:\n label: 自动过期\n options:\n never: 从不过期\n day: 一天后过期\n month: 一个月后过期\n year: 一年后过期\n custom: 自定义过期之间\n maximum: \"{value} - 最大有效期\"\n customExpiry:\n options:\n minute: 分钟\n hour: 小时\n day: 日\n month: 月\n year: 年\n scope: 适用范围\n noScope: 没有适用范围\n info:\n #accessKey: Access Key\n #secretKey: Secret Key\n #bearerToken: Bearer Token\n saveWarning: 请在云端或本地妥善保存以上的信息! 如果丢失这些信息,你需要创建一个新的API密钥。\n keyCreated: 已创建一个新的API密钥。\n bearerTokenTip: \"Access Key 和 Secret Key 可以作为 HTTP Basic auth 的用户名和密码发送,以授权请求。您也可以将它们组合起来作为一个Bearer token使用。\"\n ttlLimitedWarning: 由于系统配置的原因,该API密钥的到期时间缩短了。\n\nauthConfig:\n accessMode:\n label: '配置够登录和使用{vendor}的人员名单'\n required: '只有授权用户和用户组能够访问。'\n restricted: '允许集群和项目的成员,以及授权用户和用户组访问'\n unrestricted: '允许所有用户访问'\n allowedPrincipalIds:\n title: 授权用户和用户组\n associatedWarning: '注意:您认证为的{provider} 用户将作为您当前登录的 {vendor} 用户的替代登录方式({username})。'\n github:\n clientId:\n label: 账户名\n clientSecret:\n label: 密码\n form:\n app:\n label: 应用名称\n value: '输入一个应用名称,例如:我的{vendor}'\n calllback:\n label: 授权回调URL\n description:\n label: 应用描述\n value: '选填项,可留空'\n homepage:\n label: 主页URL地址\n instruction: '请在表格中输入以下值:'\n prefix: |-\n 点击这里,在新窗口中进入GitHub应用设置。\n 点击 \"OAuth App \"标签。\n 点击 \"新建OAuth应用 \"按钮。\n suffix: |-\n 点击 \"注册应用\"\n 复制并粘贴新创建的OAuth应用程序的客户ID和客户秘密到下面的字段中。\n host:\n label: GitHub企业版\n placeholder: 例如:github.mycompany.example\n target:\n label: 您想使用哪种GitHub呢?\n private: GitHub企业版的私人安装\n public: 公开的GitHub.com\n table:\n #server: Server\n #clientId: Client ID\n googleoauth:\n adminEmail: 电子邮件地址\n domain: 域名\n oauthCredentials:\n label: OAuth 认证信息\n tip: 包含OAuth Credentials的JSON文件可以在Google API开发者控制台中找到。\n serviceAccountCredentials:\n label: Service Account 认证信息\n tip: 包含Service Account 认证信息的JSON文件可以在Google API开发者控制台中找到。\n steps:\n 1:\n title: '第一步:对于标准的Google,点击这里在新窗口中进入应用程序设置。'\n body:\n 1: 登录到您的账户,然后导航到 \"APIs & Services\",然后选择 \"OAuth consent screen\"。\n 2: 'Authorized domains:'\n 3: 'Application homepage link: '\n 4: '在Google APIs的作用域下,启用 \"email\"、\"profile \"和 \"openid\"。'\n 5: '单击保存,保存以上修改'\n topPrivateDomain: '顶级域'\n 2:\n title: '第二步:导航到 \"Credentials\"标签,创建你的OAuth客户端ID。'\n body:\n 1: '选择 \"Create Credentials\"下拉菜单,选择 \"OAuth clientID\",然后选择 \"Web application\"。'\n 2: 'Authorized JavaScript origins:'\n 3: 'Authorized redirect URIs:'\n 4: '点击 \"Create\",然后点击 \"Download JSON\"按钮。'\n 5: '在OAuth凭证框中上传下载的JSON文件。'\n 3:\n title: '第三步:创建服务账户凭证'\n introduction: '按照这里指南。'\n body:\n 1: 创建一个 service account。\n 2: 为这个service account生成密钥。\n 3: 在你的google域名中添加service account作为OAuth客户端。\n ldap:\n freeipa: 配置 FreeIPA server\n activedirectory: 配置 Active Directory 账户\n openldap: 配置 OpenLDAP server\n defaultLoginDomain:\n label: 默认登录页面的域名\n placeholder: 例如:mycompany\n hint: 如果用户在没有指定域的情况下登录,将使用该域。\n cert: 证书\n disabledStatusBitmask: 禁用状态 比特掩码\n groupDNAttribute: 用户组域名属性\n groupMemberMappingAttribute: 用户组成员映射属性\n groupMemberUserAttribute: 用户组成员属性\n groupSearchBase:\n label: 用户组内搜索\n #placeholder: 'ou=groups,dc=mycompany,dc=com'\n hostname: 主机名/IP\n loginAttribute: 登录属性\n nameAttribute: 名称属性\n nestedGroupMembership:\n label: 属于多个用户组的用户\n options:\n direct: 搜索只属于单个用户组的用户\n nested: 搜索只属于单个用户组的用户和属于多个用户组的用户\n objectClass: 对象类\n password: 密码\n port: 端口\n customizeSchema: 自定义模式\n users: 用户\n groups: 组\n searchAttribute: 搜索属性\n searchFilter: 搜索过滤条件\n serverConnectionTimeout: 服务器连接超时\n serviceAccountDN: 服务账户的独特名称\n serviceAccountPassword: Service Account 密码\n serviceAccountInfo: Rancher需要一个对所有能够登录的域都有只读访问权的服务账户,这样我们就可以在用户使用API密钥进行请求时,确定用户是什么组的成员。\n starttls:\n label: Start TLS\n tip: 通过在连接过程中使用 TLS 封装来升级非加密连接。不能与TLS结合使用。\n tls: TLS\n userEnabledAttribute: 用户启用属性\n userMemberAttribute: 用户组员属性\n userSearchBase:\n label: 搜索用户\n placeholder: '例如:ou=users,dc=mycompany,dc=com'\n username: 用户名\n usernameAttribute: 用户名属性\n table:\n server: Server\n clientId: Client ID\n saml:\n entityID: Entity ID字段\n UID: UID字段\n adfs: 配置AD FS 账户\n api: Rancher API Host\n cert:\n label: 证书\n placeholder: 粘贴证书,以-----BEGIN CERTIFICATE----- 开始。\n displayName: 显示名称字段\n groups: 用户组字段\n key:\n label: 私钥\n placeholder: 粘贴私钥,一般以-----RSA PRIVATE KEY----- 开始。\n keycloak: 配置Keycloak账户\n metadata:\n label: Metadata XML\n placeholder: 粘贴IDP Metadata XML\n okta: 配置Okta账户\n ping: 配置Ping账户\n shibboleth: 配置shibboleth账户\n showLdap: 配置OpenLDAP服务器\n userName: 用户名字段\n azuread:\n tenantId: 租户ID\n applicationId: 应用ID\n endpoint: 端点\n #graphEndpoint: Graph Endpoint\n #tokenEndpoint: Token Endpoint\n #authEndpoint: Auth Endpoint\n stateBanner:\n disabled: '已禁用{provider} 。'\n enabled: '已启用{provider} 。'\n testAndEnable: 测试和启用认证\n\nauthGroups:\n actions:\n refresh: 刷新用户组成员名单\n assignRoles: 为当前用户组成员分配全局角色\n assignEdit:\n assignTitle: 为当前用户组分配全局角色\n\nassignTo:\n title: |-\n {count, plural,\n =1 { 分配集群到… }\n other { 分配 {count} 集群到… }\n }\n labelsTitle: |-\n {count, plural,\n =1 { 分配集群到… }\n other { 分配 {count}集群到… }\n }\n workspace: 工作空间\n\nasyncButton:\n apply:\n action: '应用'\n success: '已应用'\n waiting: '正在应用…'\n continue:\n action: '继续'\n success: '已保存'\n waiting: '正在保存…'\n copy:\n action: 单击复制\n success: 已复制\n create:\n action: '创建'\n success: '已创建'\n waiting: '正在创建…'\n default:\n action: 正在执行\n error: 错误\n success: 成功\n waiting: 等待中\n delete:\n action: '删除'\n success: '已删除'\n waiting: '正在删除…'\n disable:\n action: '禁用'\n success: '已禁用'\n waiting: '正在禁用…'\n activate:\n action: 激活\n waiting: 正在激活…\n success: 已激活\n deactivate:\n action: 停用\n waiting: 正在停用…\n success: 已停用\n done:\n action: '完成'\n waiting: '正在保存…'\n success: '已保存'\n download:\n action: '下载'\n waiting: '正在下载…'\n success: '下载完成'\n edit:\n action: 保存\n success: 已保存\n waiting: 正在保存…\n enable:\n action: '启用'\n waiting: '正在启用…'\n success: '已启用'\n finish:\n action: '完成'\n waiting: '正在处理中…'\n success: '已完成'\n import:\n action: 导入\n success: 已导入\n waiting: 正在导入…\n install:\n action: '安装'\n waiting: '开始安装…'\n success: '安装完成'\n refresh:\n action: ''\n actionIcon: '刷新'\n waiting: ''\n waitingIcon: '刷新中'\n success: ''\n successIcon: '成功'\n error: ''\n errorIcon: '出错啦'\n remove:\n action: 移除\n success: 已移除\n waiting: 正在移除…\n upgrade:\n action: 升级\n success: 完成升级\n waiting: 已开始升级…\n\nbackupRestoreOperator:\n backupFilename: 备份文件名称\n deleteTimeout:\n label: 删除超时\n tip: 在删除定标器强制删除之前,等待资源删除成功的秒数。\n deployment:\n rancherNamespace: Rancher 资源集命名空间\n size: 大小\n storage:\n label: 默认存储位置\n options:\n defaultStorageClass: '使用({name})作为默认存储类'\n none: 不使用默认存储类\n pickPV: 使用已有的持久卷\n pickSC: 使用已有的存储类\n s3: 使用Amazon S3对象存储服务\n persistentVolume:\n label: 持久存储卷\n storageClass:\n label: 存储类\n tip: '配置一个默认保存所有备份的存储位置。您可以选择对每个备份进行覆盖,但仅限于使用与 S3 兼容的对象存储。'\n warning: '此 {type} 没有将其回收策略设置为 \"保留\"。 如果卷被更改或未绑定,您的备份可能会丢失。'\n encryption: '这个{type}没有将其回收策略设置为 \"保留\"。 如果该卷被改变或变得不受约束,你的备份可能会丢失。'\n encryptionConfigName:\n backuptip: 'cattle-resource-system命名空间中具有encryption-provider-config.yaml密钥的任何秘密。
此文件的内容是从此备份中执行还原所必需的,Rancher Backup 不会存储这些内容。'\n label: 加密配置密钥\n options:\n none: 存储未加密的备份内容。\n secret: '使用 加密配置秘密(推荐)对备份进行加密。'\n restoretip: '如果备份是在启用加密的情况下进行的,则应在还原过程中使用包含相同加密提供者配置的秘密。'\n warning: '该文件的内容是从该备份中执行还原所必需的,Rancher 备份不会存储。'\n lastBackup: 上一次备份\n nextBackup: 下一次备份\n noResourceSet: 您必须在此命名空间中定义一个资源集来创建备份CR。\n prune:\n label: 修剪\n tip: 删除备份中不存在的 Rancher 管理的资源。(推荐使用)\n resourceSetName: 资源集\n restoreFrom:\n existing: 使用已有的备份配置恢复\n default: 使用默认的存储目标恢复\n s3: 使用一个 S3 兼容的对象存储恢复\n retentionCount:\n label: 备份保留数量\n units: |-\n {count, plural,\n =1 { 文件 }\n other { 文件 }\n }\n s3:\n bucketName: 桶名称\n credentialSecretName: 密钥凭证\n endpoint: 端点\n endpointCA: 端点 CA\n folder: 文件夹\n insecureTLSSkipVerify: 跳过TLS认证\n region: 区域\n storageLocation: 存储位置\n titles:\n backupLocation: 备份来源\n location: 存储位置\n s3: S3\n schedule:\n label: 定时备份策略\n options:\n disabled: 单次备份\n enabled: 重复备份\n placeholder: 例如:@midnight or 0 0 * * *\n storageSource:\n configureS3: 使用兼容 S3 的对象存储作为存储位置\n useBackup: 使用备份 CR 上指定的 S3 位置\n useDefault: 使用安装时配置的默认存储位置\n targetBackup: 目标备份\n\n\n\ncatalog:\n app:\n managed: 管理\n section:\n notes: 发布说明\n readme: Chart 自述\n resources: 资源\n values: YAML\n charts:\n all: 所有\n categories:\n all: 所有类别\n #certified:\n #other: Other\n #partner: Partner\n #rancher: Rancher\n header: Chart Apps\n noCharts: '没有可用的 chart,你有添加 chart 仓库吗?'\n noWindows: 您的应用商店没有包含能部署在 Windows 集群上的 chart。\n search: 过滤\n install:\n action:\n goToUpgrade: 编辑/升级\n ignoreWarning: 忽略警告,继续升级\n appReadmeGeneric: 此 chart 没有针对 rancher 的自述文件。查看 Helm 自述文件,了解更多可用配置选项及其用法。\n chart: Chart\n error:\n requiresFound: '必须先安装${name},才能安装这个Chart。'\n requiresMissing: '这个Chart需要另一个提供{name}的Chart,但没有找到。'\n insufficientCpu: 'T这个Chart需要{need, number}个CPU核,但集群只有{have, number}个可用。'\n insufficientMemory: '这个Chart需要{need}的内存,但集群只有{have}可用。'\n header:\n install: '安装 {name}'\n installGeneric: 安装 Chart\n upgrade: '升级 {name}'\n helm:\n #atomic: Atomic\n cleanupOnFail: 失败时的清理\n crds: 应用自定义资源定义\n dryRun: 空运行\n force: 强制\n historyMax:\n label: 保留最后一个\n unit: |-\n {value, plural,\n =1 { 版本 }\n other { 版本 }\n }\n hooks: 执行 chart 钩子\n openapi: 验证 OpenAPI 模式\n resetValues: 重置值\n timeout:\n label: 超时\n unit: |-\n {value, plural,\n =1 { 秒 }\n other { 秒 }\n }\n wait: 等待\n namespaceIsInProject: \"这个Chart的目标命名空间{namespace},已经存在,不能添加到不同的项目中。\"\n project: 安装到项目\n section:\n appReadme: 自述\n chartOptions: Chart 配置选项\n helm: Helm 部署选项\n readme: Helm 自述\n #valuesYaml: Values YAML\n version: 版本\n versions:\n current: '{ver} (current)'\n linux: '{ver} (Linux-only)'\n windows: '{ver} (Windows-only)'\n operation:\n tableHeaders:\n #action: Action\n releaseName: 版本名称\n releaseNamespace: 版本命名空间\n repo:\n action:\n refresh: 刷新\n #all: All\n gitBranch:\n label: Git 分支\n placeholder: 例如:master\n gitRepo:\n label: Git Repo URL\n placeholder: '例如:https://github.com/your-company/charts.git'\n name:\n rancher-charts: Rancher\n rancher-partner-charts: Partners\n target:\n git: 包含定义了 Helm chart 的 Git 仓库。\n http: 指向 Helm 生成的索引 http(s) URL\n label: 目标类型\n url:\n label: Index URL\n placeholder: '例如:https://charts.rancher.io'\n tools:\n header: 集群工具\n action:\n install: 安装\n upgrade: 升级\n edit: 编辑\n remove: 移除\n\nchangePassword:\n title: 修改密码\n cancel: 取消\n deleteKeys:\n label: 删除所有的API密钥\n changeOnLogin:\n label: 首次登陆账户时,要求用户立即修改密码。\n generatePassword:\n label: 为用户生成随机密码\n currentPassword:\n label: 当前在使用的密码\n userGen:\n newPassword:\n label: 新密码\n confirmPassword:\n label: 确认新密码\n randomGen:\n generated:\n label: 为用户生成随机密码\n newGeneratedPassword: 推荐密码\n errors:\n missmatchedPassword: 前后两次输入的密码不匹配\n failedToChange: 无法修改密码\n failedDeleteKey: 无法删除单个API密钥\n failedDeleteKeys: 无法删除多个API密钥\n\nchartHeading:\n overview: 概述\n #poweredBy: \"Powered by:\"\n\ncis:\n addTest: 添加测试 ID\n alertNeeded: Alerting must be enabled within the CIS chart questions.yaml. This requires that Rancher's Monitoring and Alerting app is installed and the Receivers and Routes are configured to send out alerts.\n alertOnComplete: 扫描完成告警\n alertOnFailure: 扫描失败告警\n benchmarkVersion: Benchmark 版本\n clusterProvider: 提供集群的厂商\n cronSchedule:\n label: 定时调度\n placeholder: \"例如:0 * * * *\"\n customConfigMap: 自定义 Benchmark 配置映射\n deleteBenchmarkWarning: |-\n {count, plural,\n =1 { 任何使用该基准版本的配置文件将不再工作。 }\n other { 任何使用这些基准版本的配置文件将不再工作。 }\n }\n deleteProfileWarning: |-\n {count, plural,\n =1 { 任何使用此配置文件的定时扫描将会失效。 }\n other { 任何使用这些配置文件的定时扫描将会失效。 }\n }\n downloadAllReports: 下载所有保存的报告\n downloadLatestReport: 下载最新报告\n downloadReport: 下载报告\n maxKubernetesVersion: 允许的最大 Kubernetes 版本\n minKubernetesVersion: 允许的最小 Kubernetes 版本\n noProfiles: 此集群类型没有有效的 ClusterScanProfiles 可供选择。\n noReportFound: 未找到扫描报告\n profile: 配置文件\n retention: 保留数\n reports: 报告\n scan:\n description: 描述\n fail: 失败\n lastScanTime: 最后扫描时间\n notApplicable: 'N/A'\n number: 序号\n pass: 通过\n remediation: 补救\n scanDate: 扫描日期\n scanReport: 扫描报告\n skip: 跳过\n total: 总共\n warn: 警告\n scheduling:\n enable: 定时运行扫描\n disable: 运行单次扫描\n scoreWarning:\n label: 扫描结果为 \"warn\" 状态\n protip: 没有失败的扫描将被默认标记为 “通过”,即使一些测试生成 “warn” 输出。此行为可以通过从本节中选择 “fail” 选项来更改。\n testID: Test ID\n testsToSkip: 跳过测试\n testsSkipped: 已跳过的测试\n\ncluster:\n provider:\n #aliyun: Alibaba ACK\n #aliyunecs: Aliyun ECS\n aws: Amazon AWS\n #amazonec2: Amazon EC2\n #amazoneks: Amazon EKS\n #azure: Azure\n #azureaks: Azure AKS\n #baidu: Baidu CCE\n #cloudca: Cloud.ca\n custom: 自定义\n #digitalocean: DigitalOcean\n #docker: Docker\n #exoscale: Exoscale\n #googlegke: Google GKE\n #huaweicce: Huawei CCE\n import: 导入已有集群\n #k3s: K3s\n #kubeAdmin: KubeADM\n #linode: Linode\n local: Local\n #minikube: Minikube\n #oci: Oracle Cloud Infrastructure\n #openstack: OpenStack\n #oracleoke: Oracle OKE\n #otc: Open Telekom Cloud\n other: 其他\n #packet: Packet\n pinganyunecs: 平安云 ECS\n #rackspace: RackSpace\n #rancherkubernetesengine: RKE\n #rke2: RKE Government\n #rke: RKE\n #rkeWindows: Windows\n #softlayer: SoftLayer\n #tencenttke: Tencent TKE\n #upcloud: UpCloud\n #vmwarevsphere: vSphere\n #zstack: ZStack\n providerGroup:\n create-template: 使用模板创建集群\n create-kontainer: 在托管的 Kubernetes 提供商中创建集群\n create-machine: 在新建的节点上使用 RKE 创建集群\n create-custom: 在现有的节点上使用 RKE 创建集群\n register-kontainer: 在托管的 Kubernetes 提供商中注册一个现有的集群\n register-custom: 导入 Kubernetes 集群\n credential:\n label: 云凭证\n name:\n label: 凭证名称\n placeholder: 请为这个凭证输入一个名称\n aws:\n accessKey:\n label: Access Key\n placeholder: 请输入您的 AWS Access Key\n secretKey:\n label: SecretKey\n placeholder: 请输入您的 AWS Secret Key\n defaultRegion:\n label: 默认区域\n help: 创建群组时默认使用的区域。 也用于验证此凭证是否有效。\n digitalocean:\n accessToken:\n #label: Access Token\n placeholder: 请输入您的 DigitalOcean API Access Token\n help: 从 DigitalOcean Applications & API中复制和粘贴个人访问令牌。\n name:\n label: 集群名称\n placeholder: 请输入集群名称,该名称不能与其他集群名称相同\n description:\n label: 集群描述\n placeholder: (选填项)请输入关于该集群的描述\n import: 导入已有集群\n kubernetesVersion:\n label: Kubernetes 版本\n machinePool:\n nodeTotals:\n label:\n etcd: \"{count} 个etcd节点\"\n controlPlane: \"{count} 个Control Plane节点\"\n worker: \"{count} 个Worker节点\"\n tooltip:\n etcd: |-\n {count, plural,\n =0 { 一个集群至少需要一个etcd节点才能使用,请重新选择节点数量。 }\n =1 { 只有1个etcd节点的集群是不具备容错能力的。 }\n =2 { 集群的节点数应该是奇数。 具有2个etcd节点的集群是不具备容错能力的。 }\n =3 {}\n =4 { 集群内的节点数量应该为任意大于1的奇数,请重新选择节点数量。 }\n =5 {}\n =6 { 集群内的节点数量应该为任意大于1的奇数,请重新选择节点数量。 }\n =7 {}\n other { 我们不建议您在集群内创建多于7个节点。 }\n }\n controlPlane: |-\n {count, plural,\n =0 { 每个集群至少需要一个control plane节点才可以使用。 }\n =1 { 只有一个control plane节点的集群是不具备容错能力的。 }\n other {}\n }\n worker: |-\n {count, plural,\n =0 { 每个集群至少需要一个worker节点才可以使用 }\n =1 { 只有一个worker节点的集群是不具备容错能力的。 }\n other {}\n }\n name:\n label: 节点池名称\n placeholder: 默认情况下会随机生成一个节点池名称\n #machineConfig:\n #aws:\n #sizeLabel: |-\n #{apiName}: {cpu}, {memory, number} GiB Memory, {storageSize, plural,\n #=0 {EBS-Only}\n #other {{storageSize, number} GiB {storageType}}\n #}\n #digitalocean:\n #sizeLabel: |-\n #{plan, select,\n #s {Basic: }\n #g {General: }\n #gd {General: }\n #c {CPU: }\n #m {Memory: }\n #so {Storage: }\n #standard {Standard: }\n #other {}\n #}{memoryGb} GB, {vcpus, plural,\n #=1 {#vCPU}\n #other {#vCPUs}\n #}, {disk} GB Disk ({value})\n\nclusterIndexPage:\n hardwareResourceGauge:\n consumption: \"{suffix} {total} {units} 中的 {useful}\"\n coresReserved: CPU 预留\n coresUsed: CPU 使用\n podsUsed: Pods 预留\n ramReserved: Memory 预留\n ramUsed: Memory 使用\n header: 集群仪表盘\n resourceGauge:\n totalResources: 资源总额\n sections:\n events:\n label: 事件\n resource:\n label: 事件详情\n date:\n label: 更新时间\n clusterMetrics:\n label: 集群指标\n etcdMetrics:\n label: Etcd 指标\n k8sMetrics:\n label: Kubernetes 组件指标\n gatekeeper:\n buttonText: 配置 OPA Gatekeeper\n disabled: 未配置 OPA Gatekeeper\n label: 违反 OPA Gatekeeper 的限制规定\n noRows: 所有的 OPA Gatekeeper 限制都符合规定\n nodes:\n label: 节点不健康\n noRows: 所有节点都处于健康状态\n\nconfigmap:\n tabs:\n data:\n label: 数据\n protip: 请在此处输入 UTF-8 文本数据\n binaryData:\n label: 二进制数据\n\ncontainers:\n sortableTables:\n noRows: 没有要显示的容器\n\n\nimages:\n title: Images\n sortableTables:\n noRows: 没有要显示的镜像\n\nportForwarding:\n sortableTables:\n noRows: 没有可显示的端口转发规则\n\n\ncontainerResourceLimit:\n cpuPlaceholder: 例如:1000\n helpText: 请配置容器可以使用的默认资源配额\n helpTextDetail: 容器可以使用的的默认资源配额\n label: 容器默认资源限制\n limitsCpu: CPU 限制\n limitsMemory: 内存限制\n memPlaceholder: 例如:128\n requestsCpu: CPU 预留\n requestsMemory: 内存预留\n\ncruResource:\n backToForm: 返回表单编辑\n backBody: 返回表单编辑不会保留对 YAML 做出的所有更改\n cancelBody: 返回表单编辑不会保留对 YAML 做出的所有更改\n confirmBack: \"确认\"\n confirmCancel: \"确认\"\n reviewForm: \"继续编辑 YAML\"\n reviewYaml: \"继续编辑 YAML\"\n previewYaml: 以 YAML 文件编辑\n\ndetailText:\n collapse: 隐藏\n binary: '<二进制数据:{n, number} bytes>'\n empty: ''\n plusMore: |-\n {n, plural,\n =1 {+ 1 more char}\n other {+ {n, number} 更多 Chars}\n }\n\netcdInfoBanner:\n hasLeader: \"Etcd有一个领导者\"\n leaderChanges: \"领导者变化的次数\"\n failedProposals: \"失败的proposal数量\"\n\nfleet:\n cluster:\n summary: 资源概要\n nonReady: 非就绪包\n fleetSummary:\n state:\n success: '就绪'\n #info: 'Transitioning'\n warning: '警告'\n error: '错误'\n unknown: '未知'\n gitRepo:\n tabs:\n resources: 资源\n unready: 未就绪\n auth:\n label: 认证\n caBundle:\n label: 证书\n placeholder: \"粘贴一个或多个证书,以“-----BEGIN CERTIFICATE----” 作为开头。\"\n paths:\n label: 路径\n placeholder: 例如:/directory/in/your/repo\n addLabel: 添加路径\n empty: 默认使用的是 repo 的根目录。 要使用一个或多个不同的目录,请在这里添加。\n repo:\n label: 代码库 URL 地址\n placeholder: '例如:https://github.com/rancher/fleet-examples.git'\n ref:\n label: Watch\n branch: 分支\n revision: 修改\n branchLabel: 分支名称\n branchPlaceholder: 例如:master\n revisionLabel: 标签或 Commit Hash\n revisionPlaceholder: 例如:v1.0.0\n serviceAccount:\n label: Service Account 名称\n placeholder: \"(选填项)在目标集群中使用Service Account\"\n targetNamespace:\n label: 目标命名空间\n placeholder: \"(选填项)要求所有资源都在此命名空间内\"\n target:\n selectLabel: 目标类型\n advanced: 高级选项\n cluster: 集群\n clusterGroup: 集群组\n label: 部署到\n labelLocal: 部署方式\n targetDisplay:\n advanced: 高级选项\n cluster: \"集群\"\n clusterGroup: \"组\"\n all: 全部\n none: None\n local: 本地\n tls:\n label: TLS证书校验\n verify: 需要提供有效的证书\n specify: 指定接受的附加证书\n skip: 接受任何证书(不安全)\n workspace:\n label: 工作空间\n clusterGroup:\n selector:\n label: 集群选择器\n matchesAll: 匹配到 {total, number} 个集群\n matchesNone: 与现有的集群都不匹配\n matchesSome: |-\n {matched, plural,\n =1 {与现有 {total, number} 个集群中的 1 个集群 \"{sample}\" 匹配}\n other {现有 {total, number} 个集群,与其中的 {matched, number} 匹配,包括 \"{sample}\"}\n }\nfooter:\n docs: Rancher 官方文档\n download: 下载 CLI\n forums: 论坛\n issue: 提交 GitHub Issue\n slack: Slack 讨论群\n\ngatekeeperConstraint:\n match:\n title: 匹配\n tab:\n enforcementAction:\n title: 执行动作\n rules:\n title: 规则\n sub:\n labelSelector:\n addLabel: 添加\n title: 标签选择器\n namespaces:\n sub:\n excludedNamespaces: 排除命名空间\n namespaces: 命名空间\n namespaceSelector:\n addNamespace: 添加命名空间\n title: 命名空间选择器\n scope:\n title: 范围\n title: 命名空间\n parameters:\n addParameter: 添加参数\n editAsForm: 作为表格编辑\n editAsYaml: 作为 YAML 编辑\n title: 参数\n template: 模板\n violations:\n title: 违反规定\n\ngatekeeperIndex:\n #poweredBy: OPA Gatekeeper\n unavailable: OPA Gatekeeper 不在 system-charts 应用商店中\n violations: 违反规定\n\nglance:\n created: 创建时间\n cpu: CPU 使用量\n memory: 内存\n nodes:\n total:\n label: |-\n {count, plural,\n =1 { 节点数 }\n other { 总节点 }\n }\n #pods: Pods\n provider: 提供商\n version: Kubernetes 版本\n\n grafanaDashboard:\n failedToLoad: 加载表格失败\n reload: 重新加载\n grafana: Grafana\n\ngraphOptions:\n detail: 详情\n summary: 概述\n refresh: 刷新\n range: 范围\n\nhpa:\n detail:\n currentMetrics:\n header: 当前指标\n noMetrics: 没有当前指标\n metricHeader: '{source} 指标'\n metricIdentifier:\n name:\n label: 指标名称\n placeholder: 例如:packets-per-second\n selector:\n label: 添加 Selector\n metricTarget:\n averageVal:\n label: 平均值\n quantity:\n label: 数量\n type:\n label: 类型\n utilization:\n label: 平均利用率\n value:\n label: 值\n metrics:\n headers:\n metricName: 名称\n objectKind: 对象类型\n objectName: 对象名称\n quantity: 数量\n resource: 资源名称\n targetName: 目标名称\n value: 值\n source: 数据源\n objectReferance:\n api:\n label: 引用的API版本\n placeholder: 例如:apps/v1beta1\n kind:\n label: 引用类型\n placeholder: 例如:Deployment\n name:\n label: 引用名称\n placeholder: 例如:php-apache\n tabs:\n labels: 标签\n metrics: 指标\n target: 目标\n workload: 工作负载\n types:\n cpu: CPU\n memory: 内存\n warnings:\n custom: 为了使用HPA的自定义指标,你需要部署自定义metric server,如prometheus适配器。\n external: 为了使用HPA的外部指标,你需要部署外部metric server,如prometheus适配器。\n noMetric: 为了使用HPA的资源指标,您需要部署metric server。\n resource: 选定的目标参考在规格上没有正确的资源请求。否则,HPA指标将不会有任何影响。\n workloadTab:\n current: 当前的副本\n last: 最后一个刻度时间\n max: 最大副本数量\n min: 最小副本数量\n targetReference: 目标参考\n\nimport:\n title: 导入 YAML\n defaultNamespace:\n label: 默认命名空间\n success: |-\n Applied {count, plural,\n =1 {1 Resource}\n other {#Resources}\n }\n\ningress:\n certificates:\n addCertificate: 添加证书\n addHost: 添加主机\n certificate:\n label: 证书 - 密钥名称\n doesntExist: 所选证书不存在\n defaultCertLabel: 默认 Ingress Controller 证书\n headers:\n certificate: 证书\n hosts: 主机\n host:\n label: 主机\n placeholder: 例如:example.com\n label: 证书\n removeHost: 移除\n defaultBackend:\n label: 默认后端\n noServiceSelected: 没有配置默认后端\n port:\n label: 端口\n placeholder: 例如 80 或 http\n targetService:\n label: 目标服务\n doesntExist: 您选择的服务不存在\n warning: \"警告:默认后端在整个集群中全局使用\"\n rules:\n addPath: 添加路径\n addRule: 添加规则\n headers:\n pathType: 路径类型\n path: 路径\n port: 端口\n target: 目标服务\n certificates: 证书\n hostname: 主机名\n path:\n label: 路径\n placeholder: 例如:/foo\n port:\n label: 端口\n placeholder: 例如:80 或 http\n removePath: 删除路径\n requestHost:\n label: 请求主机\n placeholder: 例如:example.com\n target:\n label: 目标服务\n doesntExist: 您选择的服务不存在\n title: 规则\n rulesAndCertificates:\n title: 规则和证书\n defaultCertificate: 默认\n target:\n default: 默认\n\ninternalExternalIP:\n none: 无\n\nistio:\n links:\n kiali:\n label: Kiali\n description: 可视化服务网状结构中的服务以及它们是如何连接的。要想让 Kiali 显示数据,需要安装 Prometheus。如果您需要监控解决方案,请安装 Rancher 的监控。\n jaeger:\n label: Jaeger\n description: 监控并排除基于微服务的分布式系统的故障。\n disabled: '没有安装{app}应用'\n cni: 启用 CNI\n customOverlayFile:\n label: 自定义覆盖文件\n tip: '覆盖文件允许在基本的 Rancher Istio 安装之上进行额外的配置。您可以利用IstioOperator API对所有组件进行更改和添加,并通过此覆盖 YAML 文件应用这些更改。'\n description: 'Rancher Istio Helm Chart 为您安装了一个最小的 Istio 配置,以便您开始与您的应用程序集成。\n 如果您想获得有关 Istio 的更多信息,请访问 https://istio.io/latest/docs/concepts/what-is-istio/。'\n egressGateway: 启用 Egress 网关\n ingressGateway: 启用 Ingress 网关\n istiodRemote: 启用 istiodRemote\n kiali: 启用 Kiali\n pilot: 启用 Pilot\n policy: 启用 Policy\n poweredBy: 由Istio支持\n telemetry: 启用遥测\n titles:\n components: 组件\n customAnswers: 自定义回复\n advanced: 高级选项\n description: 描述\n tracing: 启用 Jaeger 跟踪 (limited)\n v1Warning: 请在安装这个版本之前卸载 istio-system 命名空间中的当前 Istio 版本。\n\nlabels:\n addLabel: 添加\n addSetLabel: 添加或配置标签\n addAnnotation: 添加\n labels:\n title: 标签\n annotations:\n title: 注释\n\nlanding:\n clusters: 集群\n# taken from Ember: https://github.com/rancher/ui/blob/master/app/components/modal-home/template.hbs\n releaseNotes:\n '\n - \n Cluster Explorer: 新的仪表盘提供了对Rancher管理的集群的更深入理解。\n
\n - 管理所有Kubernetes集群资源,包括来自Kubernetes运营商生态系统的定制资源
\n - 从我们新的Apps & Marketplace部署和管理Helm Chart。
\n - 在一个新的类似IDE的查看器中查看日志并与kubectl shell互动
\n
\n \n - 由Prometheus提供的监控和警报:允许管理定制的Grafana仪表盘,并为AlertManager提供定制。
\n - 由Banzai Cloud提供日志: 自定义FluentBit和Fluentd的配置,并将日志运送到远程数据存储。
\n - 由kube-bench提供的CIS扫描: 扩展支持为EKS和GKE平台定制的CIS扫描,并对任何Kubernetes发行版进行通用扫描
\n - Istio 1.7+: 允许用户部署多个Ingress和Egress网关
\n - \n Rancher 由Fleet提供的持续交付: Fleet是一个Rancher内置的部署工具,用于在多个集群中从Git源码库交付应用程序和配置。\n
\n - 部署由manifests、kustomize或Helm定义的任何Kubernetes资源
\n - 使用staged checkout和pull-based的更新模式将部署扩展到任何数量的集群中
\n - 将集群组织成组,以便更容易管理
\n - 将Git源存储库映射到目标集群组上
\n
\n \n - \n EKS生命周期管理功能增强\n
\n - 集群创建已得到加强,支持管理节点组、私人访问和控制平面记录
\n - 注册现有的EKS集群允许管理升级和配置
\n
\n \n - \n Rancher Server备份:\n
\n - 在不能访问etcd数据库的情况下备份Rancher服务器
\n - 将数据恢复到任何Kubernetes集群中
\n
\n \n
'\n seeWhatsNew: 了解更多关于该版本的改进和新功能。\n whatsNewLink: \"2.5的新内容\"\n learnMore: 了解更多\n migration:\n title: 迁移帮助\n body: 阅读集群管理器用户的迁移指南--你需要利用扩展的集群资源管理器的一切优势\n community:\n title: 社区支持\n docs: Rancher文档\n forums: 论坛\n commercial:\n title: 付费支持\n body: 如需了解付费支持,请单击这里。\n landingPrefs:\n title: 你想在登录时看到什么?\n options:\n thisScreen: 当前页面\n lastVisited: 上一次登录时最后访问的页面\n custom: 自定义首页\n defaultOverview: 默认集群({cluster})的概览页面\n appsAndMarketplace: 应用市场页面\n fleet: Fleet页面\n welcomeToRancher: 欢迎使用Rancher!\n\nlogging:\n clusterFlow:\n noOutputsBanner: 在选定的命名空间中没有集群输出\n flow:\n clusterOutputs:\n doesntExistTooltip: 该集群输出不存在\n label: 集群输出\n matches:\n label: 匹配\n addSelect: 添加包含规则\n addExclude: 添加排除规则\n filters:\n label: 过滤\n outputs:\n doesntExistTooltip: 该集群输出不存在\n label: 输出\n install:\n k3sContainerEngine: K3S 容器引擎\n enableAdditionalLoggingSources: 启用增强的云日志收集服务\n dockerRootDirectory: Docker根目录\n elasticsearch:\n host: 主机\n scheme: 主题\n port: 端口\n indexName: 索引名称\n user: 用户名\n password: 密码\n caFile:\n label: CA 证书文件\n clientCert:\n label: 客户端证书\n placeholder: 粘贴客户端证书\n clientKey:\n #label: Client Key\n #placeholder: 粘贴 client key\n #clientKeyPass: Client Key Pass\n kafka:\n #brokers: Brokers\n defaultTopic: 默认 Topic\n saslOverSsl: 通过SSL实现SASL\n scramMechanism: Scram 机制\n username: 用户名\n password: 密码\n sslCaCert:\n label: SSL CA 证书\n placeholder: 请输入 CA 证书\n sslClientCert:\n label: SSL 客户端证书\n placeholder: 请把客户端证书粘贴在 CA 证书内\n sslClientCertChain:\n label: SSL 客户端证书链\n placeholder: 请输入 SSL 客户端证书链\n sslClientCertKey: SSL 客户端证书密钥\n loki:\n #url: URL\n tenant: 租户\n username: 用户名\n password: 密码\n configureKubernetesLabels: 以类似 Prometheus 的格式配置 Kubernetes 元数据\n extractKubernetesLabels: 提取 Kubernetes 标签作为 Loki 标签\n dropSingleKey: 如果一条记录只有 1 个键,那么只需将日志行设置为该值并丢弃该键\n caCert: CA 证书\n cert: 证书\n key: 密钥\n awsElasticsearch:\n #url: URL\n #keyId: Key Id\n #secretKey: Secret Key\n #azurestorage:\n #storageAccount: Storage Account\n #accessKey: Access Key\n #container: Container\n #path: 路径\n #storeAs: Store As\n #cloudwatch:\n #keyId: Key Id\n #secretKey: Secret Key\n #endpoint: Endpoint\n #region: Region\n datadog:\n #apiKey: API Key\n #useSSL: Use SSL\n useCompression: 使用压缩\n #host: Host\n file:\n path: 路径\n gcs:\n project: 项目\n credentialsJson: 凭证\n bucket: 桶名称\n path: 路径\n overwriteExistingPath: 覆盖现有的路径\n #kinesisStream:\n #streamName: Stream Name\n #keyId: Key Id\n #secretKey: Secret Key\n #logdna:\n #apiKey: API Key\n #hostname: Hostname\n #app: App\n #logz:\n #url: URL\n #port: Port\n token: API 令牌\n enableCompression: 启用压缩\n newrelic:\n apiKey: API 密钥\n #licenseKey: License Key\n #baseURI: Base URI\n sumologic:\n endpoint: 端点\n sourceName: 源名称\n syslog:\n host: syslog 主机地址\n port: 端口\n transport: 传输\n insecure: 不安全的\n trustedCaPath: 受信 CA 路径\n format:\n title: 格式\n type: 类型\n addNewLine: 添加新行\n #messageKey: Message Key\n buffer:\n #title: Buffer\n tags: 标签\n chunkLimitSize: 存储块大小限制\n chunkLimitRecords: 块限制 chunkLimitRecords\n totalLimitSize: 总限制大小\n flushInterval: 冲洗时间间隔\n #timekey: Timekey\n #timekeyWait: Timekey Wait\n #timekeyUseUTC: Timekey 使用 UTC\n s3:\n #keyId: Key Id\n #secretKey: Secret Key\n #endpoint: Endpoint\n #bucket: Bucket\n path: 路径\n overwriteExistingPath: 覆盖现有的路径\n output:\n selectOutputs: 选择输出\n selectBanner: 选择以配置输出\n sections:\n target: 目标\n access: 访问\n certificate: SSL 证书\n labels: 标签\n #outputProviders:\n #elasticsearch: Elasticsearch\n #splunkHec: Splunk\n #kafka: Kafka\n #forward: Fluentd\n #loki: Loki\n #awsElasticsearch: Amazon Elasticsearch\n #azurestorage: Azure Storage\n #cloudwatch: Cloudwatch\n #datadog: Datadog\n #file: File\n #gcs: GCS\n #kinesisStream: Kinesis Stream\n #logdna: LogDNA\n #logz: LogZ\n #newrelic: New Relic\n #sumologic: SumoLogic\n #syslog: Syslog\n #s3: S3\n unknown: 未知类型\n overview:\n #poweredBy: Banzai Cloud\n clusterLevel: 集群级别\n namespaceLevel: 命名空间级别\n provider: 提供商\n splunk:\n host: splunk 主机\n port: 端口\n protocol: 协议\n #index: Index\n token: 令牌\n insecureSsl: 不安全的SSL\n #indexName: Index Name\n #source: Source\n caFile: CA 文件\n caPath: CA 路径(目录)\n clientCert: 客户端证书\n clientKey: 客户端密钥\n forward:\n host: 主机\n port: 端口\n sharedKey: 共享密钥\n username: 用户名\n password: 密码\n clientCertPath: 客户端证书路径\n clientPrivateKeyPath: 客户端私钥路径\n clientPrivateKeyPassphrase: 客户端私钥密码\n\nlonghorn:\n overview:\n title: 概述\n subtitle: \"由Longhorn提供支持\"\n linkedList:\n longhorn:\n #label: 'Longhorn'\n description: '通过 UI 管理存储系统'\n na: 资源不可用\n\nlogin:\n howdy: 您好!\n welcome: 欢迎使用 {vendor}\n loggedOut: 您已登出当前账号。\n loginAgain: 请重新登录。\n error: 登录时发生错误,请重试。\n useLocal: 使用Local User账户登录\n loginWithProvider: 使用 {provider} 登录\n username: 用户名\n password: 密码\n loggingIn: 登录中...\n loggedIn: 已登录\n loginWithLocal: 使用Local User账户登录\n useProvider: 使用 {provider} 登录\n\nmonitoring:\n accessModes:\n many: 多次读写\n once: 一次读写\n readOnlyMany: 多次只读\n aggregateDefaultRoles:\n label: 聚合为默认 Kubernetes 角色\n tip: '将标签添加到监控图部署的ClusterRoles上,以聚合到相应的默认k8s管理、编辑和查看ClusterRoles。。'\n alerting:\n config:\n label: 配置告警管理\n enable:\n label: 部署 Alertmanager\n secrets:\n additional:\n info: \"密文应挂载到容器路径 /etc/alertmanager/secrets/
。\"\n label: 附加密文\n existing: 选择现有的配置密文\n info: |\n 创建默认配置。在部署这个 chart 时,将在cattle-monitoring-system
命名空间中创建一个包含 Alertmanager 配置的密钥,名称为alertmanager-rancher-monitoring-alertmanager
。默认情况下,在卸载或升级此图表时,此 Secret 将永远不会被修改。
\n 一旦您部署了这个 chart,您应该通过用户界面编辑密钥,以便添加您的自定义通知配置,这些配置将被 Alertmanager 用于发送警报。
\n 选择一个现有的配置密钥:您必须指定一个存在于cattle-monitoring-system
命名空间中的密钥。如果命名空间不存在,您将无法选择一个现有的密钥。\n label: Alertmanager 密文\n new: 创建默认配置\n radio:\n label: 配置密文\n templates:\n keyLabel: 文件名称\n label: 模板文件\n valueLabel: YAML 模板\n title: 配置 Alertmanager\n clusterType:\n label: 集群类型\n placeholder: 选择集群类型\n createDefaultRoles:\n label: 创建默认 Monitoring 集群角色\n tip: '创建 monitoring-admin,monitoring-edit,和 monitor-view ClusterRoles,可以被分配给用户,为部署监控 Chart 安装 CRDs 提供权限。'\n etcdNodeDirectory:\n label: ETCD 节点证书目录\n tooltip: '对于使用 RancherOS 作为 etcd 节点的集群,这个选项应该设置为 /opt/rke/etc/kubernetes/ssl
。不支持需要指定多个证书目录的混合环境(例如,由 RancherOS 和 Ubuntu 主机组成的 etcd 平面)。'\n grafana:\n storage:\n annotations: PVC 注释\n className: 存储类名称\n existingClaim: 使用已有的 Claim\n #finalizers: PVC Finalizers\n label: Grafana 的持久存储\n mode: 访问模式\n selector: 选择器\n size: 大小\n subpath: 使用子路径\n type: 持久存储类型\n types:\n existing: 使用已有的 PVC 启用 Grafana\n statefulset: 使用 StatefulSet 模板启用 Grafana\n template: 使用 PVC 模板启用 Grafana\n volumeMode: 存储卷模式\n volumeName: 存储卷名称\n title: 配置 Grafana\n overview:\n alertsList:\n ends:\n label: 停止于\n label: 已启用的告警\n message:\n label: 信息\n severity:\n label: 严重程度\n start:\n label: 开始于\n linkedList:\n alertManager:\n description: 已启用的告警\n #label: Alertmanager\n grafana:\n description: Metrics 仪表盘\n #label: Grafana\n na: 资源不可用\n prometheusPromQl:\n description: PromQL 图表\n label: Prometheus 图表\n prometheusRules:\n description: 配置规则\n label: Prometheus 规则\n prometheusTargets:\n description: 配置目标\n #label: Prometheus Targets\n subtitle: '由Prometheus提供支持'\n title: 仪表盘\n v1Warning: '当前监控由 Rancher UI 部署,如果你想在仪表盘中启用新的监控,请先在 Rancher UI 中禁用原来的监控。'\n prometheus:\n config:\n #adminApi: Admin API\n evaluation: 评估时间间隔\n ignoreNamespaceSelectors:\n help: '忽略命名空间选择器允许集群管理员限制团队查看他们有权监视的命名空间之外的资源,但这会破坏应用程序的功能,这些应用程序依赖于设置跨多个命名空间捕获目标监控数据,比如 Istio。'\n label: 命名空间选择器\n radio:\n enforced: '使用: 监控可以基于与命名空间选择器字段匹配的命名空间访问资源'\n ignored: '忽略: 监控只能访问它们所在命名空间中的资源'\n limits:\n cpu: CPU 限制\n memory: Memory 限制\n requests:\n cpu: CPU 预留\n memory: Memory 预留\n resourceLimits: 资源限制\n retention: 预留\n retentionSize: 预留大小\n scrape: 刮擦间隔(prometheus 获取数据间隔)\n storage:\n className: 存储类名称\n label: Prometheus 持久存储\n mode: 访问模式\n selector: 选择器\n selectorWarning: '如果你正在使用一个动态配置器(例如 Longhorn),不应该指定选择器,因为带有非空选择器的PVC不能动态配置PV。'\n size: 大小\n volumeMode: Volume 模式\n volumeName: Volume 名称\n title: 配置 Prometheus\n warningInstalled: |\n '警告:目前已经部署了Prometheus Operators。目前不支持在一个集群上部署多个Prometheus Operators。在尝试安装此chart之前,请从该集群中移除所有其他的普罗米修斯Operators部署。\n 如果您是从启用了监控功能的旧版Rancher迁移过来的,请在尝试安装此chart之前完全禁用此集群上的监控功能。\n receiver:\n fields:\n name: 名称\n tls:\n #label: SSL\n caFilePath:\n label: CA 文件路径\n placeholder: 例如:./ca-file.csr\n certFilePath:\n label: 证书文件路径\n placeholder: 例如:./cert-file.crt\n keyFilePath:\n label: 密钥文件路径\n placeholder: 例如:./key-file.pfx\n secretsBanner: 当部署监控图表时,必须在alertmanager.alertmanagerSpec.secrets
中引用以下文件路径。\n\n route:\n fields:\n groupBy: Group By\n groupInterval: 组间隔\n groupWait: 组等待\n receiver: 接收者\n repeatInterval: 重复间隔\n tabs:\n alerting: 告警\n general: 总体\n #grafana: Grafana\n #prometheus: Prometheus\n v1Warning: '当前监控由 Rancher UI 部署,如果你想在仪表盘中启用新的监控,请先在 Rancher UI 中禁用原来的监控。'\n volume:\n modes:\n block: 块\n file: 文件系统\n\nmonitoringReceiver:\n addButton: 添加 {type}\n custom:\n label: 自定义\n title: 自定义参数\n info: 这里提供的YAML将直接附加到Alertmanager的接收器的配置密钥中。\n email:\n label: 电子邮箱\n title: 电子邮箱参数\n opsgenie:\n #label: Opsgenie\n title: Opsgenie参数\n pagerduty:\n #label: PagerDuty\n title: PagerDuty参数\n info: \"你可以找到更多关于为PagerDuty创建集成密钥的信息这里。\"\n slack:\n label: Slack\n title: Slack参数\n info: \"您可以在这里找到有关为Slack创建传入Webhooks的其他信息。\"\n webhook:\n #label: Webhook\n title: Webhook参数\n urlTooltip: 对于一些webhooks来说,这是一个指向DNS服务的url\n modifyNamespace: 如果rancher-alerting-drivers
被安装在一个非默认的命名空间中,你需要更新下面网址中的命名空间。\n banner: 要使用Microsoft Teams或阿里巴巴云短信,你需要先安装rancher-alerting-drivers
。\n add:\n generic: 通用\n #msTeams: Microsoft Teams\n alibabaCloudSms: 阿里巴巴云短信\n auth:\n label: 认证\n authType: 认证类型\n username: 用户名\n password: 密码\n none:\n label: 无\n bearerToken:\n #label: Bearer Token\n placeholder: 例如:secret-token\n #basicAuth:\n #label: Basic Auth\n bearerTokenFile:\n #label: Bearer Token File\n placeholder: 例如:./user_token\n shared:\n proxyUrl:\n label: 代理URL\n placeholder: 例如:http://my-proxy/\n sendResolved:\n label: 启用发送已解决的警报\n\nmonitoringRoute:\n groups:\n label: 分组\n info: 这是 Alertmanager 使用的默认通知,作为与任何其他路由不匹配的警报的默认目的地。此通知必须存在,不能删除。\n interval:\n label: 组间隔\n matching:\n info: 根路由必须匹配所有内容,因此无法配置匹配。\n label: 匹配\n receiver:\n label: 接收者\n regex:\n label: 匹配正则表达式\n repeatInterval:\n label: 重复间隔\n wait:\n label: 组等待时长\n\nnameNsDescription:\n name:\n label: 名称\n placeholder: '请输入名称'\n namespace:\n label: 命名空间\n #placeholder:\n workspace:\n label: 工作空间\n #placeholder:\n description:\n label: 描述\n placeholder: 请输入一些能更好地描述该资源的文字\n\nnamespace:\n containerResourceLimit: 容器资源限制\n project:\n label: 项目\n resources: 资源\n enableAutoInjection: 启用Istio自动注入\n disableAutoInjection: 禁用Istio自动注入\n\nnamespaceFilter:\n selected:\n label: \"{total} 项目选择\"\n\nnamespaceList:\n selectLabel: 命名空间\n addLabel: 添加命名空间\n\nnode:\n detail:\n detailTop:\n containerRuntime: 容器运行时\n internalIP: 内部IP地址\n externalIP: 外部IP地址\n #os: OS\n version: 版本\n glance:\n consumptionGauge:\n used: 已使用\n amount: \"已使用{total} {unit}中的{used}\"\n cpu: CPU\n memory: 内存\n pods: PODS\n diskPressure: 磁盘压力\n kubelet: kubelet\n memoryPressure: 内存压力\n pidPressure: PID 压力\n tab:\n conditions: 状态\n images: 镜像\n info:\n label: 信息\n key:\n architecture: 架构\n bootID: Boot ID\n containerRuntimeVersion: Container Runtime 版本\n kernelVersion: Kernel 版本\n kubeProxyVersion: Kube Proxy 版本\n kubeletVersion: Kubelet 版本\n machineID: 机器 ID\n operatingSystem: 操作系统\n osImage: 镜像\n systemUUID: System UUID\n pods: Pods\n taints: 污点\n\npersistentVolume:\n pluginConfiguration:\n label: 插件配置信息\n customize:\n label: 自定义\n affinity:\n #label: Node Selectors\n addLabel: 添加 Node Selector\n assignToStorageClass:\n label: 分配给存储类\n mountOptions:\n label: 挂载选项\n addLabel: 添加选项\n accessModes:\n label: 访问模式\n readWriteOnce: 单节点读写\n readOnlyMany: 多节点只读\n readWriteMany: 多节点读写\n shared:\n partition:\n label: 分区\n placeholder: 例如:1; 0\n readOnly:\n label: 只读\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext4\n secretName:\n label: 密钥名称\n placeholder: 例如:secret\n secretNamespace:\n label: 密钥命名空间\n placeholder: 例如:default\n monitors:\n add: 添加监控\n vsphereVolume:\n #label: VMWare vSphere 卷\n volumePath:\n label: 卷路径\n placeholder: 例如:/\n storagePolicyName:\n label: 存储策略名称\n placeholder: 例如:sp\n storagePolicyId:\n label: 存储策略ID\n placeholder: 例如:sp1\n csi:\n label: CSI(不支持)\n driver:\n label: 驱动\n placeholder: 例如:driver.longhorn.io\n volumeHandle:\n #label: Volume Handle\n placeholder: 例如:pvc-xxxx\n volumeAttributes:\n add: 添加卷参数\n nodePublishSecretName:\n #label: Node Publish Secret Name\n placeholder: 例如:secret\n nodePublishSecretNamespace:\n #label: Node Publish Secret Namespace\n placeholder: 例如:default\n nodeStageSecretName:\n #label: Node Stage Secret Name\n placeholder: 例如:secret\n nodeStageSecretNamespace:\n #label: Node Stage Secret Namespace\n placeholder: 例如:default\n controllerExpandSecretName:\n #label: Controller Expand Secret Name\n placeholder: 例如:secret\n controllerExpandSecretNamespace:\n #label: Controller Expand Secret Namespace\n placeholder: 例如:default\n controllerPublishSecretName:\n #label: Controller Publish Secret Name\n placeholder: 例如:secret\n controllerPublishSecretNamespace:\n #label: Controller Publish Secret Namespace\n placeholder: 例如:default\n cephfs:\n label: Ceph Filesystem(不支持)\n path:\n label: 路径\n placeholder: 例如:/var\n user:\n label: 用户\n placeholder: 例如:root\n secretFile:\n label: 密钥文件\n placeholder: 例如:secret\n rbd:\n label: Ceph RBD(不支持)\n user:\n label: 用户\n placeholder: 例如:root\n keyRing:\n #label: Key Ring\n placeholder: 例如:/etc/ceph/keyring\n pool:\n #label: Pool\n placeholder: 例如:rbd\n image:\n label: 镜像\n placeholder: 例如:image\n fc:\n label: Fibre Channel(不支持)\n targetWWNS:\n add: 添加模板WWN\n wwids:\n add: 添加 WWID\n lun:\n #label: Lun\n placeholder: 例如:2\n flexVolume:\n label: Flex Volume(不支持)\n driver:\n label: 驱动\n placeholder: 例如:driver\n options:\n add: 添加选项\n flocker:\n label: Flocker(不支持)\n datasetName:\n label: 数据集名称\n placeholder: 例如:dataset\n datasetUUID:\n label: 数据集 UUID\n placeholder: 例如:uuid\n glusterfs:\n label: Gluster Volume(不支持)\n endpoints:\n label: Endpoints\n placeholder: 例如:glusterfs-cluster\n path:\n label: 路径\n placeholder: 例如:kube-vol\n iscsi:\n label: iSCSI Target(不支持)\n initiatorName:\n #label: Initiator Name\n #placeholder: iqn.1994-05.com.redhat:1df7a24fcb92\n iscsiInterface:\n #label: iSCSI Interface\n placeholder: 例如:interface\n chapAuthDiscovery:\n #label: Chap Auth Discovery\n chapAuthSession:\n #label: Chap Auth Session\n iqn:\n #label: IQN\n #placeholder: iqn.2001-04.com.example:storage.kube.sys1.xyz\n lun:\n #label: Lun\n placeholder: 例如:2\n targetPortal:\n label: 模板Portal\n placeholder: 例如:portal\n portals:\n add: 添加Portal\n cinder:\n label: Openstack Cinder Volume(不支持)\n volumeId:\n #label: Volume ID\n placeholder: 例如:vol\n quobyte:\n label: Quobyte Volume(不支持)\n volume:\n label: Volume\n placeholder: 例如:vol\n user:\n label: 用户名\n placeholder: 例如:root\n group:\n label: 用户组\n placeholder: 例如:abc\n registry:\n label: 仓库\n placeholder: 例如:abc\n photonPersistentDisk:\n label: Photon Volume(不支持)\n pdId:\n #label: PD ID\n placeholder: 例如:abc\n portworxVolume:\n label: Portworx Volume(不支持)\n volumeId:\n #label: Volume ID\n placeholder: 例如:abc\n scaleIO:\n label: ScaleIO Volume(不支持)\n volumeName:\n #label: Volume Name\n placeholder: 例如:vol-0\n gateway:\n #label: Gateway\n placeholder: 例如:https://localhost:443/api\n protectionDomain:\n #label: Protection Domain\n placeholder: 例如:pd01\n storageMode:\n #label: Storage Mode\n placeholder: 例如:ThinProvisioned\n storagePool:\n label: 存储池\n placeholder: 例如:sp01\n system:\n label: 系统\n placeholder: 例如:scaleio\n sslEnabled:\n label: 启用SSL\n storageos:\n label: StorageOS(不支持)\n volumeName:\n label: 卷名称\n placeholder: 例如:vol\n volumeNamespace:\n label: 卷命名空间\n placeholder: 例如:default\n nfs:\n #label: NFS Share\n path:\n label: 路径\n placeholder: 例如:/var\n server:\n label: Server IP 地址\n placeholder: 例如:10.244.1.4\n longhorn:\n #label: Longhorn\n volumeHandle:\n #label: Volume Handle\n placeholder: 例如:pvc-xxxx\n options:\n label: 选项\n addLabel: 添加\n local:\n label: 本地\n path:\n label: 路径\n placeholder: 例如:/mnt/disks/ssd1\n hostPath:\n label: 主机路径\n pathOnTheNode:\n label: 节点上的路径\n placeholder: 例如:/mnt/disks/ssd1\n mustBe:\n label: 节点上的路径必须是:\n anything: '任意路径:不需要检查目标路径'\n directory: 一个文件夹,如果该文件夹不存在,则自动创建一个文件夹\n file: 一个文件,如果该文件不存在,则自动创建一个文件\n existingDirectory: 一个已有的文件夹\n existingFile: 一个已有的文件\n existingSocket: 一个已有的socket\n existingCharacter: 一个已有的character device\n existingBlock: 一个已有的block device\n gcePersistentDisk:\n #label: Google Persistent Disk\n persistentDiskName:\n label: Disk 名称\n placeholder: 例如:abc\n awsElasticBlockStore:\n #label: Amazon EBS Disk\n volumeId:\n label: 卷ID\n placeholder: 例如:volume1\n azureFile:\n #label: Azure Filesystem\n shareName:\n label: Share名称\n placeholder: 例如:abc\n azureDisk:\n #label: Azure Disk\n diskName:\n label: Disk名称\n placeholder: 例如:kubernetes-pvc\n diskURI:\n #label: Disk URI\n placeholder: 例如:https://example.com/disk\n kind:\n label: 类型\n dedicated: 专用\n managed: 管理\n shared: 共享\n cachingMode:\n label: 缓存模式\n none: 无\n readOnly: 只读\n readWrite: 读写\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext4\n readOnly:\n label: 只读\n\npersistentVolumeClaim:\n accessModes: 访问模式\n capacity: 容量\n storageClass: 存储类\n useDefault: 使用默认存储类\n volumes: 持久卷\n volumeName: 持久卷名称\n source:\n label: 资源\n options:\n new: 使用存储类创建新的持久卷(PV)\n existing: 使用已有的持久卷(PV)\n volumeClaim:\n label: 卷声明\n storageClass: 存储类\n requestStorage: 需要的存储大小\n persistentVolume: 持久卷\n customize:\n label: 自定义\n accessModes:\n readWriteOnce: 单节点读写\n readOnlyMany: 多节点只读\n readWriteMany: 多节点读写\n status:\n label: 状态\nprefs:\n title: 用户偏好设置\n theme:\n label: 主题\n light: 浅色\n auto: 自动\n dark: 深色\n autoDetail: 选择自动设置,将会在晚 6 点到次日早 6 点间自动切换到黑色主题。\n landing:\n label: 默认登录页面\n vue: 仪表盘\n ember: Rancher UI\n formatting: 格式\n dateFormat:\n label: 日期格式\n timeFormat:\n label: 时间格式\n perPage:\n label: 每页行数\n value: |-\n {count, number}\n keymap:\n label: YAML 编辑器选择\n sublime: '默认'\n emacs: 'Emacs'\n vim: 'Vim'\n advanced: 高级选项\n dev:\n label: 启用开发工具\n hideDesc:\n label: 隐藏所有类型说明框\n helm:\n 'true': 包括预发布的版本\n 'false': 只显示正式发布的版本\n #label: Helm Charts\n\nprincipal:\n loading: 加载中…\n error: 无法获取信息\n name: 名称\n loginName: 用户名\n type: 类型\n\nprobe:\n checkInterval:\n label: 检查间隔\n placeholder: '默认值是10秒'\n command:\n label: 运行命令\n placeholder: 例如:cat /tmp/health\n failureThreshold:\n label: 失败阈值\n placeholder: '默认值是3次'\n httpGet:\n headers:\n label: 请求头\n path:\n label: 请求路径(Path)\n placeholder: 例如:/healthz\n port:\n label: 检查端口\n placeholder: 例如:80\n placeholderDuex: 例如:25\n initialDelay:\n label: 初始延迟\n placeholder: '默认值是'\n successThreshold:\n label: 成功阈值\n placeholder: '默认值是1'\n timeout:\n label: 超时\n placeholder: '默认值是3'\n type:\n label: 检测类型\n placeholder: 选择检查类型\n\nprometheusRule:\n alertingRules:\n addLabel: 添加告警\n annotations:\n description:\n input: 描述注释值\n label: 描述\n label: 注释\n message:\n input: 消息注释值\n label: 消息\n runbook:\n #input: Runbook URL Annotation Value\n #label: Runbook URL\n #summary:\n #input: Summary Annotation Value\n #label: Summary\n bannerText: '在触发告警时,注释和标签将被传递给配置的 alertmanager,以允许它们构造通知信息并发送给配置的接收者。'\n for:\n label: 告警触发等待时间\n #placeholder: '60'\n label: 高级规则\n labels:\n label: 标签\n severity:\n choices:\n critical: 重要\n label: 严重性标签值\n none: none\n warning: 警告\n label: 严重程度\n name: 告警名称\n removeAlert: 删除告警\n groups:\n add: 添加规则组\n groupRowLabel: 规则组 {index}\n groupInterval:\n label: 覆盖组间隔\n placeholder: '60'\n label: 规则组\n name: 组名称\n none: 请添加至少一个规则组,其中至少包含一个警告或一个记录规则。\n removeGroup: 删除组\n responseStrategy:\n label: 部分响应策略\n promQL:\n label: PromQL 表达式\n recordingRules:\n addLabel: 添加记录\n label: 记录规则\n labels: 标签\n name: 时间序列的名称\n removeRecord: 删除记录\n\npromptRemove:\n andOthers: |-\n {count, plural,\n =0 {.}\n =1 {,还有另一个}\n other {, 还有其他{count}个}\n }\n attemptingToRemove: \"您在尝试删除 {type}\"\n protip: \"提示:按住 {alternateLabel} 键同时单击 delete 以绕过此确认\"\n confirmName: \"Enter {nameToMatch} below to confirm:\"\n\nrancherAlertingDrivers:\n msTeams: 启用Microsoft Teams通知\n sms: 启用短信通知\n selectOne: 你必须选择以下至少一个选项。\n\nrbac:\n roleBinding:\n noData: 没有与此资源相关联的成员。\n user:\n label: 用户\n role:\n label: 角色\n add: 添加成员\n displayRole:\n fleetworkspace-admin: 管理员\n fleetworkspace-member: 成员\n fleetworkspace-readonly: 只读用户\n roletemplate:\n label: 角色\n newUserDefault:\n no: 否\n tooltip: 这并不影响任何已经存在的角色的绑定。\n locked:\n label: 锁定\n yes: '是:新的绑定不允许使用这个角色'\n no: 否\n tabs:\n grantResources:\n label: 授予资源\n tableHeaders:\n verbs: 操作\n resources: 资源\n nonResourceUrls: 非资源URL\n apiGroups: API组\n subtypes:\n GLOBAL:\n createButton: 创建全局角色\n label: 全局\n yes: \"是:新用户的默认角色\"\n defaultLabel: 新用户的默认角色\n CLUSTER:\n createButton: 创建集群角色\n label: 集群\n yes: \"是:创建新集群的默认角色\"\n defaultLabel: 集群创建者\n NAMESPACE:\n createButton: 创建项目或命名空间角色\n label: 项目或命名空间\n yes: \"是:创建项目或命名空间的默认角色\"\n defaultLabel: 项目创建者\n RBAC_ROLE:\n label: 角色\n RBAC_CLUSTER_ROLE:\n label: 集群角色\n noContext:\n label: 没有内容\n globalRoles:\n types:\n global:\n label: 全局权限\n description: |-\n 控制{isUser, select,\n true {user}\n false {group}}有什么权限来管理整个{appName}的安装。\n custom:\n label: 自定义\n description: 不是Rancher创建的角色\n builtin:\n label: 内置角色\n description: 额外的角色来定义更搞细粒度的权限模型。\n unknownRole:\n description: 无描述\n assignOnlyRole: 已分配该角色\n role:\n admin:\n label: 管理员\n description: 管理员可以完全控制整个安装和所有集群中的所有资源。\n restricted-admin:\n label: 受限管理员\n description: 受限管理员可以完全控制所有下游集群的所有资源,但不能访问本地集群。\n user:\n label: 普通用户\n description: 普通用户可以创建新的集群并管理他们被授予访问权的集群和项目。\n user-base:\n label: User-Base 用户\n description: User-Base 用户只拥有登录权限。\n clusters-create:\n label: 创建集群\n description: 允许用户创建集群,并成为该集群的所有者(owner)。\n clustertemplates-create:\n label: 创建RKE集群模板\n description: 允许用户创建RKE集群模板,并成为该模板的所有者(owner)。\n authn-manage:\n label: 配置认证方式\n description: 运行用户启用、编辑或禁用所有的认证方式。\n catalogs-manage:\n label: 配置应用\n description: 允许用户添加、编辑和删除应用。\n clusters-manage:\n label: 管理所有集群\n description: 允许用户管理所有集群,包括他们不是成员的集群。\n clusterscans-manage:\n label: 管理CIS集群扫描\n description: 允许用户运行新建的CIS集群扫描和管理现有的CIS集群扫描。\n kontainerdrivers-manage:\n label: 创建集群驱动\n description: 允许用户新建集群驱动,并成为该集群驱动的所有者(owner)。\n features-manage:\n label: 配置功能标记\n description: 允许用户通过功能标志设置来启用和禁用自定义功能。\n nodedrivers-manage:\n label: 配置集群驱动\n description: 允许用户启用、配置和删除所有节点驱动设置。\n nodetemplates-manage:\n label: 管理节点模板\n description: 允许用户定义、编辑和删除节点模板。\n podsecuritypolicytemplates-manage:\n label: 管理Pod安全策略(PSP)\n description: 允许用户定义、编辑和删除Pod安全策略。\n roles-manage:\n label: 管理用户角色\n description: 允许用户定义、编辑和删除用户角色。\n settings-manage:\n label: 管理Rancher配置\n description: 允许用户管理Rancher配置。\n users-manage:\n label: 管理用户\n description: 允许用户为所有用户创建、删除和设置密码。\n catalogs-use:\n label: 使用应用\n description: 允许用户查看和部署应用中的模板。 普通用户默认拥有此权限。\n nodetemplates-use:\n label: 使用节点模板\n description: 允许用户使用任何现有的节点模板来部署新的节点。\n view-rancher-metrics:\n label: 查看Rancher指标\n description: 允许用户通过API查看Metrics。\n base:\n label: 登录权限\n\nresourceDetail:\n detailTop:\n annotations: 注释\n created: 已创建\n deleted: 已删除\n description: 描述\n labels: 标签\n ownerReferences: |-\n {count, plural,\n =1 {Owner}\n other {Owners}}\n hideAnnotations: |-\n {annotations, plural,\n =1 {Hide 1 annotation}\n other {Hide {annotations} annotations}}\n showAnnotations: |-\n {annotations, plural,\n =1 {Show 1 annotation}\n other {Show {annotations} annotations}}\n name: 名称\n header:\n clone: \"从 {subtype} {name} 克隆\"\n create: 创建 {subtype}\n edit: \"{subtype} {name}\"\n stage: \"Stage from {subtype} {name}\"\n view: \"{subtype} {name}\"\n masthead:\n #age: Age\n defaultBannerMessage:\n error: 此资源当前处于错误状态,但没有可用的详细消息。\n transitioning: 此资源当前处于转换状态,但没有可用的详细消息。\n sensitive:\n hide: 隐藏敏感信息\n show: 显示敏感信息\n namespace: 命名空间\n workspace: 工作空间\n project: 项目\n detail: 详情\n config: 配置\n #yaml: YAML\n managedWarning: |-\n This {type} is managed by {hasName, select,\n no {a {managedBy} app}\n yes {the {managedBy} app {appName}}}; 在此所做的更改可能会在应用程序下次更改时被覆盖。\nresourceList:\n head:\n create: 创建\n createFromYaml: 使用 YAML 文件创建\n createResource: \"创建 {resourceName}\"\n\nresourceTable:\n groupBy:\n none: 平面列表\n namespace: 以命名空间分组\n project: 以项目分组\n groupLabel:\n cluster: \"集群: {name}\"\n namespace: \"命名空间: {name}\"\n machinePool: \"节点池 {name}\"\n notInANamespace: 不在命名空间内\n notInAProject: 不在项目内\n project: \"项目: {name}\"\n notInAWorkspace: 不在工作空间内\n workspace: \"工作空间: {name}\"\n\nresourceTabs:\n conditions:\n tab: 条件\n events:\n tab: 最近事件\n related:\n tab: 相关资源\n #from: Referred To By\n #to: Refers To\n\n\nresourceYaml:\n errors:\n namespaceRequired: 这个资源是有命名空间的,所以必须提供一个命名空间。\n buttons:\n continue: 继续编辑\n diff: 显示差异\n\nrioConfig:\n configure:\n description: 描述\n helpText:\n listItem1: Kubernetes 的应用部署引擎\n listItem2: \"Rio 使 DevOps 更快、更容易地构建、测试、部署、扩展和版本无状态应用。\"\n requirements:\n header: 主机要求\n helpText:\n listItem1: 至少 1 核心 CPU\n listItem2: 至少 2 GB 内存\n #header: Rio\n yaml:\n buttonText: 自定义\n\nsecret:\n authentication: 身份验证\n certificate:\n certificate: 证书\n cn: 域名\n expires: 到期\n issuer: Issuer\n plusMore: \"+ {n} 更多\"\n privateKey: 私钥\n data: 数据\n registry:\n address: 仓库类型\n domainName: 仓库地址\n password: 密码\n username: 用户名\n basic:\n password: 密码\n username: 用户名\n ssh:\n keys: Keys\n public: 公钥\n private: 私钥\n serviceAcct:\n ca: CA 证书\n token: Token\n type: 类型\n types:\n #'opaque': 'Opaque'\n #'kubernetes.io/service-account-token': 'Svc Acct Token'\n 'kubernetes.io/dockercfg': '仓库'\n 'kubernetes.io/dockerconfigjson': '仓库'\n 'kubernetes.io/basic-auth': 'HTTP Basic Auth'\n 'kubernetes.io/ssh-auth': 'SSH 密钥'\n 'kubernetes.io/tls': 'TLS 证书'\n 'bootstrap.kubernetes.io/token': 'Bootstrap Token'\n 'istio.io/key-and-cert': 'Istio 证书'\n 'helm.sh/release.v1': 'Helm 版本'\n 'fleet.cattle.io/cluster-registration-values': 'Fleet 集群'\n 'provisioning.cattle.io/cloud-credential': '云凭证'\n initials:\n 'opaque': 'O'\n 'kubernetes.io/service-account-token': 'SAT'\n 'kubernetes.io/dockercfg': 'R'\n 'kubernetes.io/dockerconfigjson': 'R'\n 'kubernetes.io/basic-auth': 'HTTP'\n 'kubernetes.io/ssh-auth': 'SSH'\n 'kubernetes.io/tls': 'TLS'\n 'bootstrap.kubernetes.io/token': 'Boot'\n 'istio.io/key-and-cert': 'Ist'\n 'helm.sh/release.v1': 'Helm'\n 'fleet.cattle.io/cluster-registration-values': 'F'\n 'provisioning.cattle.io/cloud-credential': 'CC'\n relatedWorkloads: 相关的工作负载\n\nselectOrCreateAuthSecret:\n label: 认证\n options:\n none: 无\n basic: HTTP Basic Auth\n ssh: SSH 密钥\n custom: 密钥名称\n ssh:\n publicKey: 公钥\n privateKey: 私钥\n basic:\n username: 用户名\n password: 密码\n namespaceGroup: \"命名空间:{name}\"\n chooseExisting: \"选择一个已有的密钥\"\n createSsh: 创建一个新的SSH密钥对\n createBasic: 创建一个新的HTTP Basic Auth 密钥\n\nservicePorts:\n header:\n label: 端口规则\n rules:\n listening:\n label: 监听端口\n placeholder: 例如:8080\n name:\n label: 端口名称\n placeholder: 例如:myport\n node:\n label: 节点端口\n placeholder: 例如:80\n protocol:\n label: 协议\n target:\n label: 目标端口\n placeholder: 例如:80 或 http\n\nserviceTypes:\n clusterip: 集群 IP 地址\n externalname: 外部 DNS 名称\n headless: Headless\n loadbalancer: 负载均衡\n nodeport: 节点端口\n\nservicesPage:\n anyNode: 任何节点\n labelsAnnotations:\n label: 标签和注释信息\n affinity:\n actionLabels:\n clientIp: 客户端 IP\n none: 未配置会话保持\n helpText: 根据其源 IP 将连接映射到一个一致的目标\n label: 会话保持\n timeout:\n label: 会话粘滞时间\n placeholder: 以秒为单位,例如 10800 表示 10800 秒,即 48 分钟\n externalName:\n define: DNS 名称\n helpText: \"外部名称的目的是指定一个 DNS 名称。如果要硬编码一个 IP 地址,请使用 headless 服务。\"\n label: 外部 DNS 服务名称\n placeholder: 例如:my.database.example.com\n input:\n label: DNS名称\n ips:\n define: 定义服务端口\n clusterIpHelpText: Cluster IP 地址必须在为 API 服务器配置的 CIDR 范围内。\n external:\n label: 外部 IP\n placeholder: 例如:1.1.1.1\n protip: 集群中哪些节点也将接受该服务的流量的 IP 地址列表\n input:\n label: 集群 IP\n placeholder: 例如:10.43.XXX.XXX\n label: 监听 IP\n pods:\n #label: Pods\n ports:\n label: 端口\n selectors:\n helpText: \"如果没有创建选择器,则必须手动输入端点。\"\n label: 选择器\n matchingPods:\n matchesSome: |-\n {matched, plural,\n =0 {与{total, number}个pods中的0个匹配。如果没有创建选择器,必须进行手动端点。}\n =1 {与{total, number}个pods中的1个匹配: \"{sample}\"}\n other {与{total, number}个pods中的{matched, number}个匹配,包括 \"{sample}\"。}\n }\n serviceTypes:\n clusterIp:\n abbrv: IP\n description: 在集群内部 IP 上公开服务。选择此值使服务只能从集群内部访问。这是默认类型。\n label: 集群 IP\n externalName:\n abbrv: EN\n description: \"将服务与`externalName`字段的内容(如 foo.bar.example.com)进行映射,返回一个带有其值的 CNAME 记录。没有设置任何形式的代理。\"\n label: 外部 DNS 服务名称\n headless:\n abbrv: H\n description: 既没有定义集群 IP,也没有定义负载均衡器。这些是用来与 Kubernetes 实现之外的其他服务发现机制对接的。没有分配集群 IP,kube-proxy 也不处理这些服务。\n label: Headless\n loadBalancer:\n abbrv: LB\n description: 使用云提供商的负载平衡器向外部暴露服务。\n label: 负载均衡器\n nodePort:\n abbrv: NP\n description: \"在每个节点的 IP 上以静态端口(`NodePort`)公开服务。您将能够通过请求`:`从集群外部联系这种类型的服务。\"\n label: 节点端口\n typeOpts:\n label: 服务类型\n\nsortableTable:\n actionAvailability:\n selected: \"已选择 {actionable} 项\"\n some: \"一共有 {total} 项,符合条件的有 {actionable} 项\"\n noData: 没有匹配项\n noRows: 没有内容显示\n noActions: 没有可用的操作\n paging:\n generic: |-\n {pages, plural,\n =0 {无项目}\n =1 {{count}项}\n other {{count}项中的第{from} - {to}项}}\n resource: |-\n {pages, plural,\n =0 {No {pluralLabel}}\n =1 {{count} {count, plural, =1 {{singularLabel}} other {{pluralLabel}}}}\n other {{from} - {to} of {count} {pluralLabel}}}\n search: Filter\n\nstorageClass:\n actions:\n setAsDefault: 设置为默认配置\n resetDefault: 重设默认配置\n parameters:\n label: 参数\n customize:\n label: 自定义\n reclaimPolicy:\n label: 回收策略\n delete: 删除存储卷时,同时删除卷和底层设备。\n retain: 保留存储卷,以通过手动清理。\n allowVolumeExpansion:\n label: 允许扩展存储卷\n enabled: 允许\n disabled: 不允许\n volumeBindingMode:\n label: 存储卷卷绑定模式\n now: 在创建PersistentVolumeClaim时,立即绑定并配置一个持久卷\n later: 创建了使用PersistentVolumeClaim的Pod之后,再绑定并配置一个持久卷。\n mountOptions:\n label: 挂载存储卷选项\n addlabel: 添加选项\n aws-ebs:\n title: Amazon EBS磁盘\n volumeType:\n label: 存储卷类型\n #gp2: GP2 - General Purpose SSD\n #io1: IO1 - Provisioned IOPS SSD\n #st1: ST1 - Throughput-Optimized HDD\n #sc1: SC1 - Cold-Storage HDD\n provisionedIops:\n #label: Provisioned IOPS\n suffix: 每秒,每GB\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext4\n availabilityZone:\n label: 可用区\n automatic: '自动选择:选择节点所在区域作为可用区'\n manual: '手动选择:自行指定一个可用区'\n placeholder: 例如:us-east-1d, us-east-1c\n encryption:\n label: 加密\n enabled: 启用\n disabled: 不启用\n keyId:\n label: 用于加密的KMS密钥ID\n automatic: '自动:生成一个密钥'\n manual: '手动:使用一个指定的密钥(full ARN)'\n azure-disk:\n title: Microsoft Azure磁盘\n storageAccountType:\n label: Storage Account类型\n placeholder: 例如:Standard_LRS\n kind:\n label: 类型\n shared: 共享 (unmanaged disk)\n dedicated: 独享 (unmanaged disk)\n managed: 管理\n azure-file:\n title: Azure文件\n skuName:\n label: Sku名称\n placeholder: 例如:Standard_LRS\n location:\n label: 位置\n placeholder: 例如:eastus\n storageAccount:\n #label: Storage Account\n placeholder: 例如:azure_storage_account_name\n gce-pd:\n title: Google Persistent磁盘\n volumeType:\n label: 存储卷类型\n standard: 标准\n ssd: SSD\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext4\n availabilityZone:\n label: 可用区\n automatic: '自动选择:选择节点所在区域作为可用区'\n manual: '手动选择:自行指定一个可用区'\n placeholder: 例如:us-east-1d和us-east-1c\n replicationType:\n label: 副本类型\n zonal: 可用区\n regional: 区域\n longhorn:\n #title: Longhorn\n addLabel: 添加参数\n vsphere-volume:\n title: VMWare vSphere卷\n diskFormat:\n label: 磁盘格式\n #thin: Thin\n #zeroedthick: Zeroed Thick\n #eagerzeroedthick: Eager Zeroed Thick\n storagePolicyName:\n label: 存储策略名称\n placeholder: 例如:gold\n datastore:\n #label: Datastore\n placeholder: 例如:VSANDatastore\n hostFailuresToTolerate:\n label: 容忍主机失败的次数\n placeholder: 例如:2\n cacheReservation:\n label: 预留缓存的大小\n placeholder: 例如:20\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext3\n custom:\n addLabel: 添加参数\n glusterfs:\n title: Gluster Volume(不支持)\n restUrl:\n label: REST URL\n placeholder: 例如:http://127.0.0.1:8081\n restUser:\n label: REST 用户\n placeholder: 例如:admin\n restUserKey:\n label: REST 用户密钥\n placeholder: 例如:password\n secretNamespace:\n label: 密钥所在的命名空间\n placeholder: 例如:default\n secretName:\n label: 密钥名称\n placeholder: 例如:heketi-secret\n clusterId:\n label: 集群ID\n placeholder: 例如:630372ccdc720a92c681fb928f27b53f\n gidMin:\n label: GID MIN\n placeholder: 例如:40000\n gidMax:\n label: GID MAX\n placeholder: 例如:50000\n volumeType:\n label: 卷类型\n placeholder: 例如:eplicate:3\n cinder:\n title: Openstack Cinder Volume(不支持)\n volumeType:\n label: 卷类型\n placeholder: 例如:fast\n availabilityZone:\n label: 可用区\n automatic: \"自动选择:选择节点所在区域作为可用区\"\n manual:\n label: \"手动选择:自行指定一个可用区\"\n placeholder: 例如:nova\n rbd:\n title: Ceph RBD(不支持)\n monitors:\n label: 监控\n placeholder: 例如:10.16.153.105:6789\n adminId:\n #label: Admin ID\n placeholder: 例如:kube\n adminSecretNamespace:\n label: Admin密钥所在的命名空间\n placeholder: 例如:kube-system\n adminSecret:\n label: Admin密钥\n placeholder: 例如:Secret\n pool:\n label: 池\n placeholder: 例如:kube\n userId:\n label: 用户ID\n placeholder: 例如:kube\n userSecretNamespace:\n label: 用户密钥所在的命名空间\n placeholder: 例如:default\n userSecretName:\n label: 用户密钥名称\n placeholder: 例如:ceph-secret-user\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext4\n imageFormat:\n label: 镜像格式\n placeholder: 例如:2\n imageFeatures:\n label: 镜像功能\n placeholder: 例如:layering\n quobyte:\n title: Quobyte Volume (不支持)\n quobyteApiServer:\n label: Quobyte API Server\n placeholder: 例如:http://138.68.74.142:7860\n registry:\n label: 仓库IP地址\n placeholder: 例如:138.68.74.142:7861\n adminSecretNamespace:\n label: Admin密钥所在的命名空间\n placeholder: 例如:kube-system\n adminSecretName:\n label: Admin密钥名称\n placeholder: 例如:quobyte-admin-secret\n user:\n label: 用户\n placeholder: 例如:root\n group:\n label: 用户组\n placeholder: 例如:root\n quobyteConfig:\n label: Quobyte配置\n placeholder: 例如:BASE\n quobyteTenant:\n label: Quobyte租户角色\n placeholder: 例如:DEFAULT\n portworx-volume:\n title: Portworx Volume(不支持)\n filesystem:\n label: 文件系统类型\n placeholder: 例如:ext4\n blockSize:\n label: 区块大小\n placeholder: 例如:32\n repl:\n label: Repl\n placeholder: 例如:1; 0 for entire device\n ioPriority:\n label: I/O优先级\n placeholder: 例如:low\n snapshotsInterval:\n label: 快照间隔\n placeholder: 例如:70\n aggregationLevel:\n label: 聚合水平\n placeholder: 例如:0\n ephemeral:\n #label: Ephemeral\n placeholder: 例如:true\n scaleio:\n title: ScaleIO Volume(不支持)\n gateway:\n label: 网关\n placeholder: 例如:https://192.168.99.200:443/api\n system:\n label: 系统\n placeholder: 例如:scaleio\n protectionDomain:\n #label: Protection Domain\n placeholder: 例如:pd0\n storagePool:\n label: 存储池\n placeholder: 例如:sp1\n storageMode:\n label: 存储模式\n #thin: Thin Provisioned\n #thick: Thick Provisioned\n secretRef:\n #label: Secret Ref\n placeholder: 例如:sio-secret\n readOnly:\n label: 只读\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:xfs\n storageos:\n title: StorageOS(不支持)\n pool:\n label: 池\n placeholder: 例如:default\n description:\n label: 描述\n placeholder: 例如:Kubernetes volume\n filesystemType:\n label: 文件系统类型\n placeholder: 例如:ext4\n adminSecretNamespace:\n label: Admin密钥所在的命名空间\n placeholder: 例如:default\n adminSecretName:\n label: Admin密钥名称\n placeholder: 例如:storageos-secret\n no-provisioner:\n title: 本地存储(不支持)\n\ntableHeaders:\n #accessKey: Access Key\n address: 地址\n age: 存活时间\n apiGroup: API 分组\n authRoles:\n globalDefault: 新用户默认\n clusterDefault: 集群创建者默认\n projectDefault: 项目创建者默认\n branch: 分支\n builtIn: 内置\n #bundlesReady: Bundles\n bundleDeploymentsReady: 部署\n builtin: 内建\n #chart: Chart\n clusterCreatorDefault: 默认集群创建者\n #clusterFlow: Cluster Flow\n #clusterOutput: Cluster Output\n clusters: 集群\n clustersReady: 就绪的集群\n clusterGroups: 集群组\n #commit: Commit\n condition: 状态\n #customVerbs: Custom Verbs\n description: 描述\n expires: 过期时间\n providers: 配置提供商\n #cpu: CPU\n date: 日期\n default: 默认\n destination: 目标\n download: 下载\n effect: 影响\n endpoints: 端点\n #flow: Flow\n gitRepos: Git 代码仓库\n host: |-\n {count, plural,\n one { 主机 }\n other { 主机 }\n }\n image: 镜像\n imageSize: 大小\n ingressDefaultBackend: 默认\n ingressTarget: 目标\n internalExternalIp: 外网 IP 地址或内网 IP 地址\n jobs: Jobs\n key: 密钥\n keys: 数据\n lastUpdated: 最后更新时间\n lastSeen: 最后出现\n loggingOutputProviders: Providers\n machines: 机器\n matches: 匹配\n maxKubernetesVersion: 最大 Kubernetes 版本\n message: 信息\n minKubernetesVersion: 最小 Kubernetes 版本\n name: 名称\n nameDisplay: 显示名称\n nameUnlinked: 名称\n namespace: 命名空间\n namespaceName: 命名空间名称\n namespaceNameUnlinked: 名称\n node: 节点\n nodeName: 节点名称\n nodesReady: 就绪节点\n #nodePort: Node Port\n object: 对象\n output: 输出\n p95: 95 百分位数\n persistentVolumeSource: 持久卷源\n podImages: 镜像\n #pods: Pods\n port: 端口\n protocol: 协议\n provider: 提供商\n publicPorts: 公有端口\n ram: 内存(RAM)\n rbac:\n create: 创建\n delete: 删除\n get: 查询\n list: 列表\n patch: 修改\n update: 更新\n watch: 监控\n ready: 就绪\n reason: 原因\n repo: Repo\n reposReady: 就绪的 Repo\n replicas: 副本数量\n reqRate: 请求频率\n resource: 资源\n resources: 资源\n restarts: 重启\n rioImage: Rio 镜像\n role: 角色\n roles: 角色\n scale: 比例\n scope: 规模\n selector: 选择器\n simpleName: 名称\n simpleScale: 比例\n simpleType: 类型\n started: 已开始\n state: 状态\n status: 状态\n storage_class_provisioner: 提供者\n subject: 主题\n subType: 类型\n success: 成功\n summary: 概述\n target: 目标\n targetKind: 目标类型\n targetPort: 目标端口\n type: 类型\n updated: 更新\n upgrade: 升级\n url: URL 地址\n userDisplayName: 显示名称\n userId: 用户 ID\n userStatus: 用户状态\n username: 本地用户名\n value: 值\n version: 版本号\n weight: 权重\n\ntarget:\n router:\n label: 路由\n placeholder: 选择路由\n service:\n label: 服务(svc)\n placeholder: 选择服务\n title: 目标\n version:\n label: 版本\n placeholder: 选择版本\n\nuser:\n detail:\n username: 用户名\n globalPermissions:\n label: 全局权限\n description: 管理影响整个安装的资源的权限\n adminMessage: 该用户是一个管理员,拥有所有权限\n tableHeaders:\n permission: 权限\n clusterRoles:\n label: 集群角色\n description: 授予一个用户在某个集群的角色\n tableHeaders:\n cluster: 集群\n projectRoles:\n label: 项目角色\n description: 授予一个用户在某个项目的角色\n tableHeaders:\n project: 项目\n generic:\n tableHeaders:\n role: 角色\n #granted: Granted\n edit:\n credentials:\n label: 凭证\n username:\n label: 用户名\n placeholder: 例如:jsmith\n exists: '用户名已被使用。请选择一个新的用户名'\n displayName:\n label: 显示名称\n placeholder: 例如:John Smith\n userDescription:\n label: 描述\n placeholder: 例如:This account is for John Smith\n list:\n errorRefreshingGroupMemberships: 刷新小组成员名单时出错,请重试\nvalidation:\n arrayLength:\n between: '\"{key}\" 应该包含 {min} 至 {max} {max, plural, =1 {项} other {项}}'\n exactly: '\"{key}\" 应该包含 {count, plural, =1 {#项} other {#项}}'\n max: '\"{key}\" 应该包含最多 {count} {count, plural, =1 {项} other {项}}'\n min: '\"{key}\" 应该包含最少 {count} {count, plural, =1 {项} other {项}}'\n boolean: '\"{key}\" 必须是一个布尔值'\n chars: '\"{key}\" 包含 {count, plural, =1 {一个无效字符} other {#多个无效字符}}: {chars}'\n custom:\n missing: \"{validatorName}不存在校验! 该校验是否存在于自定义校验中?名字的拼写是否正确?\"\n dns:\n doubleHyphen: '\"{key}\" 不能包含两个或多个连续的连字符“-”'\n hostname:\n empty: '\"{key}\" 必须至少包含一个字符'\n emptyLabel: '\"{key}\" 不能包含两个连续的点“.”'\n endDot: '\"{key}\" 不能以点“.”结束'\n endHyphen: '\"{key}\" 不能以连字符“-”结束'\n startDot: '\"{key}\" 不能以点“.”开始'\n startHyphen: '\"{key}\" 不能以连字符“-”开始'\n startNumber: '\"{key}\" 不能以数字开始'\n tooLong: '\"{key}\" 的长度不能超过 {max} 个字符数量'\n tooLongLabel: '\"{key}\" 不能包含超过 {max} 字符的部分'\n label:\n emptyLabel: '\"{key}\" 不能为空'\n endHyphen: '\"{key}\" 不能以连字符“-”结束'\n startHyphen: '\"{key}\" 不能以连字符“-”开始'\n startNumber: '\"{key}\" 不能以数字开始'\n tooLongLabel: '\"{key}\" 的长度不能超过 {max} 个字符数量'\n flowOutput:\n global: 需要选择 \"集群输出\"。\n both: 需要选择 \"输出\" 或 \"集群输出\"。\n output:\n logdna:\n apiKey: 需要设置一个 \"Api 密钥\"。\n invalidCron: 无效 cron 调度\n k8s:\n identifier:\n emptyLabel: '\"{key}\" 不能为空'\n emptyPrefix: '\"{key}\" 不能为空'\n endLetter: '\"{key}\" 末位必须是字母或数字'\n startLetter: '\"{key}\" 首位必须是字母或数字'\n tooLongKey: '\"{key}\" 的长度不能超过 {max} 个字符数量'\n tooLongPrefix: '\"{key}\" 前缀不能超过 {max} 个字符数量'\n noSchema: 没有找到可以验证的模式\n noType: 无类型可验证\n number:\n between: '\"{key}\" 的长度必须在 {min} 和 {max} 之间'\n exactly: '\"{key}\" 的长度必须是 {val}'\n max: '\"{key}\" 的长度必须小于或等于 {val}'\n min: '\"{key}\" 的长度必须大于或等于 {val}'\n podAffinity:\n affinityTitle: Pod 亲和性\n antiAffinityTitle: Pod 反亲和性\n requiredDuringSchedulingIgnoredDuringExecution: 需要规则\n preferredDuringSchedulingIgnoredDuringExecution: 优先规则\n topologyKey: Rule [{index}] of {group} {rules} - 拓扑键是必需的。\n matchExpressions:\n operator: Rule [{index}] of {group} {rules} - operator must be one of 'In', 'NotIn', 'Exists', 'DoesNotExist'\n valueMustBeEmpty: Rule [{index}] of {group} {rules} - value must be empty if operator is 'Exists' or 'DoesNotExist'\n valuesMustBeDefined: Rule [{index}] of {group} {rules} - value must be defined if operator is 'In' or 'NotIn'\n port: 端口号的取值范围是1到65535之间的任何数字。\n prometheusRule:\n groups:\n required: 至少需要一个规则组。\n singleAlert: 规则可以包含警告规则或记录规则,但不能同时包含两者。\n valid:\n name: '规则组需要名称 {index}.'\n rule:\n alertName: '规则组{groupIndex}规则{ruleIndex}需要一个警报名称。 '\n expr: '规则组{groupIndex}规则{ruleIndex}需要一个PromQL表达式'\n labels: '规则组{groupIndex}规则{ruleIndex}至少需要一个标签。建议使用严重程度作为标签。'\n recordName: '规则组{groupIndex}规则{ruleIndex}需要一个时间序列名称。'\n singleEntry: '在规则组{index}中至少需要一个警报规则或一个记录规则。'\n required: '\"{key}\"是必填项'\n requiredOrOverride: '\"{key}\" 是必须的或必须允许覆盖的'\n roleTemplate:\n roleTemplateRules:\n missingVerb: 你必须为每个资源授予指定至少一个动作\n missingResource: 你必须为每个资源授予至少指定一个资源、非资源URL或API组\n missingApiGroup: 你必须为每个资源授予指定一个API组\n missingOneResource: 你必须为每个资源授予至少指定一个资源、非资源URL或API组\n service:\n externalName:\n none: '使用外部 DNS 服务时,External Name 是必填项'\n ports:\n name:\n required: \"端口规则 [{position}] - 端口名称是必填项\"\n nodePort:\n requriedInt: \"端口规则 [{position}] - 如果包含节点端口,则节点端口必须是整数值,例如:80\"\n port:\n required: \"端口规则 [{position}] - 端口是必填项\"\n requriedInt: \"端口规则 [{position}] - 如果包含端口,则端口必须是整数值,例如:80\"\n targetPort:\n between: \"端口规则 [{position}] - 目标端口的取值范围是: 1~65535\"\n iana: \"端口规则 [{position}] - 目标端口必须是 IANA 服务名称或整数值\"\n ianaAt: \"端口规则 [{position}] - 目标端口 \"\n required: \"端口规则 [{position}] - 目标端口是必填项\"\n stringLength:\n between: '\"{key}\" 的长度必须在 {min} 和 {max} 之间 {max, plural, =1 {字符} other {字符}}'\n exactly: '\"{key}\" 的长度必须是 {count, plural, =1 {#字符} other {#字符}}'\n max: '\"{key}\" 的长度必须小于或等于 {count} {count, plural, =1 {字符} other {字符}}'\n min: '\"{key}\" 的长度必须大于或等于 {count} {count, plural, =1 {字符} other {字符}}'\n targets:\n missingProjectId: 一个目标必须选定一个项目。\n monitoring:\n route:\n match: 必须选择至少一个匹配或匹配正则表达式\n interval: '\"{key}\" 必须是以数字后跟单位(如 1h, 2m, 30s)的格式。'\n\nwizard:\n back: 返回\n finish: 完成\n next: 下一步\n step: \"步骤 {number}:\"\n\nwm:\n connection:\n connected: 已连接\n connecting: 正在连接…\n disconnected: 已断开连接\n error: 错误\n containerLogs:\n clear: 清除\n containerName: \"容器: {label}\"\n download: 下载\n follow: 回到底部\n noData: 在当前范围内没有日志条目显示\n noMatch: 没有符合当前过滤条件的数据\n previous: 使用前一个容器\n range:\n all: 全部\n hours: |-\n {value, number}\n {value, plural,\n =1 {小时}\n other {小时}\n }\n label: 显示最后一个\n lines: \"{value, number}行\"\n minutes: |-\n {value, number} {value, plural,\n =1 {分}\n other {分}\n }\n search: 过滤条件\n timestamps: 显示时间戳\n wrap: 自动换行\n containerShell:\n clear: 清除\n containerName: \"容器:{label}\"\n kubectlShell:\n #title: \"Kubectl: {name}\"\n\nworkload:\n container:\n command:\n addEnvVar: 添加\n args: 命令 (CMD)\n as: 作为\n command: 入口 (Entrypoint)\n env: 环境变量\n fromResource:\n key:\n label: 键\n placeholder: \"例如:metadata.labels['']\"\n name:\n label: 变量名\n placeholder: \"例如:FOO\"\n prefix: 前缀\n source:\n label: 源\n placeholder: 例如:my-container\n secret: 密文\n configMap: 配置映射\n containerName: 容器名称\n type: 类型\n value:\n label: 值\n placeholder: 例如:bar\n #tty: TTY\n workingDir: 工作目录\n stdin: 标准输入\n containerName: 容器名称\n healthCheck:\n checkInterval: 检查间隔\n command:\n command: 运行命令\n failureThreshold: 故障阈值\n httpGet:\n headers: 请求头\n path: 请求路径\n port: 检查端口\n initialDelay: 初始延迟\n livenessProbe: 存活检查\n livenessTip: 当该检查失败时,将重新启动容器,不建议用于大多数用途。\n noHealthCheck: \"没有给容器配置存活、就绪或启动探测器\"\n readinessProbe: 就绪检查\n readinessTip: 当该检查失败时,会将容器从服务端点中移除,建议配置该检查。\n startupProbe: 启动检查\n startupTip: 容器在尝试其他健康检查之前,将等待此检查成功。\n successThreshold: 成功阈值\n timeout: 超时时间\n kind:\n none: 无\n HTTP: HTTP 请求返回成功的状态 (200-399)\n HTTPS: HTTPS 请求返回成功的状态\n tcp: 成功启动 TCP 连接\n exec: 容器内运行的命令以 0 状态退出\n image: 容器镜像\n imagePullPolicy: 拉取镜像策略\n imagePullSecrets: 拉取密钥\n init: 初始化容器\n name: 容器名称\n noResourceLimits: 没有配置资源需求。\n noPorts: 当前没有配置端口。\n ports:\n createService: 服务类型\n noCreateService: 不创建服务\n containerPort: 容器端口\n hostIP: 主机 IP\n hostPort: 公共主机端口\n name: 名称\n protocol: 协议\n listeningPort: 监听端口\n removeContainer: 移除容器\n security:\n addCapabilities: 添加功能\n addGroupIDs: 添加组 ID\n allowPrivilegeEscalation:\n label: 允许权限提升\n 'false': 否\n 'true': \"是,容器可以获得比其父进程更多的权限。\"\n dropCapabilities: 弃用 Capabilities\n fsGroup: Filesystem 组\n hostIPC: 使用主机 IPC 命名空间\n hostPID: 只用主机 PID 命名空间\n privileged:\n label: 特权模式\n 'false': 否\n 'true': \"是,容器拥有访问主机全部权限\"\n readOnlyRootFilesystem:\n label: 只读 Root Filesystem\n 'false': 否\n 'true': \"是,容器有一个只读的文件系统\"\n runAsGroup: 以群组 ID 运行\n runAsNonRoot:\n label: 以非 Root 方式运行\n false: 否\n true: \"是,容器必须以非 root 用户的身份\"\n runAsNonRootOptions:\n noOption: \"否\"\n yesOption: \"是:容器必须以非 root 用户的身份运行。\"\n runAsUser: 以用户 ID 运行\n shareProcessNamespace: 共享单一进程命名空间\n supplementalGroups: 其他组别 ID\n sysctls: Sysctls\n sysctlsKey: 名称\n standard: 标准容器\n titles:\n container: 容器配置\n command: 命令\n containers: 容器\n env: 环境变量\n events: 事件\n healthCheck: 健康检查\n image: 镜像\n networking: 网络\n networkSettings: 网络设置\n podAnnotations: Pod 注释\n podLabels: Pod 标签\n podScheduling: Pod 调度\n nodeScheduling: 节点调度\n ports: 端口映射\n resources: 资源限制和预留\n securityContext: 安全性上下文\n status: 状态\n volumeClaimTemplates: PVC 模板\n upgrading: 扩缩容/升级策略\n cronSchedule: 定时调度\n detail:\n #pods:\n #title: Pods\n detailTop:\n node: 节点\n #podIP: Pod IP\n podRestarts: Pod 重启\n workload: 工作负载\n #pods: Pods by State\n #runs: Runs\n gaugeStates:\n #active: Active\n #transitioning: Transitioning\n warning: 警告\n error: 错误\n succeeded: 成功\n running: 运行中\n failed: 失败\n hideTabs: '隐藏高级选项'\n job:\n activeDeadlineSeconds:\n label: 活动终止时间\n tip: Job 在系统试图终止它之前可能处于活动状态的持续时间。\n backoffLimit:\n label: 重试次数\n tip: 标记此 Job 失败之前的重试次数。\n completions:\n label: 完成 Job 历史数\n tip: Job 应该运行的成功完成的 Pod 数。\n failedJobsHistoryLimit:\n label: 失败 Job 历史数\n tip: 要保留的失败的已完成 Job 的数量。\n parallelism:\n label: 并发数\n tip: Job 在给定时间应同时运行的 Pod 的最大数量。\n startingDeadlineSeconds:\n label: 运行 Job 的截止时间\n tip: 如果 Job 错过了调度时间,再次尝试运行 Job 的截止时间,单位是秒\n successfulJobsHistoryLimit:\n label: 历史 Successful Job 累计数量\n tip: 保留 Successful Job 的数量\n suspend: 停止\n networking:\n dnsPolicy:\n label: DNS 策略\n options:\n clusterFirst: 与配置的集群域后缀不匹配的任何 DNS 查询(例如 “www.kubernetes.io”) 都将转发到从节点继承的上游名称服务器。集群管理员可能配置了额外的存根域和上游 DNS 服务器。\n clusterFirstWithHostNet: 对于以 hostNetwork 方式运行的 Pod,应显式设置其 DNS 策略 \"ClusterFirstWithHostNet\"。\n default: 此设置允许 Pod 忽略 Kubernetes 环境中的 DNS 设置。Pod 会使用其 dnsConfig 字段所提供的 DNS 设置。\n none: None\n placeholder: 请选择一个 DNS 策略\n hostAliases:\n add: 添加\n keyLabel: IP 地址\n keyPlaceholder: 例如:1.1.1.1\n label: 主机别名\n tip: 使用主机别名向 Pod /etc/hosts 文件添加条目\n valueLabel: 主机名\n valuePlaceholder: \"例如:foo.com, bar.com\"\n hostname:\n label: 主机名\n placeholder: 例如:web\n nameservers:\n add: 添加\n label: DNS 服务器地址\n placeholder: 例如:1.1.1.1\n networkMode:\n label: 网络模式\n options:\n hostNetwork: 主机网络\n normal: 集群网络\n placeholder: 请选择网络模式\n dns: DNS 服务器地址和搜索域\n resolver:\n label: DNS 解析选项\n add: 添加\n searches:\n add: 添加\n label: 搜索域\n placeholder: 例如:mycompany.com\n subdomain:\n label: 子域名\n placeholder: 例如:web\n validation:\n containers: 容器\n containerImage: 容器{{name} - “容器镜像 \"是必需的。\n replicas: 副本\n showTabs: '显示高级选项'\n scheduling:\n activeDeadlineSeconds: 判定 Pod 是否活跃的截止时间\n activeDeadlineSecondsTip: 系统将 Pod 判定为 failed 并杀死其关联的容器前的等待时长\n affinity:\n addNodeSelector: 添加节点选择器\n anyNode: 自动匹配节点运行 Pods\n affinityTitle: 在这些选择器匹配的节点上运行 Pod\n antiAffinityTitle: 在不与这些选择器匹配的节点上运行 Pod\n affinityOption: 亲和性\n antiAffinityOption: 反亲和性\n matchExpressions:\n addRule: 添加规则\n doesNotExist: 不存在\n exists: 存在\n #greaterThan: \">\"\n in: '='\n inNamespaces: \"在这些命名空间中的 Pod:\"\n key: 键\n #lessThan: <\n namespaces: 命名空间\n notIn: ≠\n operator: 运算符\n value: 值\n weight: 权重\n noPodRules: 没有配置 Pod 调度策略\n nodeName: 节点名称\n priority: 优先级\n preferAny: \"倾向于任何一种:\"\n preferred: 首选\n required: 最好\n requireAny: \"需要以下任何一种:\"\n schedulingRules: 通过调度规则匹配节点运行 Pods\n specificNode: 指定节点运行 Pods\n thisPodNamespace: 此 Pod 的命名空间\n topologyKey:\n label: 拓扑键\n placeholder: 例如:failure-domain.beta.kubernetes.io/zone\n type: 类型\n priority:\n className: 优先级名称\n priority: 优先级\n terminationGracePeriodSeconds: 终止宽限期\n terminationGracePeriodSecondsTip: 终止 Pod 运行前的宽限期\n titles:\n advanced: 高级选项\n nodeScheduling: 节点调度\n nodeSelector: 具有以下标签的节点\n podScheduling: Pod 调度\n priority: 优先级\n tab: 调度\n tolerations: 容忍\n limits: 限制和预留\n tolerations:\n addToleration: 添加\n effect: 影响\n effectOptions:\n all: 全部\n noExecute: 不执行\n noSchedule: \"不调度\"\n preferNoSchedule: 倾向于不调度\n labelKey: 标签键\n operator: 运算符\n operatorOptions:\n equal: =\n exists: 存在\n tolerationSeconds: 时间\n value: 值\n serviceName: 服务名称\n storage:\n subtypes:\n secret: 密文\n configMap: 配置映射\n hostPath: Bind-Mount\n persistentVolumeClaim: PVC\n createPVC: 创建 PVC\n #csi: CSI\n #nfs: NFS\n #awsElasticBlockStore: Amazon EBS Disk\n #azureDisk: Azure Disk\n #azureFile: Azure File\n #gcePersistentDisk: Google Persistent Disk\n #driver.longhorn.io: Longhorn\n #vsphereVolume: VMWare vSphere Volume\n addClaim: 添加 pvc\n addMount: 添加\n addVolume: 添加卷\n certificate: 证书\n csi:\n diskName: 磁盘名称\n diskURI: 磁盘 URI\n cachingMode:\n label: 缓存模式\n options:\n none: 无\n readOnly: 只读\n readWrite: 读写\n kind:\n label: 种类\n options:\n dedicated: 专用\n managed: 管理\n shared: 共用\n drivers:\n #driver.longhorn.io: Longhorn\n fsType: 文件系统类型\n shareName: 共享名\n secretName: 密文名称\n volumeID: 卷 ID\n partition: 分区\n pdName: 持久磁盘名称\n storagePolicyID: 存储策略 ID\n storagePolicyName: 存储策略名称\n volumePath: 存储卷路径\n defaultMode: 默认模式\n driver: 驱动\n hostPath:\n label: 节点上的路径必须是\n options:\n default: '任何东西:不检查目标路径'\n directoryOrCreate: 一个目录,如果不存在,则创建一个目录\n directory: 现有目录\n fileOrCreate: 一个文件,如果它不存在,则创建一个文件\n file: 现有文件\n socket: 现有 socket\n charDevice: 现有的字符设备\n blockDevice: 现有块设备\n mountPoint: 容器挂载路径\n nodePath: 路径或节点\n optional:\n label: 选填项\n 'no': '否'\n 'yes': '是'\n path: 路径\n readOnly: 只读\n server: Server\n\n subPath: 卷内子路径\n title: '存储'\n volumeName: 卷名称\n volumePath: 卷路径\n typeDescriptions:\n apps.daemonset: DaemonSets 在每个符合条件的节点上正好运行一个 pod。当新节点被添加到集群中时,DaemonSets 会自动部署到它们身上。推荐用于全系统或可垂直扩展的工作负载,每个节点永远不需要超过一个 pod。\n apps.deployment: 部署运行分布在符合条件的节点中的可扩展数量的 pod 副本。变更会逐步推出,并可在需要时回滚到之前的版本。推荐用于无状态和水平可扩展的工作负载。\n apps.statefulset: StatefulSets 管理有状态的应用程序,并提供关于创建的 pod 的顺序和唯一性的保证。推荐用于具有持久性存储或严格身份、法定人数或升级顺序要求的工作负载。\n batch.cronjob: CronJobs 创建 Job,然后按照重复的时间表运行 Pod。该计划以标准的 Unix cron 格式表示,并使用 Kubernetes 控制平面的时区(通常是 UTC)。\n batch.job: 作业创建一个或多个 pod,通过运行一个 pod 直到成功退出,可靠地执行一次性任务。失败的 pod 会自动替换,直到达到指定的完成运行次数。作业还可以并行运行多个 pod,或作为批处理工作队列。\n upgrading:\n activeDeadlineSeconds:\n label: 判定 Pod 是否活跃的截止时间\n tip: 系统将 Pod 判定为 failed 并杀死其关联的容器前的等待时长\n concurrencyPolicy:\n label: 并发策略\n options:\n allow: 允许多个 CronJobs 同时运行\n forbid: 如果当前运行还没有结束,则跳过下一个运行\n replace: 如果当前运行还没有结束,则替换运行\n maxSurge:\n label: 最大 Pod 数量\n tip: 在任何给定时间内允许超出所需规模的最大 Pod 数量。\n maxUnavailable:\n label: 最大不可用数量\n tip: 在任何给定时间内无法使用的最大 Pod 数量。\n minReadySeconds:\n label: Minimum Ready\n tip: 在容器没有崩溃的情况下,Pod 被视为可用的最短期限。\n podManagementPolicy:\n label: Pod 管理策略\n progressDeadlineSeconds:\n label: 进程截止时间\n tip: 在标志部署失败之前,等待部署取得进展的最短期限。\n revisionHistoryLimit:\n label: 修订历史记录限制\n tip: 保留用于回滚的旧 ReplicaSets 的最大数量\n strategies:\n labels:\n delete: \"删除:只有在手动删除旧 pod 时才会创建新 pod\"\n recreate: \"重新创建:杀死所有的 pod,然后启动新的 pod。\"\n rollingUpdate: \"滚动升级:创建新的 pod,直到达到 max surge,然后再删除旧 pod。停用的 pod 数量不能超过设定的最大不可用数量。\"\n terminationGracePeriodSeconds:\n label: 終止宽限期\n tip: 杀死 Pod 前所需的等待时间\n title: 升级中\n\n\n##############################\n# Model Properties\n##############################\nmodel:\n account:\n kind:\n admin: 管理员\n agent: Agent\n project: 环境\n registeredAgent: Registered Agent\n service: 服务\n user: 用户名\n \"catalog.cattle.io.app\":\n firstDeployed: 首次部署\n lastDeployed: 最后部署\n #authConfig:\n #description:\n #ldap: LDAP\n #saml: SAML\n #oauth: OAuth\n #provider:\n #system: System\n #local: Local\n #multiple: Multiple\n #activedirectory: ActiveDirectory\n #azuread: AzureAD\n #github: GitHub\n #keycloak: Keycloak\n #ldap: LDAP\n #openldap: OpenLDAP\n #shibboleth: Shibboleth\n #ping: Ping Identity\n #adfs: ADFS\n #okta: Okta\n #freeipa: FreeIPA\n #googleoauth: Google\n\n cluster:\n name: 集群名称\n ingress:\n displayKind: 7 层负载均衡\n machine:\n role:\n #controlPlane: Control Plane\n #etcd: etcd\n #worker: Worker\n openldapconfig:\n domain:\n help: 只有此目录下的用户才能正常登录。\n label: 用户搜索起点\n placeholder: \"例如:ou=Users,dc=mycompany,dc=com\"\n server:\n label: 主机名称或 IP 地址\n serviceAccountPassword:\n label: Service Account 密码\n serviceAccountUsername:\n label: Service Account 用户名\n projectMember:\n role:\n member: 成员\n owner: 所有者\n readonly: 只读\n restricted: 受限\n service:\n displayKind:\n generic: 服务\n loadBalancer: 4 层负载均衡\n\ntypeDescription:\n #Map of\n #type: Description to be shown on the top of list view describing the type.\n # Should fit on one line.\n # If you link to anything external, it must have\n # target=\"_blank\" rel=\"noopener noreferrer nofollow\"\n cis.cattle.io.clusterscanbenchmark: 基准版本是指使用 kube-bench 运行的基准名称,以及该基准的有效配置参数。\n cis.cattle.io.clusterscanprofile: 配置文件是 CIS 扫描的配置,也就是要使用的基准版本和该基准中要跳过的任何特定测试。\n cis.cattle.io.clusterscan: 创建扫描以根据定义的配置文件在集群上触发 CIS 扫描。扫描完成后会创建一份报告。\n cis.cattle.io.clusterscanreport: 报告是对集群进行 CIS 扫描的结果。\n resources.cattle.io.backup: 创建备份是为了基于资源集执行一次性备份或安排重复性备份。\n resources.cattle.io.restore: 创建还原是为了根据备份文件触发对集群的还原。\n resources.cattle.io.resourceset: 资源集定义了要在备份中存储哪些 CRD 和资源。\n monitoring.coreos.com.servicemonitor: 服务监视器(service monitor )定义了 Prometheus 将获取的服务组和端点,这是定义指标集合的最常见方法。\n monitoring.coreos.com.podmonitor: A pod monitor defines the group of pods that Prometheus will scrape for metrics. The common way is to use service monitors, but pod monitors allow you to handle any situation where a service monitor wouldn't work.\n monitoring.coreos.com.prometheusrule: Prometheus 规则定义了记录和/或警报规则。记录规则可以预先计算值并保存结果,警报规则允许您定义何时向 AlertManager 发送通知的条件。\n monitoring.coreos.com.prometheus: Prometheus 服务器是 deployment 运行的服务,它的刮擦配置和规则是由选定的 ServiceMonitors、PodMonitors 和 PrometheusRules 决定的,它的告警信息将发送给所有选择的具有定制资源配置的 AlertManager。\n monitoring.coreos.com.alertmanager: 告警管理器是 deployment 类型运行的服务,其配置将由同一命名空间中的 密文 指定,该 密文 决定了哪些警报应发送给哪个接收者。\n catalog.cattle.io.clusterrepo: Chart 仓库是一个 Helm 仓库或 Rancher 的基于 git 的应用商店,它提供了集群中可用的 Chart 列表。\n catalog.cattle.io.operation: 操作是指最近应用于集群的 Helm 操作列表。\n catalog.cattle.io.app: 已安装的应用程序 Apps 是通过 Rancher catalog 或通过 Helm CLI 安装的 Helm 3 charts。\n logging.banzaicloud.io.clusterflow: 集群流定义了要从整个集群收集和过滤哪些日志,以及发送输出哪些日志。集群流需要部署在 logging operator 所在的命名空间中。\n logging.banzaicloud.io.flow: 流定义要收集和过滤哪些日志,以及要发送输出哪些日志。该流是一个命名空间资源,这意味着只从部署该流的命名空间收集日志。\n logging.banzaicloud.io.clusteroutput: 集群输出定义可以将日志发送到哪些日志提供程序,并且只有部署在 logging operator 所在的命名空间中时才有效。\n logging.banzaicloud.io.output: 输出定义可以将日志发送到哪些日志提供程序。输出需要在与使用它的流相同的命名空间中。\n logging: 要收集和发送日志,您需要定义流和输出。流定义要收集、筛选哪些日志,以及要发送输出的日志。如果希望收集集群中的所有日志,可以创建一个 ClusterFlow。输出可以在命名空间级别定义,也可以在集群级别定义,并供这两种流类型使用。\n\ntypeLabel:\n management.cattle.io.token: |-\n {count, plural,\n one { API Key }\n other { API Keys }\n }\n cis.cattle.io.clusterscan: |-\n {count, plural,\n one { 扫描 }\n other { 扫描 }\n }\n cis.cattle.io.clusterscanprofile: |-\n {count, plural,\n one { 配置文件 }\n other { 配置文件 }\n }\n cis.cattle.io.clusterscanbenchmark: |-\n {count, plural,\n one { Benchmark 版本 }\n other { Benchmark 版本 }\n }\n catalog.cattle.io.operation: |-\n {count, plural,\n one { 最近的操作 }\n other { 最近的操作 }\n }\n catalog.cattle.io.app: |-\n {count, plural,\n one { 已安装的 App }\n other { 已安装的 Apps }\n }\n catalog.cattle.io.clusterrepo: |-\n {count, plural,\n one { Chart 仓库 }\n other { Chart 仓库 }\n }\n catalog.cattle.io.repo: |-\n {count, plural,\n one { Namespaced Repo }\n other { Namespaced Repos }\n }\n chartInstallAction: |-\n {count, plural,\n one { App }\n other { Apps }\n }\n chartUpgradeAction: |-\n {count, plural,\n one { App }\n other { Apps }\n }\n endpoints: |-\n {count, plural,\n one { Endpoint }\n other { Endpoints }\n }\n fleet.cattle.io.cluster: |-\n {count, plural,\n =1 { 集群 }\n other { 集群 }\n }\n fleet.cattle.io.clustergroup: |-\n {count, plural,\n one { 集群组 }\n other { 集群组 }\n }\n fleet.cattle.io.gitrepo: |-\n {count, plural,\n one { Git 仓库 }\n other {Git 仓库 }\n }\n management.cattle.io.authconfig: |-\n {count, plural,\n one { Auth Provider }\n other { Auth Providers }\n }\n management.cattle.io.feature: |-\n {count, plural,\n one { Feature Flag }\n other { Feature Flags }\n }\n management.cattle.io.setting: |-\n {count, plural,\n one { 高级设置 }\n other { 高级设置 }\n }\n management.cattle.io.fleetworkspace: |-\n {count, plural,\n one { 工作空间 }\n other { 工作空间 }\n }\n #pruh-mee-thee-eyes https://www.prometheus.io/docs/introduction/faq/#what-is-the-plural-of-prometheus\n monitoring.coreos.com.prometheus: |-\n {count, plural,\n one { Prometheus }\n other { Prometheis }\n }\n monitoring.coreos.com.servicemonitor: |-\n {count, plural,\n one { 服务监控 }\n other { 服务监控 }\n }\n monitoring.coreos.com.alertmanager: |-\n {count, plural,\n one { 告警管理 }\n other { 告警管理 }\n }\n monitoring.coreos.com.podmonitor: |-\n {count, plural,\n one { Pod 监控 }\n other { Pod 监控 }\n }\n monitoring.coreos.com.prometheusrule: |-\n {count, plural,\n one { Prometheus 规则 }\n other { Prometheus 规则 }\n }\n monitoring.coreos.com.thanosruler: |-\n {count, plural,\n one { Thanos 规则 }\n other { Thanos 规则 }\n }\n monitoring.coreos.com.receiver: |-\n {count, plural,\n one { 接收者 }\n other { 接收者 }\n }\n monitoring.coreos.com.route: |-\n {count, plural,\n one { 通知 }\n other { 通知 }\n }\n 'management.cattle.io.cluster': |-\n {count, plural,\n one { 所有集群 }\n other { 所有集群 }\n }\n 'cluster.x-k8s.io.cluster': |-\n {count, plural,\n one { CAPI集群 }\n other { CAPI集群 }\n }\n 'rancher.cattle.io.cluster': |-\n {count, plural,\n one { 集群 }\n other { 集群 }\n }\n 'management.cattle.io.user': |-\n {count, plural,\n one { 用户 }\n other { 用户 }\n }\n group.principal: |-\n {count, plural,\n one { 组 }\n other { 组 }\n }\n token: |-\n {count, plural,\n one { API密钥 }\n other { API密钥 }\n }\n\naction:\n clone: 克隆\n disable: 禁用\n download: 下载 YAML\n edit: 编辑配置\n editYaml: 编辑 YAML\n enable: 启用\n openLogs: 查看日志\n refresh: 刷新\n remove: 删除\n view: 查看配置\n viewInApi: API 查看\n activate: 激活\n deactivate: 停用\n show: 显示\n hide: 隐藏\n copy: 复制\n unassign: 取消分配\n\n\nunit:\n sec: secs\n min: mins\n hour: |-\n {count, plural,\n one { 小时 }\n other { 小时 }\n }\n day: |-\n {count, plural,\n one { 天 }\n other { 天 }\n }\nworkloadPorts:\n addPort: 添加\n remove: 移除\n addHost: 添加主机\n\npodAffinity:\n addLabel: 添加 Pod 选择器\n\nkeyValue:\n keyPlaceholder: '例如: foo'\n valuePlaceholder: '例如: bar'\n\n###############################\n### 高级设置\n###############################\n\nadvancedSettings:\n label: 高级设置\n subtext: 一般用户不需要改变这些。请谨慎操作,一旦输入了不正确的值,会破坏你的{appName}安装。从默认设置中定制的设置被标记为 \"已修改\"。\n show: 显示\n hide: 隐藏\n none: 无\n edit:\n label: 编辑设置\n changeSetting: \"修改设置\"\n trueOption: \"True\"\n falseOption: \"False\"\n value: 值\n useDefault: 复制默认值\n invalidJSON: 无效的JSON - 请在保存前检查并修改您的输入。\n descriptions:\n 'cacerts': \"验证服务器的证书所需的CA证书。\"\n 'cluster-defaults': '在创建新集群时覆盖RKE默认值。'\n 'engine-install-url': '默认的Docker引擎安装URL(用于大多数节点驱动)。'\n 'engine-iso-url': '默认的操作系统安装URL(用于vSphere驱动)。'\n 'engine-newest-version': '在本次发布时,最新的Docker支持版本。 不满足支持的Docker范围但比这更新的Docker版本将被标记为未测试。'\n 'engine-supported-range': '支持Docker引擎版本的Semver范围。 不符合这个范围的版本将在用户界面中被标记为不支持。'\n 'ingress-ip-domain': '用于自动生成Ingress主机名的通配符DNS域。..将被添加到该域。'\n 'server-url': '默认的{appName}安装网址。必须是HTTPS。你的集群中的所有节点都必须能够到达这里。'\n 'system-default-registry': '用于所有系统Docker镜像的私有仓库。'\n 'ui-index': 'UI的HTML索引。'\n 'ui-pl': 'Private-Label company name.'\n 'ui-issues': '使用一个URL地址来发送新的 \"提交问题 \"报告,而不是将用户发送到GitHub问题页面。'\n 'telemetry-opt': '遥测报告opt-in。'\n 'auth-user-info-max-age-seconds': '在进行认证提供者组成员同步之前,用户认证令牌的最大存活时间。'\n 'auth-user-info-resync-cron': '重新同步认证提供者组成员资格的默认cron时间表。'\n 'cluster-template-enforcement': '非管理员将被限制只能通过预先批准的RKE模板启动集群。'\n 'auth-user-session-ttl-minutes': '用户认证会话的自定义TTL(以分钟为单位)。'\n 'auth-token-max-ttl-minutes': '自定义一个授权令牌的最大TTL(以分钟为单位)。'\n 'rke-metadata-config': '配置RKE元数据刷新参数。'\n 'ui-banners': '分类横幅是用来在页眉、页脚或两者中显示一个自定义的固定横幅。'\n 'ui-default-landing': '用户在登录后登陆的默认页面。'\n editHelp:\n 'ui-banners': 这个设置需要一个JSON对象,包含3个根参数;banner, showHeader, showFooter。banner是一个包含;textColor, background, 和text的对象,其中textColor和background是任何有效的CSS颜色值。\n #enum:\n #'ui-default-landing':\n # ember: Cluster Manager\n #vue: Cluster Explorer\n #'telemetry-opt':\n #prompt: Prompt\n #in: Opt-in to Telemetry\n #out: Opt-out of Telemetry\n\nfeatureFlags:\n label: 功能标志\n warning: 功能标志允许Rancher将某些功能关在标志后面。你应该谨慎地启用这些功能,它们应该被视为测试版功能,可能会给你的系统带来问题。此外,有些功能(非动态)需要重新启动Rancher服务器才能启用。改变非动态功能将重新启动Rancher pods,这将导致短暂的停电。\n promptActivate: 请确认您要激活功能标志\"{flag}\"。\n promptDeactivate: 请确认你想停用功能标志\"{flag}\"。\n restartRequired: \"注意:更新该功能标志需要重新启动\"\n\n##############################\n### Support Page\n##############################\n\nsupport:\n community:\n title: SUSE Rancher 提供世界一流的支持\n register: 已经购买支持?请添加您的SUSE订阅ID。\n addSubscription: 添加订阅ID\n linksTitle: 社区支持\n learnMore: 了解更多关于SUSE Rancher支持的信息\n suse:\n title: \"好消息--你得到了保障\"\n promos:\n one:\n title: 全天候7x24小时支持\n text: 我们提供严格定义的服务水平协议,并提供全天候的支持选项。\n two:\n title: 解决问题\n text: 满怀信心地运行 SUSE Rancher 产品,因为我们知道构建这些产品的开发人员可以快速解决问题。\n three:\n title: 问题排查\n text: 我们专注于发现任何问题的根源,无论它是否与Rancher产品、Kubernetes、Docker或你的底层基础设施有关。\n four:\n title: 自由创新\n text: 利用我们与众多的Kubernetes厂商、操作系统和开源软件的认证兼容性。\n"
},
{
"path": "pkg/rancher-desktop/backend/__tests__/backendHelper.spec.ts",
"content": "/** @jest-environment node */\n\nimport _ from 'lodash';\n\nimport type { VMExecutor } from '@pkg/backend/backend';\nimport type BackendHelperType from '@pkg/backend/backendHelper';\nimport mockModules from '@pkg/utils/testUtils/mockModules';\n\nconst modules = mockModules({\n electron: undefined,\n});\n\ndescribe('BackendHelper', () => {\n let BackendHelper: typeof BackendHelperType;\n beforeAll(async() => {\n BackendHelper = (await import('@pkg/backend/backendHelper')).default;\n });\n\n describe('configureMobyStorage', () => {\n const snapshotterDir = '/var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/';\n const classicDir = '/var/lib/docker/image/overlay2/imagedb/content/sha256/'; // no-spell-check\n const DOCKER_DAEMON_JSON = '/etc/docker/daemon.json';\n\n interface Options {\n hasSnapshotter: boolean;\n hasClassic: boolean;\n useWASM: boolean;\n storageDriver: 'classic' | 'snapshotter' | 'auto';\n }\n\n class mockExecutor implements Partial {\n readonly options: Omit & { existingConfig?: string; };\n readonly backend = 'mock';\n result: any;\n\n constructor(options: typeof this.options) {\n this.options = options;\n }\n\n execCommand(...command: string[]): Promise;\n execCommand(options: unknown, ...command: string[]): Promise;\n execCommand(options: unknown, ...command: string[]): Promise;\n execCommand(options?: unknown, ...command: string[]): Promise | Promise {\n if (typeof options === 'string') {\n command.unshift(options);\n }\n switch (command[0]) {\n case '/usr/bin/find':\n expect(options).toHaveProperty('capture', true);\n if (command.includes(snapshotterDir)) {\n return Promise.resolve(this.options.hasSnapshotter ? 'some text\\n' : '\\n');\n }\n if (command.includes(classicDir)) {\n return Promise.resolve(this.options.hasClassic ? 'not empty\\n' : '\\n');\n }\n break;\n case 'mkdir':\n return Promise.resolve();\n }\n throw new Error(`Unexpected command: ${ JSON.stringify(command) }`);\n }\n\n readFile(filePath: string): Promise {\n if (filePath === DOCKER_DAEMON_JSON) {\n if (this.options.existingConfig) {\n return Promise.resolve(this.options.existingConfig);\n }\n return Promise.reject(new Error('file does not exist'));\n }\n throw new Error(`Unexpected readFile: ${ filePath }`);\n }\n\n writeFile(filePath: string, fileContents: string): Promise {\n expect(filePath).toEqual(DOCKER_DAEMON_JSON);\n const config = JSON.parse(fileContents);\n\n this.result = config;\n expect(config).toHaveProperty('features.containerd-snapshotter');\n return Promise.resolve();\n }\n }\n\n async function runTest(options: Options): Promise {\n const vmx = new mockExecutor(options);\n\n await BackendHelper.configureMobyStorage(\n vmx as unknown as VMExecutor,\n options.storageDriver,\n options.useWASM);\n\n expect(vmx.result).toHaveProperty('features.containerd-snapshotter');\n\n return vmx.result.features['containerd-snapshotter'] ?? false;\n }\n\n function generateCases(alwaysUseWASM: boolean) {\n const cases: Omit[] = [];\n const bools = [true, false];\n\n for (const hasSnapshotter of bools) {\n for (const hasClassic of bools) {\n if (!alwaysUseWASM) {\n for (const useWASM of bools) {\n cases.push({ hasSnapshotter, hasClassic, useWASM });\n }\n } else {\n cases.push({ hasSnapshotter, hasClassic, useWASM: true });\n }\n }\n }\n\n return cases;\n }\n\n it.concurrent.each(generateCases(false))(\n 'should use classic storage driver when specified (snapshotter:$hasSnapshotter classic:$hasClassic wasm:$useWASM)', async(options) => {\n await expect(runTest({ ...options, storageDriver: 'classic' })).resolves.toBeFalsy();\n });\n\n it.concurrent.each(generateCases(false))(\n 'should use snapshotter storage driver when specified (snapshotter:$hasSnapshotter classic:$hasClassic wasm:$useWASM)', async(options) => {\n await expect(runTest({ ...options, storageDriver: 'snapshotter' })).resolves.toBeTruthy();\n });\n\n it.concurrent.each(generateCases(true))(\n 'should choose storage driver based on WASM configuration when set to auto (snapshotter:$hasSnapshotter classic:$hasClassic)', async(options) => {\n await expect(runTest({ ...options, useWASM: true, storageDriver: 'auto' })).resolves.toBeTruthy();\n });\n\n it.concurrent.each`\n hasSnapshotter | hasClassic | expected\n ${ true } | ${ true } | ${ true }\n ${ true } | ${ false } | ${ true }\n ${ false } | ${ true } | ${ false }\n ${ false } | ${ false } | ${ true }\n `('should choose storage driver based on existing usage when set to auto and WASM disabled (snapshotter:$hasSnapshotter classic:$hasClassic)', async(options) => {\n await expect(runTest({ ...options, useWASM: false, storageDriver: 'auto' })).resolves.toBe(options.expected);\n });\n\n it('should preserve existing docker daemon settings', async() => {\n const existingConfig = {\n hello: 'world',\n };\n\n const vmx = new mockExecutor({\n hasSnapshotter: false,\n hasClassic: true,\n existingConfig: JSON.stringify(existingConfig),\n });\n\n await BackendHelper.configureMobyStorage(\n vmx as unknown as VMExecutor,\n 'auto',\n false);\n\n expect(vmx.result).toHaveProperty('features.containerd-snapshotter');\n expect(vmx.result).toHaveProperty('hello', 'world');\n });\n });\n});\n"
},
{
"path": "pkg/rancher-desktop/backend/__tests__/k3sHelper.spec.ts",
"content": "/** @jest-environment node */\n\nimport fs from 'fs';\nimport os from 'os';\nimport path from 'path';\nimport util from 'util';\n\nimport { jest } from '@jest/globals';\nimport semver from 'semver';\n\nimport { SemanticVersionEntry } from '@pkg/utils/kubeVersions';\nimport paths from '@pkg/utils/paths';\nimport mockModules from '@pkg/utils/testUtils/mockModules';\n\nimport type { ReleaseAPIEntry } from '../k3sHelper';\n\nconst cachePath = path.join(paths.cache, 'k3s-versions.json');\n\nconst modules = mockModules({\n '@pkg/utils/logging': undefined,\n electron: undefined,\n});\n\nconst { default: K3sHelper, buildVersion, ChannelMapping, NoCachedK3sVersionsError } = await import('../k3sHelper');\n\nlet cacheData: Buffer | null;\n\nbeforeAll(() => {\n try {\n cacheData = fs.readFileSync(cachePath);\n } catch (err) {\n cacheData = null;\n }\n});\nafterAll(() => {\n if (cacheData) {\n fs.writeFileSync(cachePath, cacheData);\n } else {\n fs.rmSync(cachePath);\n }\n});\n\nbeforeEach(() => {\n modules.electron.net.fetch.mockReset();\n});\n\ndescribe(buildVersion, () => {\n test('parses the build number', () => {\n expect(buildVersion(new semver.SemVer('v1.99.3+k3s4'))).toEqual(4);\n });\n\n test('handles non-conforming versions', () => {\n expect(buildVersion(new semver.SemVer('v1.99.3'))).toEqual(-1);\n });\n});\n\ndescribe(K3sHelper, () => {\n describe('processVersion', () => {\n let subject: InstanceType;\n const process = (name: string, existing: string[] = [], hasAssets = false) => {\n const assets: ReleaseAPIEntry['assets'] = [];\n\n if (hasAssets) {\n for (const name of Object.values(subject['filenames'])) {\n if (typeof name === 'string') {\n assets.push({ name, browser_download_url: name });\n } else {\n assets.push({ name: name[0], browser_download_url: name[0] });\n }\n }\n }\n\n for (const version of existing) {\n const parsed = new semver.SemVer(version);\n\n subject['versions'][parsed.version] = new SemanticVersionEntry(parsed);\n }\n\n return subject['processVersion']({ tag_name: name, assets });\n };\n\n beforeEach(() => {\n subject = new K3sHelper('x86_64');\n // Note that we _do not_ initialize this, i.e. we don't trigger an\n // initial fetch of the releases. Instead, we pretend that is done.\n subject['pendingInitialize'] = Promise.resolve();\n });\n it('should skip invalid versions', async() => {\n expect(process('xxx')).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(0);\n });\n it('should skip prereleases', async() => {\n expect(process('1.99.3-beta1')).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(0);\n });\n it('should skip valid but erroneous versions', async() => {\n expect(process('1.99.3+rk3s1')).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(0);\n });\n it('should ignore old versions', async() => {\n expect(process('1.2.0')).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(0);\n });\n it('should ignore obsolete builds', async() => {\n expect(process('1.99.3+k3s4', ['1.99.3+k3s5'])).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(1);\n });\n it('should ignore existing builds', async() => {\n expect(process('1.99.3+k3s4', ['1.99.3+k3s4'])).toEqual(false);\n expect(await subject.availableVersions).toHaveLength(1);\n });\n it('should ignore versions with missing assets', async() => {\n expect(process('1.99.3+k3s4')).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(0);\n });\n it('should add versions', async() => {\n expect(process('1.99.3+k3s4', [], true)).toEqual(true);\n expect(await subject.availableVersions).toHaveLength(1);\n });\n });\n\n test('cache read/write', async() => {\n const subject = new K3sHelper('x86_64');\n const workDir = await fs.promises.mkdtemp(path.join(os.tmpdir(), 'rd-test-cache-'));\n const versions: Record = {\n '1.99.3': new SemanticVersionEntry(semver.parse('1.99.3+k3s1')!, ['stable']),\n '2.3.4': new SemanticVersionEntry(semver.parse('2.3.4+k3s3')!),\n };\n const versionStrings = Object.values(versions)\n .map(v => v.version)\n .sort((a, b) => a.compare(b))\n .map(v => v.raw);\n\n try {\n // We need to cast to any in order to override readonly.\n (subject as any).cachePath = path.join(workDir, 'cache.json');\n subject['versions'] = versions;\n await subject['writeCache']();\n\n const actual = JSON.parse(await fs.promises.readFile(subject['cachePath'], 'utf8'));\n const { versions: actualStrings, channels }: { versions: string[], channels: Record } = actual;\n\n expect(actual).toHaveProperty('cacheVersion');\n expect(semver.sort(actualStrings)).toEqual(versionStrings);\n expect(channels).toEqual({ stable: '1.99.3' });\n\n // Check that we can load the values back properly\n subject['versions'] = {};\n await subject['readCache']();\n expect(subject['versions']).toEqual(versions);\n } finally {\n await util.promisify(fs.rm)(workDir, { recursive: true, force: true });\n }\n });\n\n test('updateCache', async() => {\n const subject = new K3sHelper('x86_64');\n const validAssets = Object.values(subject['filenames']).map((name) => {\n if (typeof name === 'string') {\n return { name, browser_download_url: name };\n } else {\n return { name: name[0], browser_download_url: name[0] };\n }\n });\n\n // Override cache reading to return a fake existing cache.\n // The first read returns nothing to trigger a synchronous update;\n // the rest of the reads return mocked values.\n jest.spyOn(subject as any, 'readCache')\n .mockResolvedValueOnce(undefined)\n .mockImplementation(function(this: InstanceType) {\n const result = new ChannelMapping();\n\n for (const [version, tags] of Object.entries({\n 'v1.99.1+k3s1': ['stale-tag'],\n 'v1.99.3+k3s1': ['stable'],\n })) {\n const parsedVersion = new semver.SemVer(version);\n\n this.versions[parsedVersion.version] = new SemanticVersionEntry(parsedVersion, tags);\n for (const tag of tags) {\n result[tag] = parsedVersion;\n }\n }\n\n return Promise.resolve(result);\n });\n subject['writeCache'] = jest.fn(() => Promise.resolve());\n // On rate limiting, continue immediately.\n subject['delayForWaitLimiting'] = jest.fn(() => Promise.resolve());\n\n // Fake out the results\n modules.electron.net.fetch\n .mockImplementationOnce((url) => {\n expect(url).toEqual(subject['channelApiUrl']);\n\n return Promise.resolve(new Response(\n JSON.stringify({\n resourceType: 'channels',\n data: [{\n type: 'channel',\n name: 'stable',\n latest: 'v1.99.3+k3s3',\n }],\n }),\n ));\n })\n .mockImplementationOnce((url) => {\n expect(url).toEqual(subject['releaseApiUrl']);\n\n return Promise.resolve(new Response(\n JSON.stringify([\n { tag_name: 'v1.99.3+k3s2', assets: validAssets },\n { tag_name: 'v1.99.3+k3s3', assets: validAssets },\n // The next one is skipped because there's a newer build\n { tag_name: 'v1.99.3+k3s1', assets: validAssets },\n { tag_name: 'v1.99.4+k3s1', assets: [] },\n { tag_name: 'v1.99.1+k3s2', assets: validAssets },\n ]),\n { headers: { link: '; rel=\"next\"' } },\n ));\n })\n .mockImplementationOnce((url) => {\n expect(url).toEqual('url');\n\n return Promise.resolve(new Response(\n undefined,\n { status: 403, headers: { 'X-RateLimit-Remaining': '0' } },\n ));\n })\n .mockImplementationOnce((url) => {\n expect(url).toEqual('url');\n\n return Promise.resolve(new Response(\n JSON.stringify([\n { tag_name: 'Invalid tag name', assets: validAssets },\n { tag_name: 'v1.99.0+k3s5', assets: validAssets },\n ]),\n { headers: { link: '; rel=\"first\"' } },\n ));\n })\n .mockImplementationOnce((url) => {\n throw new Error(`Unexpected fetch call to ${ url }`);\n });\n\n // Ensure the Latch is set up in K3sHelper\n subject.networkReady();\n\n await subject.initialize();\n expect(modules.electron.net.fetch).toHaveBeenCalledTimes(4);\n expect(subject['delayForWaitLimiting']).toHaveBeenCalledTimes(1);\n expect(await subject.availableVersions).toEqual([\n new SemanticVersionEntry(new semver.SemVer('v1.99.3+k3s3'), ['stable']),\n new SemanticVersionEntry(new semver.SemVer('v1.99.1+k3s2')),\n new SemanticVersionEntry(new semver.SemVer('v1.99.0+k3s5')),\n ]);\n });\n\n test('updateCache with new versions', async() => {\n const subject = new K3sHelper('x86_64');\n const validAssets = Object.values(subject['filenames']).map((name) => {\n if (typeof name === 'string') {\n return { name, browser_download_url: name };\n } else {\n return { name: name[0], browser_download_url: name[0] };\n }\n });\n\n // Override cache reading to return a fake existing cache.\n // The first read returns nothing to trigger a synchronous update;\n // the rest of the reads return mocked values.\n jest.spyOn(subject, 'readCache' as any)\n .mockResolvedValueOnce(undefined)\n .mockImplementation(function(this: InstanceType) {\n const result = new ChannelMapping();\n\n for (const [version, tags] of Object.entries({\n 'v1.96.0+k3s2': [],\n 'v1.96.1+k3s1': [],\n 'v1.96.2+k3s1': [],\n 'v1.96.3+k3s1': ['v1.96', 'stable'],\n 'v1.97.1+k3s1': [],\n 'v1.97.2+k3s1': [],\n 'v1.97.3+k3s1': [],\n 'v1.97.4+k3s1': [],\n 'v1.97.5+k3s1': ['v1.97', 'latest'],\n })) {\n const parsedVersion = new semver.SemVer(version);\n\n this.versions[parsedVersion.version] = new SemanticVersionEntry(parsedVersion, tags);\n for (const tag of tags) {\n result[tag] = parsedVersion;\n }\n }\n\n subject['versionFromChannel'] = {\n stable: '1.96.3',\n latest: '1.97.5',\n 'v1.96': '1.96.3',\n 'v1.97': '1.97.5',\n };\n\n return Promise.resolve(result);\n });\n subject['writeCache'] = jest.fn(() => Promise.resolve());\n\n // Fake out the results\n modules.electron.net.fetch\n .mockImplementationOnce((url) => {\n expect(url).toEqual(subject['channelApiUrl']);\n\n return Promise.resolve(new Response(\n JSON.stringify({\n resourceType: 'channels',\n data: [\n {\n type: 'channel', name: 'v1.96', latest: '1.96.9+k3s1',\n },\n {\n type: 'channel', name: 'v1.97', latest: '1.97.7+k3s1',\n },\n {\n type: 'channel', name: 'stable', latest: '1.97.7+k3s1',\n },\n {\n type: 'channel', name: 'latest', latest: '1.98.3+k3s1',\n },\n {\n type: 'channel', name: 'v1.98', latest: '1.98.3+k3s1',\n },\n ],\n }),\n ));\n })\n .mockImplementationOnce((url) => {\n expect(url).toEqual(subject['releaseApiUrl']);\n\n return Promise.resolve(new Response(\n JSON.stringify([\n { tag_name: 'v1.98.3+k3s2', assets: validAssets },\n { tag_name: 'v1.98.2+k3s2', assets: validAssets },\n { tag_name: 'v1.98.1+k3s2', assets: validAssets },\n { tag_name: 'v1.97.7+k3s2', assets: validAssets },\n { tag_name: 'v1.97.6+k3s1', assets: validAssets },\n ]),\n { headers: { link: '; rel=\"first\"' } },\n ));\n })\n .mockImplementationOnce((url) => {\n throw new Error(`Unexpected fetch call to ${ url }`);\n });\n\n // Ensure the Latch is set up in K3sHelper\n subject.networkReady();\n\n await subject.initialize();\n expect(modules.electron.net.fetch).toHaveBeenCalledTimes(2);\n const availableVersions = await subject.availableVersions;\n\n expect(availableVersions).toEqual([\n new SemanticVersionEntry(new semver.SemVer('v1.98.3+k3s2'), ['latest', 'v1.98']),\n new SemanticVersionEntry(new semver.SemVer('v1.98.2+k3s2')),\n new SemanticVersionEntry(new semver.SemVer('v1.98.1+k3s2')),\n new SemanticVersionEntry(new semver.SemVer('v1.97.7+k3s2'), ['stable', 'v1.97']),\n new SemanticVersionEntry(new semver.SemVer('v1.97.6+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.97.5+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.97.4+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.97.3+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.97.2+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.97.1+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.96.3+k3s1'), ['v1.96']),\n new SemanticVersionEntry(new semver.SemVer('v1.96.2+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.96.1+k3s1')),\n new SemanticVersionEntry(new semver.SemVer('v1.96.0+k3s2')),\n ]);\n\n // Verify versionFromChannel is updated after channel assignment\n expect(subject['versionFromChannel']).toEqual({\n 'v1.96': '1.96.3',\n 'v1.97': '1.97.7',\n 'v1.98': '1.98.3',\n stable: '1.97.7',\n latest: '1.98.3',\n });\n });\n\n describe('initialize', () => {\n it('should finish initialize without network if cache is available', async() => {\n const writer = new K3sHelper('x86_64');\n\n writer['versions'] = { 'v1.99.0': new SemanticVersionEntry(new semver.SemVer('v1.99.0')) };\n await writer['writeCache']();\n\n // We want to check that initialize() returns before updateCache() does.\n\n const subject = new K3sHelper('x86_64');\n const pendingInit = new Promise((resolve) => {\n // We need a cast on updateCache here since it's a protected method.\n jest.spyOn(subject, 'updateCache' as any).mockImplementation(async() => {\n // This will be called, but will not block initialization.\n await pendingInit;\n\n return [];\n });\n subject.initialize().then(resolve);\n });\n\n expect(await subject.availableVersions).toContainEqual({\n version: semver.parse('v1.99.0'),\n channels: undefined,\n });\n await pendingInit;\n });\n\n it('should not reset versionFromChannel when called multiple times', async() => {\n const subject = new K3sHelper('x86_64');\n\n // Mock readCache to populate versionFromChannel\n jest.spyOn(subject as any, 'readCache').mockImplementation(function(this: InstanceType) {\n this.versions['1.99.3'] = new SemanticVersionEntry(semver.parse('1.99.3+k3s1')!, ['stable']);\n this.versionFromChannel['stable'] = '1.99.3';\n\n return Promise.resolve();\n });\n\n // Mock updateCache to not actually run\n jest.spyOn(subject as any, 'updateCache').mockResolvedValue(undefined);\n\n // First initialization\n await subject.initialize();\n expect(subject['versionFromChannel']).toEqual({ stable: '1.99.3' });\n\n // Second initialization should not reset versionFromChannel\n await subject.initialize();\n expect(subject['versionFromChannel']).toEqual({ stable: '1.99.3' });\n });\n });\n\n describe('selectClosestSemVer', () => {\n const subject = K3sHelper;\n const table = [\n ['finds the oldest newer major version', 'v3.1.2+k3s3',\n ['v1.2.9+k3s1', 'v1.2.9+k3s4', 'v4.2.8+k3s1', 'v4.3.0+k3s1'], 'v4.2.8+k3s1'],\n ['finds the oldest newer minor version', 'v1.12.2+k3s3',\n ['v1.2.9+k3s1', 'v1.7.0+k3s1', 'v1.29.9+k3s4', 'v2.12.8+k3s1'], 'v1.29.9+k3s4'],\n ['finds the oldest newer patch version at the start of the list', 'v1.12.2+k3s3',\n ['v1.12.4+k3s1', 'v1.12.4+k3s4', 'v1.12.8+k3s1', 'v1.12.9+k3s4'], 'v1.12.4+k3s4'],\n ['finds the oldest newer patch version inside the list', 'v1.12.10+k3s99',\n ['v1.12.4+k3s1', 'v1.12.8+k3s1', 'v1.12.9+k3s1', 'v1.12.20+k3s4'], 'v1.12.20+k3s4'],\n ['settles on the newest older version', 'v1.12.11+k3s5',\n ['v1.12.4+k3s1', 'v1.12.4+k3s4', 'v1.12.8+k3s1', 'v1.12.9+k3s4'], 'v1.12.9+k3s4'],\n ['favor a lower build number for same version over a newer version', 'v1.2.9+k3s2',\n ['v1.2.8+k3s1', 'v1.2.9+k3s1', 'v1.2.10+k3s1', 'v1.2.10+k3s2'], 'v1.2.9+k3s1'],\n ['finds the highest build version over single digits', 'v1.2.9+k3s2',\n ['v1.2.8+k3s1', 'v1.2.9+k3s1', 'v1.2.9+k3s4', 'v1.3.0+k3s1'], 'v1.2.9+k3s4'],\n ['finds the highest build version over double digits', 'v1.2.9+k3s11',\n ['v1.2.9+k3s9', 'v1.2.9+k3s15', 'v1.2.9+k3s16', 'v1.3.0+k3s1'], 'v1.2.9+k3s16'],\n ['can handle non-conforming inputs', 'v1.2.3+k3s4',\n ['v1.2.2+k3s1', 'oswald', 'rabbit', 'v1.2.4+k3s4'], 'v1.2.4+k3s4'],\n ] as const;\n\n test.each(table)('%s', (title: string, desiredVersion: string, cachedFilenames: readonly [string, string, string, string], expected: string) => {\n const desiredSemver = new semver.SemVer(desiredVersion);\n const selectedSemVer = subject['selectClosestSemVer'](desiredSemver, cachedFilenames as unknown as string[]);\n\n expect(selectedSemVer).toHaveProperty('raw', expected);\n });\n\n test('can handle zero choices', () => {\n const desiredSemver = new semver.SemVer('v1.99.3+k3s4');\n\n expect(() => subject['selectClosestSemVer'](desiredSemver, [])).toThrow(NoCachedK3sVersionsError);\n });\n });\n});\n"
},
{
"path": "pkg/rancher-desktop/backend/backend.ts",
"content": "import fs from 'fs';\nimport stream from 'stream';\n\nimport { Settings } from '@pkg/config/settings';\nimport * as childProcess from '@pkg/utils/childProcess';\nimport EventEmitter from '@pkg/utils/eventEmitter';\nimport { RecursiveKeys, RecursivePartial, RecursiveReadonly } from '@pkg/utils/typeUtils';\n\nimport type { ContainerEngineClient } from './containerClient';\nimport type { KubernetesBackend } from './k8s';\n\nexport enum State {\n STOPPED = 'STOPPED', // The engine is not running.\n STARTING = 'STARTING', // The engine is attempting to start.\n STARTED = 'STARTED', // The engine is started; the dashboard is not yet ready.\n STOPPING = 'STOPPING', // The engine is attempting to stop.\n ERROR = 'ERROR', // There is an error and we cannot recover automatically.\n DISABLED = 'DISABLED', // The container backend is ready but the Kubernetes engine is disabled.\n}\n\nexport class BackendError extends Error {\n constructor(name: string, message: string, fatal = false) {\n super(message);\n this.name = name;\n this.fatal = fatal;\n }\n\n readonly fatal: boolean;\n}\n\nexport interface BackendProgress {\n /** The current progress; valid values are 0 to max. */\n current: number,\n /** Maximum progress possible; if less than zero, the progress is indeterminate. */\n max: number,\n /** Details on the current action. */\n description?: string,\n /** When we entered this progress state. */\n transitionTime?: Date,\n}\n\nexport type Architecture = 'x86_64' | 'aarch64';\n\nexport interface FailureDetails {\n /** The last lima/wsl command run: */\n lastCommand?: string,\n lastCommandComment: string,\n lastLogLines: string[],\n}\n\n/**\n * KubernetesBackendEvents describes the events that may be emitted by a\n * Kubernetes backend (as an EventEmitter). Each property name is the name of\n * an event, and the property type is the type of the callback function expected\n * for the given event.\n */\nexport interface BackendEvents {\n /**\n * Emitted when there has been a change in the progress in the current action.\n * The progress can be read off the `progress` member on the backend.\n */\n 'progress'(): void;\n\n /**\n * Emitted when the state of the backend has changed.\n */\n 'state-changed'(state: State): void;\n\n /**\n * Show a notification to the user.\n */\n 'show-notification'(options: Electron.NotificationConstructorOptions): void;\n}\n\n/**\n * Settings that KubernetesBackend can access.\n */\nexport type BackendSettings = RecursiveReadonly;\n\n/**\n * Reasons that the backend might need to restart, as returned from\n * `requiresRestartReasons()`.\n * @returns A mapping of the preference causing the restart to the changed\n * values.\n */\nexport type RestartReasons = Partial, {\n /**\n * The currently active value.\n */\n current: any;\n /**\n * The desired value (which must be different from the current value to\n * require a restart).\n */\n desired: any;\n /**\n * The severity of the restart; this may be set to `reset` for some values\n * indicating that there will be data loss.\n */\n severity: 'restart' | 'reset';\n}>>;\n\n/**\n * VMBackend describes a controller for managing a virtual machine upon which\n * Rancher Desktop runs.\n */\nexport interface VMBackend extends EventEmitter {\n /** The name of the VM backend */\n readonly backend: 'wsl' | 'lima' | 'mock';\n\n readonly state: State;\n\n /** The number of CPUs in the running VM, or 0 if the VM is not running. */\n readonly cpus: Promise;\n\n /** The amount of memory in the VM, in MiB, or 0 if the VM is not running. */\n readonly memory: Promise;\n\n /** Progress for the current action. */\n readonly progress: Readonly;\n\n /**\n * Whether debug mode is enabled. If this is set, the implementation should\n * emit extra debug logging if possible.\n */\n debug: boolean;\n\n /**\n * Check if the current backend is valid.\n * @returns Null if the backend is valid; otherwise, an error describing why\n * the backend is invalid that can be shown to the user.\n */\n getBackendInvalidReason(): Promise;\n\n /**\n * Start the Kubernetes cluster. If it is already started, it will be\n * restarted.\n */\n start(config: BackendSettings): Promise;\n\n /** Stop the Kubernetes cluster. If applicable, shut down the VM. */\n stop(): Promise;\n\n /** Delete the Kubernetes cluster, returning the exit code. */\n del(): Promise;\n\n /** Reset the Kubernetes cluster, removing all workloads. */\n reset(config: BackendSettings): Promise;\n\n /**\n * Apply the settings update that does not require a backend restart.\n */\n handleSettingsUpdate(config: BackendSettings): Promise;\n\n /**\n * Check if applying the given settings would require the backend to restart.\n */\n requiresRestartReasons(config: RecursivePartial): Promise;\n\n /**\n * Get the external IP address where the services would be listening on, if\n * available. For VM-based systems, this would be the address of the VM's\n * network interface. This address may be undefined if the backend is\n * currently not in a state that supports services; for example, if the VM is\n * off.\n */\n readonly ipAddress: Promise;\n\n /**\n * If called after a backend operation fails, this returns a block of data that attempts\n * to give more information about what command was being run when the error happened.\n *\n * @param [exception] The associated exception.\n */\n getFailureDetails(exception: any): Promise;\n\n /**\n * If true, the backend cannot invoke any dialog boxes and needs to find an alternative.\n */\n noModalDialogs: boolean;\n\n readonly executor: VMExecutor;\n readonly kubeBackend: KubernetesBackend;\n readonly containerEngineClient: ContainerEngineClient;\n}\n\n/**\n * execOptions is options for VMExecutor.\n */\nexport type execOptions = childProcess.CommonOptions & {\n /** Expect the command to fail; do not log on error. Exceptions are still thrown. */\n expectFailure?: boolean;\n /** A custom log stream to write to; must have a file descriptor. */\n logStream?: stream.Writable;\n /**\n * If set, ensure that the command is run as the privileged user.\n * @note The command is always run as root on WSL.\n */\n root?: boolean;\n};\n\n/**\n * VMExecutor describes how to run commands in the virtual machine.\n */\nexport interface VMExecutor {\n /**\n * The backend in use.\n */\n readonly backend: VMBackend['backend'];\n\n /**\n * execCommand runs the given command in the virtual machine.\n * @param execOptions Execution options. If capture is set, standard output is\n * returned.\n * @param command The command to execute.\n */\n execCommand(...command: string[]): Promise;\n execCommand(options: execOptions, ...command: string[]): Promise;\n execCommand(options: execOptions & { capture: true }, ...command: string[]): Promise;\n\n /**\n * spawn the given command in the virtual machine, returning the child\n * process itself.\n * @note On Windows, this will be within the network / pid namespace.\n * @param options Execution options.\n * @param command The command to execute.\n */\n spawn(...command: string[]): childProcess.ChildProcess;\n spawn(options: execOptions, ...command: string[]): childProcess.ChildProcess;\n\n /**\n * Read the contents of the given file. If the file is a symlink, the target\n * will be read instead.\n * @param filePath The path inside the VM to read.\n * @param [options.encoding='utf-8'] The encoding of the file.\n * @returns The contents of the file.\n */\n readFile(filePath: string): Promise;\n readFile(filePath: string, options: Partial<{ encoding: BufferEncoding }>): Promise;\n\n /**\n * Write the given contents to a given file name in the VM.\n * The file will be owned by root.\n * @param filePath The destination file path, in the VM.\n * @param fileContents The contents of the file.\n * @param permissions The file permissions. Defaults to 0o644.\n */\n writeFile(filePath: string, fileContents: string): Promise;\n writeFile(filePath: string, fileContents: string, permissions: fs.Mode): Promise;\n\n /**\n * Copy the given file from the host into the VM.\n * @param hostPath The source path, on the host.\n * @param vmPath The destination path, inside the VM.\n * @note The behaviour of copying a directory is undefined.\n */\n copyFileIn(hostPath: string, vmPath: string): Promise;\n\n /**\n * Copy the given file from the VM into the host.\n * @param vmPath The source path, inside the VM.\n * @param hostPath The destination path, on the host.\n * @note The behaviour of copying a directory is undefined.\n */\n copyFileOut(vmPath: string, hostPath: string): Promise;\n}\n"
},
{
"path": "pkg/rancher-desktop/backend/backendHelper.ts",
"content": "import path from 'path';\n\nimport Electron from 'electron';\nimport merge from 'lodash/merge';\nimport semver from 'semver';\nimport yaml from 'yaml';\n\nimport CERT_MANAGER from '@pkg/assets/scripts/cert-manager.yaml';\nimport INSTALL_CONTAINERD_SHIMS_SCRIPT from '@pkg/assets/scripts/install-containerd-shims';\nimport CONTAINERD_CONFIG from '@pkg/assets/scripts/k3s-containerd-config.toml';\nimport SPIN_OPERATOR from '@pkg/assets/scripts/spin-operator.yaml';\nimport { BackendSettings, VMExecutor } from '@pkg/backend/backend';\nimport { LockedFieldError } from '@pkg/config/commandLineOptions';\nimport { ContainerEngine, Settings } from '@pkg/config/settings';\nimport * as settingsImpl from '@pkg/config/settingsImpl';\nimport SettingsValidator from '@pkg/main/commandServer/settingsValidator';\nimport mainEvents from '@pkg/main/mainEvents';\nimport { minimumUpgradeVersion, SemanticVersionEntry } from '@pkg/utils/kubeVersions';\nimport Logging from '@pkg/utils/logging';\nimport paths from '@pkg/utils/paths';\nimport { jsonStringifyWithWhiteSpace } from '@pkg/utils/stringify';\nimport { showMessageBox } from '@pkg/window';\n\nconst CONTAINERD_CONFIG_TOML = '/etc/containerd/config.toml';\nconst DOCKER_DAEMON_JSON = '/etc/docker/daemon.json';\n\nconst MANIFEST_DIR = '/var/lib/rancher/k3s/server/manifests';\n\n// Manifests are applied in sort order, so use a prefix to load them last, in the required sequence.\n// Names should start with `z` followed by a digit, so that `install-k3s` cleans them up on restart.\nexport const MANIFEST_RUNTIMES = 'z100-runtimes';\nexport const MANIFEST_CERT_MANAGER_CRDS = 'z110-cert-manager.crds';\nexport const MANIFEST_CERT_MANAGER = 'z115-cert-manager';\nexport const MANIFEST_SPIN_OPERATOR_CRDS = 'z120-spin-operator.crds';\nexport const MANIFEST_SPIN_OPERATOR = 'z125-spin-operator';\n\nconst STATIC_DIR = '/var/lib/rancher/k3s/server/static/rancher-desktop';\nconst STATIC_CERT_MANAGER_CHART = `${ STATIC_DIR }/cert-manager.tgz`;\nconst STATIC_SPIN_OPERATOR_CHART = `${ STATIC_DIR }/spin-operator.tgz`;\n\nconst console = Logging.kube;\n\nexport default class BackendHelper {\n /**\n * Workaround for upstream error https://github.com/containerd/nerdctl/issues/1308\n * Nerdctl client (version 0.22.0 +) wants a populated auths field when credsStore gives credentials.\n * Note that we don't have to actually provide credentials in the value part of the `auths` field.\n * The code currently wants to see a `ServerURL` that matches the well-known docker hub registry URL,\n * even though it isn't needed, because at that point the code knows it's using the well-known registry.\n */\n static ensureDockerAuth(existingConfig: Record): Record {\n return merge({ auths: { 'https://index.docker.io/v1/': {} } }, existingConfig);\n }\n\n /**\n * Replacer function for string.replaceAll(/(\\\\*)(\")/g, this.escapeChar)\n * It will backslash-escape the specified character unless it is already\n * preceded by an odd number of backslashes.\n */\n private static escapeChar(_: any, slashes: string, char: string) {\n if (slashes.length % 2 === 0) {\n slashes += '\\\\';\n }\n\n return `${ slashes }${ char }`;\n }\n\n /**\n * Turn allowedImages patterns into a list of nginx regex rules.\n */\n static createAllowedImageListConf(allowedImages: BackendSettings['containerEngine']['allowedImages']): string {\n /**\n * The image allow list config file consists of one line for each pattern using nginx pattern matching syntax.\n * It starts with '~*' for case-insensitive matching, followed by a regular expression, which should be\n * anchored to the beginning and end of the string with '^...$'. The pattern must be followed by ' 0;' and\n * a newline. The '0' means that this pattern is **not** forbidden (the table defaults to '1').\n */\n\n // TODO: remove hard-coded defaultSandboxImage from cri-dockerd\n let patterns = '\"~*^registry\\\\.k8s\\\\.io(:443)?/v2/pause/manifests/[^/]+$\" 0;\\n';\n\n // TODO: remove hardcoded CDN redirect target for registry.k8s.io\n patterns += '\"~*^[^./]+\\\\.pkg\\\\.dev(:443)?/v2/.+/manifests/[^/]+$\" 0;\\n';\n\n // TODO: remove hard-coded sandbox_image from our /etc/containerd/config.toml\n patterns += '\"~*^registry-1\\\\.docker\\\\.io(:443)?/v2/rancher/mirrored-pause/manifests/[^/]+$\" 0;\\n';\n\n for (const pattern of allowedImages.patterns) {\n let host = 'registry-1.docker.io';\n // escape all unescaped double-quotes because the final pattern will be quoted to avoid nginx syntax errors\n let repo = pattern.replaceAll(/(\\\\*)(\")/g, this.escapeChar).split('/');\n\n // no special cases for 'localhost' and 'host-without-dot:port'; they won't work within the VM\n if (repo[0].includes('.')) {\n host = repo.shift()!;\n if (host === 'docker.io') {\n host = 'registry-1.docker.io';\n // 'docker.io/busybox' means 'registry-1.docker.io/library/busybox'\n if (repo.length === 1) {\n repo.unshift('library');\n }\n }\n // registry without repo is the same as 'registry//'\n if (repo.length === 0) {\n repo = ['', ''];\n }\n } else if (repo.length < 2) {\n repo.unshift('library');\n }\n\n // all dots in the host name are literal dots, but don't escape them if they are already escaped\n host = host.replaceAll(/(\\\\*)(\\.)/g, this.escapeChar);\n // matching against http_host header, which may or may not include the port\n if (!host.includes(':')) {\n host += '(:443)?';\n }\n\n // match for \"image:tag@digest\" (tag and digest are both optional)\n const match = /^(?.*?)(:(?.*?))?(@(?.*))?$/.exec(repo[repo.length - 1]);\n let tag = '[^/]+';\n\n // Strip tag and digest from last fragment of the image name.\n // `match` and `match.groups` can't be `null` because the regular expression will match the empty string,\n // but TypeScript can't know that.\n if (match?.groups?.tag || match?.groups?.digest) {\n repo.pop();\n repo.push(match.groups.image);\n // actual tag is ignored when a digest is specified\n tag = match.groups.digest || match.groups.tag;\n }\n\n // special wildcard rules: 'foo//' means 'foo/.+' and 'foo/' means 'foo/[^/]+'\n if (repo[repo.length - 1] === '') {\n repo.pop();\n if (repo.length > 0 && repo[repo.length - 1] === '') {\n repo.pop();\n repo.push('.+');\n } else {\n repo.push('[^/]+');\n }\n }\n patterns += `\"~*^${ host }/v2/${ repo.join('/') }/manifests/${ tag }$\" 0;\\n`;\n }\n\n return patterns;\n }\n\n static requiresCRIDockerd(engineName: string, kubeVersion: string | semver.SemVer): boolean {\n if (engineName !== ContainerEngine.MOBY) {\n return false;\n }\n const ranges = [\n // versions 1.24.1 to 1.24.3 don't support the --docker option\n '1.24.1 - 1.24.3',\n // cri-dockerd bundled with k3s is not compatible with docker 25.x (using API 1.44)\n // see https://github.com/k3s-io/k3s/issues/9279\n '1.26.8 - 1.26.13',\n '1.27.5 - 1.27.10',\n '1.28.0 - 1.28.6',\n '1.29.0 - 1.29.1',\n ];\n\n return semver.satisfies(kubeVersion, ranges.join('||'));\n }\n\n static checkForLockedVersion(newVersion: semver.SemVer, cfg: BackendSettings, sv: SettingsValidator): void {\n const [, errors] = sv.validateSettings(cfg as Settings, { kubernetes: { version: newVersion.raw } }, settingsImpl.getLockedSettings());\n\n if (errors.length > 0) {\n if (errors.some(err => /field \".*\" is locked/.exec(err))) {\n throw new LockedFieldError(`Error in deployment profiles:\\n${ errors.join('\\n') }`);\n } else {\n throw new Error(`Validation errors for requested version ${ newVersion }: ${ errors.join('\\n') }`);\n }\n }\n }\n\n /**\n * Validate the cfg.kubernetes.version string\n * If it's valid and available, use it.\n * Otherwise fall back to the minimum upgrade version (highest patch release of lowest available version).\n */\n static async getDesiredVersion(cfg: BackendSettings, availableVersions: SemanticVersionEntry[], noModalDialogs: boolean, settingsWriter: (_: any) => void): Promise {\n const currentConfigVersionString = cfg?.kubernetes?.version;\n let storedVersion: semver.SemVer | null;\n let matchedVersion: SemanticVersionEntry | undefined;\n const invalidK8sVersionMainMessage = `Requested kubernetes version '${ currentConfigVersionString }' is not a supported version.`;\n const sv = new SettingsValidator();\n const lockedSettings = settingsImpl.getLockedSettings();\n const versionIsLocked = lockedSettings.kubernetes?.version ?? false;\n\n // If we're here either there's no existing cfg.k8s.version, or it isn't valid\n if (!availableVersions.length) {\n if (currentConfigVersionString) {\n console.log(invalidK8sVersionMainMessage);\n } else {\n console.log('Internal error: no available kubernetes versions found.');\n }\n throw new Error('No kubernetes version available.');\n }\n\n const upgradeVersion = minimumUpgradeVersion(availableVersions);\n\n if (!upgradeVersion) {\n // This should never be reached, as `availableVersions` isn't empty.\n throw new Error('Failed to find upgrade version.');\n }\n\n sv.k8sVersions = availableVersions.map(v => v.version.version);\n if (currentConfigVersionString) {\n storedVersion = semver.parse(currentConfigVersionString);\n if (storedVersion) {\n matchedVersion = availableVersions.find((v) => {\n try {\n return semver.eq(v.version, storedVersion!);\n } catch (err: any) {\n console.error(`Can't compare versions ${ storedVersion } and ${ v }: `, err);\n if (!(err instanceof TypeError)) {\n return false;\n }\n // We haven't seen a non-TypeError exception here, but it would be worthwhile to have it reported.\n // This throw will cause the exception to appear in a non-fatal error reporting dialog box.\n throw err;\n }\n });\n if (matchedVersion) {\n // This throws a LockedFieldError if it fails.\n this.checkForLockedVersion(matchedVersion.version, cfg, sv);\n\n return matchedVersion.version;\n } else if (versionIsLocked) {\n // This is a bit subtle. If we're here, the user specified a nonexistent version in the locked manifest.\n // We can't switch to the default version, so throw a fatal error.\n throw new LockedFieldError(`Locked kubernetes version ${ currentConfigVersionString } isn't available.`);\n }\n } else if (versionIsLocked) {\n // If we're here, the user specified a non-version in the locked manifest.\n // We can't switch to the default version, so throw a fatal error.\n throw new LockedFieldError(`Locked kubernetes version '${ currentConfigVersionString }' isn't a valid version.`);\n }\n const message = invalidK8sVersionMainMessage;\n const detail = `Falling back to recommended minimum upgrade version of ${ upgradeVersion.version.version }`;\n\n if (noModalDialogs) {\n console.log(`${ message } ${ detail }`);\n } else {\n const options: Electron.MessageBoxOptions = {\n message,\n detail,\n type: 'warning',\n buttons: ['OK'],\n title: 'Invalid Kubernetes Version',\n };\n\n await showMessageBox(options, true);\n }\n }\n // No (valid) stored version; save the default one.\n // Because no version was specified, there can't be a locked version field, so no need to call checkForLockedVersion.\n settingsWriter({ kubernetes: { version: upgradeVersion.version.version } });\n\n return upgradeVersion.version;\n }\n\n /**\n * Return a dictionary of all containerd shims installed in /usr/local/bin.\n * Keys are the shim names and values are the filenames.\n */\n static async containerdShims(vmx: VMExecutor): Promise> {\n const shims: Record = {};\n\n try {\n const files = await vmx.execCommand({ capture: true }, '/bin/ls', '-1', '-p', '/usr/local/bin');\n\n for (const file of files.split(/\\n/)) {\n const match = /^containerd-shim-([-a-z]+)-v\\d+$/.exec(file);\n\n if (match) {\n shims[match[1]] = file;\n }\n }\n } catch (e: any) {\n console.log('containerdShims: Got exception:', e);\n throw e;\n }\n\n return shims;\n }\n\n private static manifestFilename(manifest: string): string {\n return `${ MANIFEST_DIR }/${ manifest }.yaml`;\n }\n\n /**\n * Write a k3s manifest to define a runtime class for each installed containerd shim.\n */\n static async configureRuntimeClasses(vmx: VMExecutor) {\n const runtimes = [];\n\n for (const shim in await BackendHelper.containerdShims(vmx)) {\n runtimes.push({\n apiVersion: 'node.k8s.io/v1',\n kind: 'RuntimeClass',\n metadata: { name: shim },\n handler: shim,\n });\n }\n\n // Don't let k3s define runtime classes, only use the ones defined by Rancher Desktop.\n await vmx.execCommand({ root: true }, 'touch', `${ MANIFEST_DIR }/runtimes.yaml.skip`);\n\n if (runtimes.length > 0) {\n const manifest = runtimes.map(r => yaml.stringify(r)).join('---\\n');\n\n await vmx.writeFile(this.manifestFilename(MANIFEST_RUNTIMES), manifest, 0o644);\n }\n }\n\n /**\n * Write k3s manifests to install cert-manager and spinkube operator\n */\n static async configureSpinOperator(vmx: VMExecutor) {\n await Promise.all([\n vmx.copyFileIn(path.join(paths.resources, 'cert-manager.crds.yaml'), this.manifestFilename(MANIFEST_CERT_MANAGER_CRDS)),\n vmx.copyFileIn(path.join(paths.resources, 'cert-manager.tgz'), STATIC_CERT_MANAGER_CHART),\n vmx.writeFile(this.manifestFilename(MANIFEST_CERT_MANAGER), CERT_MANAGER, 0o644),\n\n vmx.copyFileIn(path.join(paths.resources, 'spin-operator.crds.yaml'), this.manifestFilename(MANIFEST_SPIN_OPERATOR_CRDS)),\n vmx.copyFileIn(path.join(paths.resources, 'spin-operator.tgz'), STATIC_SPIN_OPERATOR_CHART),\n vmx.writeFile(this.manifestFilename(MANIFEST_SPIN_OPERATOR), SPIN_OPERATOR, 0o644),\n ]);\n }\n\n /**\n * Install containerd-wasm shims into /usr/local/containerd-shims (and symlinks into /usr/local/bin).\n */\n static async installContainerdShims(vmx: VMExecutor, configureWASM: boolean) {\n // Calling install-containerd-shims without source dirs will remove the symlinks from /usr/local/bin.\n const sourceDirs: string[] = [];\n\n if (configureWASM) {\n sourceDirs.push(\n // Copy shims bundled with the app itself first, user-managed shims may override.\n path.join(paths.resources, 'linux', 'internal'),\n paths.containerdShims,\n );\n }\n await vmx.execCommand({ root: true }, 'mkdir', '-p', '/root');\n await vmx.writeFile('/root/install-containerd-shims', INSTALL_CONTAINERD_SHIMS_SCRIPT, 'a+x');\n await vmx.execCommand({ root: true }, '/root/install-containerd-shims', ...sourceDirs);\n }\n\n /**\n * Write the containerd config file. If WASM is enabled, include a runtime definition\n * for each installed containerd shim.\n */\n static async writeContainerdConfig(vmx: VMExecutor, configureWASM: boolean): Promise {\n let config = CONTAINERD_CONFIG;\n\n if (configureWASM) {\n const shims = await BackendHelper.containerdShims(vmx);\n\n for (const shim in shims) {\n config += '\\n';\n config += `[plugins.\"io.containerd.grpc.v1.cri\".containerd.runtimes.${ shim }]\\n`;\n config += ` runtime_type = \"/usr/local/bin/${ shims[shim] }\"\\n`;\n }\n }\n\n await vmx.writeFile(CONTAINERD_CONFIG_TOML, config);\n }\n\n /**\n * Configure the Moby containerd-snapshotter feature if WASM support is\n * requested, or if we have not previously run the daemon.\n */\n static async configureMobyStorage(vmx: VMExecutor, storageDriver: 'classic' | 'snapshotter' | 'auto', configureWASM: boolean) {\n // Due to issues with a botched migration, we will need to provide more logic\n // to determine whether to use the containerd-snapshotter backend for moby\n // storage. See https://github.com/rancher-sandbox/rancher-desktop/issues/9732\n // for more details.\n\n // If this directory is not empty, we assume that there is data in the containerd snapshotter.\n const snapshotterDir = '/var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.overlayfs/snapshots/';\n // If this directory is not empty, we assume that there is data in the classic storage.\n const classicDir = '/var/lib/docker/image/overlay2/imagedb/content/sha256/'; // no-spell-check\n\n let useSnapshotter: boolean | undefined;\n\n // Check if a directory (in the VM) has any subdirectories or files.\n async function dirHasChildren(dir: string): Promise {\n try {\n const stdout = await vmx.execCommand(\n { root: true, expectFailure: true, capture: true },\n '/usr/bin/find', dir, '-maxdepth', '0', '-not', '-empty');\n\n return stdout.trim().length > 0;\n } catch {\n // Directory does not exist.\n return false;\n }\n }\n\n const hasSnapshotterData = await dirHasChildren(snapshotterDir);\n const hasClassicData = await dirHasChildren(classicDir);\n\n // If `storageDriver` is explicitly set, use that setting.\n if (storageDriver !== 'auto') {\n useSnapshotter = (storageDriver === 'snapshotter');\n } else if (configureWASM) {\n // WASM requires the containerd snapshotter.\n useSnapshotter = true;\n } else if (hasSnapshotterData) {\n // If there is data in the containerd snapshotter store, use it.\n useSnapshotter = true;\n } else {\n // If there is no data in the classic storage, use containerd snapshotter.\n useSnapshotter = !hasClassicData;\n }\n mainEvents.emit('diagnostics-event', {\n id: 'moby-storage',\n hasClassicData,\n hasSnapshotterData,\n useSnapshotter,\n });\n\n let config: Record;\n\n try {\n config = JSON.parse(await vmx.readFile(DOCKER_DAEMON_JSON));\n } catch (err: any) {\n await vmx.execCommand({ root: true }, 'mkdir', '-p', path.dirname(DOCKER_DAEMON_JSON));\n config = {};\n }\n config['min-api-version'] = '1.41';\n config['features'] ??= {};\n config['features']['containerd-snapshotter'] = useSnapshotter;\n\n if (config['features']['containerd-snapshotter']) {\n // If we are using the containerd snapshotter, create /var/lib/docker/image\n // to avoid breaking cri-dockerd.\n await vmx.execCommand({ root: true }, 'mkdir', '-p', '/var/lib/docker/image');\n }\n await vmx.writeFile(DOCKER_DAEMON_JSON, jsonStringifyWithWhiteSpace(config), 0o644);\n }\n\n static async configureContainerEngine(vmx: VMExecutor, configureWASM: boolean, mobyStorageDriver: 'classic' | 'snapshotter' | 'auto') {\n await BackendHelper.installContainerdShims(vmx, configureWASM);\n await BackendHelper.writeContainerdConfig(vmx, configureWASM);\n await BackendHelper.configureMobyStorage(vmx, mobyStorageDriver, configureWASM);\n }\n}\n"
},
{
"path": "pkg/rancher-desktop/backend/containerClient/__tests__/auth.spec.ts",
"content": "/** @jest-environment node */\n\nimport { jest } from '@jest/globals';\n\nimport * as childProcess from '@pkg/utils/childProcess';\nimport mockModules from '@pkg/utils/testUtils/mockModules';\n\nconst modules = mockModules({\n '@pkg/utils/childProcess': {\n ...childProcess,\n spawnFile: jest.fn(childProcess.spawnFile),\n },\n electron: undefined,\n});\n\nconst { default: RegistryAuth } = await import('@pkg/backend/containerClient/auth');\n\ndescribe('RegistryAuth', () => {\n describe('parseAuthHeader', () => {\n const testCases: {\n input: string,\n expected: { scheme: string, parameters?: Record }[],\n }[] = [\n { input: '', expected: [] },\n {\n input: 'Basic',\n expected: [{ scheme: 'basic' }],\n },\n {\n input: 'Bearer realm=\"https://auth.docker.io/token\",service=\"registry.docker.io\"',\n expected: [{ scheme: 'bearer', parameters: { realm: 'https://auth.docker.io/token', service: 'registry.docker.io' } }],\n },\n {\n input: 'one,two,three',\n expected: [{ scheme: 'one' }, { scheme: 'two' }, { scheme: 'three' }],\n },\n {\n input: 'broken quotes=\"value starts but never ends',\n expected: [{ scheme: 'broken', parameters: { quotes: 'value starts but never ends' } }],\n },\n {\n input: 'Token one=1,two=2, Other three=\"3\", four=\"4\"',\n expected: [{ scheme: 'token', parameters: { one: '1', two: '2' } }, { scheme: 'other', parameters: { three: '3', four: '4' } }],\n },\n {\n input: 'parameter=unused, token',\n expected: [{ scheme: 'token' }],\n },\n {\n input: 'token parameter=, other',\n expected: [{ scheme: 'token', parameters: { parameter: '' } }, { scheme: 'other' }],\n },\n {\n // From RFC 9110, section 11.6.1\n input: 'Basic realm=\"simple\", Newauth realm=\"apps\", type=1, title=\"Login to \\\\\"apps\\\\\"\"',\n expected: [\n { scheme: 'basic', parameters: { realm: 'simple' } },\n {\n scheme: 'newauth',\n parameters: {\n realm: 'apps', type: '1', title: 'Login to \"apps\"',\n },\n },\n ],\n },\n ];\n\n test.each(testCases)('$#: $input', ({ input, expected }) => {\n const actual = RegistryAuth['parseAuthHeader'](input);\n\n expect(actual).toEqual(expected.map(v => ({ parameters: {}, ...v })));\n });\n });\n\n describe('findAuth', () => {\n it('should not fail when failing to list known credentials', async() => {\n const exception = new Error('failed to spawn file');\n\n modules['@pkg/utils/childProcess'].spawnFile.mockRejectedValue(exception);\n await expect(RegistryAuth['findAuth']('example.test')).resolves.toBeUndefined();\n });\n });\n});\n"
},
{
"path": "pkg/rancher-desktop/backend/containerClient/__tests__/client.spec.ts",
"content": "/** @jest-environment node */\n\nimport { jest } from '@jest/globals';\n\nimport { ContainerEngineClient } from '@pkg/backend/containerClient/types';\nimport mockModules from '@pkg/utils/testUtils/mockModules';\n\nconst modules = mockModules({\n '@pkg/backend/mock': {\n default: jest.fn(),\n },\n '@pkg/backend/containerClient/registry': {\n default: {\n getTags: jest.fn((_name: string) => Promise.resolve([])),\n },\n },\n electron: undefined,\n});\n\nconst { default: MockBackend } = await import('@pkg/backend/mock');\nconst { NerdctlClient } = await import('@pkg/backend/containerClient/nerdctlClient');\nconst { MobyClient } = await import('@pkg/backend/containerClient/mobyClient');\n\ndescribe.each(['nerdctl', 'moby'] as const)('%s', (clientName) => {\n let subject: ContainerEngineClient;\n\n beforeEach(() => {\n const executor = new MockBackend() as jest.Mocked>;\n\n switch (clientName) {\n case 'nerdctl':\n subject = new NerdctlClient(executor);\n break;\n case 'moby':\n subject = new MobyClient(executor, '');\n break;\n default:\n throw new Error(`Unexpected client name ${ clientName }`);\n }\n });\n\n describe('getTags', () => {\n const repository = 'registry.test/name';\n let registryTags: string[];\n let localTags: string[];\n let localExtras: string[];\n\n beforeEach(() => {\n registryTags = [];\n localTags = [];\n localExtras = [];\n\n modules['@pkg/backend/containerClient/registry'].default.getTags.mockImplementation((name) => {\n expect(name).toEqual(repository);\n\n if (registryTags.length) {\n return Promise.resolve(registryTags);\n }\n\n return Promise.reject('Could not get tags from registry');\n });\n\n jest.spyOn(subject, 'runClient').mockImplementation((args, stdio) => {\n expect(args).toEqual(expect.arrayContaining(['image', 'list']));\n expect(stdio).toEqual('pipe');\n\n const results: string[] = [];\n\n if (localTags.length) {\n results.push(...localTags.map(t => `${ repository }:${ t }`));\n }\n if (localExtras.length) {\n results.push(...localExtras);\n }\n\n if (results.length) {\n return Promise.resolve({ stdout: results.join('\\n') });\n }\n\n // We need the cast to any because `runClient()` is overloaded and\n // it's hard to convince TypeScript that the return value is fine.\n return Promise.reject('Could not get tags locally') as any;\n });\n });\n\n afterEach(() => {\n jest.restoreAllMocks();\n jest.resetAllMocks();\n });\n\n it('should list tags from the registry', async() => {\n registryTags = ['apple', 'banana'];\n\n await expect(subject.getTags(repository)).resolves.toEqual(new Set(registryTags));\n });\n\n it('should list local tags', async() => {\n localTags = ['carrot', 'durian'];\n localExtras = ['irrelevant:grape', 'registry.invalid/other:honeydew'];\n\n await expect(subject.getTags(repository)).resolves.toEqual(new Set(localTags));\n });\n\n it('should merge tags', async() => {\n registryTags = ['jackfruit', 'kiwi'];\n localTags = ['kiwi', 'lemon'];\n\n await expect(subject.getTags(repository)).resolves.toEqual(new Set([...registryTags, ...localTags]));\n });\n\n it('should ignore errors', async() => {\n await expect(subject.getTags(repository)).resolves.toEqual(new Set());\n });\n });\n});\n"
},
{
"path": "pkg/rancher-desktop/backend/containerClient/__tests__/registry.spec.ts",
"content": "/** @jest-environment node */\n\nimport mockModules from '@pkg/utils/testUtils/mockModules';\n\nconst modules = mockModules({ electron: undefined });\nconst { default: dockerRegistry } = await import('@pkg/backend/containerClient/registry');\n\ndescribe('DockerRegistry', () => {\n beforeEach(() => {\n // We need to send actual network requests in this test.\n modules.electron.net.fetch.mockImplementation(fetch);\n });\n describe('getTags', () => {\n it.skip('should get tags from unauthenticated registry', async() => {\n // Sometimes this URL is broken, returning 504 Gateway Time-out\n // It shouldn't be used for a unit test anyway.\n const reference = 'registry.opensuse.org/opensuse/leap';\n\n await expect(dockerRegistry.getTags(reference))\n .resolves\n .toEqual(expect.arrayContaining(['15.4']));\n });\n\n it('should get tags from docker hub', async() => {\n await expect(dockerRegistry.getTags('hello-world'))\n .resolves\n .toEqual(expect.arrayContaining(['linux']));\n });\n\n it('should fail trying to get tags from invalid registry', async() => {\n await expect(dockerRegistry.getTags('host.invalid/name'))\n .rejects\n .toThrow();\n });\n });\n});\n"
},
{
"path": "pkg/rancher-desktop/backend/containerClient/auth.ts",
"content": "import { net } from 'electron';\n\nimport runCredentialCommand from '@pkg/main/credentialServer/credentialUtils';\nimport Logging from '@pkg/utils/logging';\n\nconst console = Logging.background;\n\ninterface tokenCacheEntry {\n /** The expiry of this token, as milliseconds since Unix epoch. */\n expiry: number;\n /** The raw token. */\n token: string;\n}\n\n/**\n * RegistryAuth handles HTTP authentication for the registries\n */\nclass RegistryAuth {\n /**\n * A cache of still-valid tokens, keyed by (registry) host.\n */\n protected tokenCache: Record = {};\n\n /**\n * Ask the credential helpers for authentication for the given host.\n * @param hosts The hosts to find auth for; possibly a URL instead.\n * @returns The value of the `Authorization` header to use.\n */\n protected async findAuth(...hosts: string[]): Promise {\n const candidates: string[] = [];\n const hostCandidates: string[] = [];\n const suffixes = ['/', ''];\n\n for (const host of hosts) {\n if (!host) {\n continue;\n }\n if (host.includes('://')) {\n // This is a full URL, parse it.\n const url = new URL(host);\n\n candidates.push(host);\n hostCandidates.push(url.host, url.hostname);\n suffixes.push(url.pathname);\n } else {\n hostCandidates.push(host);\n }\n }\n\n if (hostCandidates.some(h => h === 'docker.io' || h.endsWith('.docker.io'))) {\n // Special handling for docker (typically, `https://auth.docker.io/token`).\n hostCandidates.push('index.docker.io');\n suffixes.push('/v1/');\n }\n\n for (const protocol of ['http', 'https']) {\n for (const hostPart of hostCandidates) {\n for (const suffix of suffixes) {\n candidates.push(`${ protocol }://${ hostPart }${ suffix }`);\n }\n }\n }\n\n let knownAuths: Record;\n\n try {\n knownAuths = JSON.parse(await runCredentialCommand('list'));\n } catch (ex) {\n // if we fail to list credentials, that's not an error (there's probably\n // no docker config or something).\n console.debug(`Failed to list known credentials: ${ ex }`);\n\n return;\n }\n\n for (const candidate of candidates) {\n if (candidate in knownAuths) {\n try {\n const auth = JSON.parse(await runCredentialCommand('get', candidate));\n const login = Buffer.from(`${ auth.Username }:${ auth.Secret }`, 'utf-8');\n\n return `Basic ${ login.toString('base64') }`;\n } catch {\n // Failure to get credentials from one helper isn't fatal.\n continue;\n }\n }\n }\n }\n\n /**\n * HTTP Basic Authentication\n */\n protected async basicAuth(host: string): Promise> {\n const auth = await this.findAuth(host);\n\n if (auth) {\n return { Authorization: auth };\n }\n\n throw new Error(`Could not find auth for ${ host }`);\n }\n\n /**\n * HTTP Bearer Authentication\n * @param host The host we're trying to authenticate against\n * @param parameters The WWW-Authenticate header parameters.\n */\n protected async bearerAuth(host: string, parameters: Record): Promise> {\n // If we have a token in the cache, return it.\n if (host in this.tokenCache) {\n const cachedToken = this.tokenCache[host];\n\n if (cachedToken.expiry > Date.now()) {\n return { Authorization: `Bearer ${ cachedToken.token }` };\n }\n delete this.tokenCache[host];\n }\n\n const url = new URL(parameters.realm ?? (host.includes('://') ? host : `https://${ host }`));\n const auth = await this.findAuth(parameters.realm, host);\n const headers: HeadersInit = auth ? { Authorization: auth } : {};\n\n if (parameters.service) {\n url.searchParams.set('service', parameters.service);\n }\n if (parameters.scope) {\n for (const scope of parameters.scope.split(/\\s+/)) {\n url.searchParams.append('scope', scope);\n }\n }\n\n const resp = await net.fetch(url.toString(), { headers });\n\n if (!resp.ok) {\n throw new Error(`Could not get authorization token from ${ url } (for ${ url }): ${ JSON.stringify(resp) }`);\n }\n\n let result: any;\n\n try {\n result = await resp.json();\n } catch (ex) {\n const error = new Error(`Failed to parse authorization response`);\n\n (error as any).cause = ex;\n throw error;\n }\n\n const parsed = {\n token: result.token || result.access_token,\n issued_at: result.issued_at ?? (new Date()).toISOString(),\n expires_in: result.expires_in ?? 300,\n };\n\n type parsedKey = keyof typeof parsed;\n const types: Record = {\n token: 'string',\n issued_at: 'string',\n expires_in: 'number',\n };\n let issuedDate: number;\n\n for (const [k, type] of Object.entries(types) as [parsedKey, typeof types[parsedKey]][]) {\n // eslint-disable-next-line valid-typeof -- The set is hard-coded.\n if (typeof parsed[k] !== type) {\n throw new TypeError(`Failed to read authorization response: ${ k } is not a ${ type } (${ typeof parsed[k] })`);\n }\n }\n\n try {\n issuedDate = Date.parse(parsed.issued_at);\n } catch (ex) {\n const error = new Error(`Failed to parse authorization response issued_at ${ parsed.issued_at }`);\n\n (error as any).cause = ex;\n throw error;\n }\n\n this.tokenCache[host] = {\n expiry: issuedDate + parsed.expires_in * 1_000,\n token: parsed.token,\n };\n\n return { Authorization: `Bearer ${ parsed.token }` };\n }\n\n protected parseAuthHeader(header: string): { scheme: string, parameters: Record }[] {\n // This header is a bit tricky (hence a separate method for testing):\n // The header may contain multiple comma-separated challenge specifications,\n // each of which consists of one word (\"scheme\") plus zero or more comma-\n // separated parameters for that scheme. Parameters may have quoted values\n // which may internally contain commas.\n\n const results: { scheme: string, parameters: Record }[] = [];\n let scheme = '';\n let parameters: Record = {};\n\n function push() {\n if (scheme) {\n results.push({ scheme, parameters });\n parameters = {};\n }\n }\n\n header = header.trim();\n // From now on, `header` should never have leading/trailing whitespace.\n while (header) {\n const posMapping = {\n space: /\\s/.exec(header)?.index ?? -1,\n equal: header.indexOf('='),\n comma: header.indexOf(','),\n end: header.length,\n } as const;\n const posList = (Object.entries(posMapping) as [keyof typeof posMapping, number][])\n .filter(([, v]) => v >= 0)\n .sort(([, l], [, r]) => l - r);\n const [type, pos] = posList[0];\n\n switch (type) {\n case 'equal': {\n // An equals sign precedes any spaces etc.; this is a parameter.\n const key = header.substring(0, pos);\n let value = '';\n\n header = header.substring(pos + 1).trimStart();\n if (header.startsWith('\"')) {\n let quoteEnded = false;\n\n header = header.substring(1);\n\n while (!quoteEnded) {\n const quotePosMapping = {\n backslash: header.indexOf('\\\\'),\n quote: header.indexOf('\"'),\n end: header.length,\n } as const;\n const quotePosList = (Object.entries(quotePosMapping) as [keyof typeof quotePosMapping, number][])\n .filter(([, v]) => v >= 0)\n .sort(([, l], [, r]) => l - r);\n const [quoteType, quotePos] = quotePosList[0];\n\n switch (quoteType) {\n case 'backslash': {\n // We can get away with just treating the next character as\n // a literal (no `\\n` for newline, etc.).\n value += header.substring(0, quotePos);\n header = header.substring(quotePos + 1);\n if (header) {\n value += header.substring(0, 1);\n header = header.substring(1);\n }\n break;\n }\n case 'quote': {\n value += header.substring(0, quotePos);\n header = header.substring(quotePos + 1).replace(/^[,\\s]*/, '');\n quoteEnded = true;\n break;\n }\n case 'end': {\n // Could not find end of quote\n value += header;\n header = '';\n quoteEnded = true;\n break;\n }\n }\n }\n } else {\n // This value is not quoted\n const commaPos = header.indexOf(',');\n\n if (commaPos < 0) {\n // No comma, the parameter runs to the end of the header.\n value = header;\n header = '';\n } else {\n value = header.substring(0, commaPos);\n header = header.substring(commaPos).replace(/^[,\\s]*/, '');\n }\n }\n\n if (scheme) {\n // Only allow adding parameters if we already found a scheme.\n parameters[key] = value;\n }\n break;\n }\n case 'space': {\n // A space precedes any equals signs; this is a scheme.\n push();\n scheme = header.substring(0, pos).toLowerCase();\n header = header.substring(pos).replace(/^[,\\s]*/, '');\n break;\n }\n case 'end': {\n // Neither space nor equal found.\n // This is a bare scheme.\n push();\n scheme = header.trim().toLowerCase();\n header = header.substring(scheme.length).trim();\n break;\n }\n case 'comma': {\n // This is a bare scheme.\n push();\n scheme = header.substring(0, pos);\n header = header.substring(pos + 1).replace(/^[,\\s]*/, '');\n }\n }\n }\n\n push();\n\n return results;\n }\n\n /**\n * Determine authentication required.\n * @param endpoint The endpoint to use to test for authentication requirements.\n * @returns The headers needed for authentication.\n */\n async authenticate(endpoint: URL): Promise {\n if (endpoint.host in this.tokenCache) {\n // If we have a valid cached token, use it directly.\n const cachedToken = this.tokenCache[endpoint.host];\n\n if (cachedToken.expiry > Date.now()) {\n return new Headers({ Authorization: `Bearer ${ cachedToken.token }` });\n }\n }\n\n const resp = await net.fetch(endpoint.toString());\n\n if (resp.status !== 401) {\n console.debug(`${ endpoint } does not require authentication`);\n\n return new Headers();\n }\n\n const authenticateHeader = resp.headers.get('WWW-Authenticate') ?? '';\n\n for (const challenge of this.parseAuthHeader(authenticateHeader)) {\n if (challenge.scheme === 'basic') {\n try {\n return new Headers(await this.basicAuth(endpoint.toString()));\n } catch (ex) {\n console.debug(`Could not do Basic authentication for ${ endpoint }`, ex);\n }\n } else if (challenge.scheme === 'bearer') {\n try {\n return new Headers(await this.bearerAuth(endpoint.toString(), challenge.parameters));\n } catch (ex) {\n console.debug(`Could not do Bearer authentication for ${ endpoint }:`, ex);\n }\n } else {\n console.debug(`Don't know how to do ${ challenge.scheme } authentication for ${ endpoint }, skipping`);\n }\n }\n\n // If we reach here, we got a HTTP 401, but couldn't figure out how to do\n // authentication.\n throw new Error(`Failed to find compatible authentication scheme for ${ endpoint }`);\n }\n}\n\nconst auth = new RegistryAuth();\n\nexport default auth;\n"
},
{
"path": "pkg/rancher-desktop/backend/containerClient/index.ts",
"content": "export * from './types';\nexport { MobyClient } from './mobyClient';\nexport { NerdctlClient } from './nerdctlClient';\n"
},
{
"path": "pkg/rancher-desktop/backend/containerClient/mobyClient.ts",
"content": "import fs from 'fs';\nimport os from 'os';\nimport path from 'path';\nimport stream from 'stream';\nimport util from 'util';\n\nimport _ from 'lodash';\nimport tar from 'tar-stream';\n\nimport {\n ContainerComposeExecOptions, ReadableProcess, WritableReadableProcess, ContainerComposeOptions,\n ContainerEngineClient, ContainerRunOptions, ContainerStopOptions,\n ContainerRunClientOptions, ContainerComposePortOptions, ContainerBasicOptions,\n} from './types';\n\nimport { VMExecutor } from '@pkg/backend/backend';\nimport dockerRegistry from '@pkg/backend/containerClient/registry';\nimport { ErrorCommand, spawn, spawnFile } from '@pkg/utils/childProcess';\nimport { parseImageReference } from '@pkg/utils/dockerUtils';\nimport Logging, { Log } from '@pkg/utils/logging';\nimport paths from '@pkg/utils/paths';\nimport { executable } from '@pkg/utils/resources';\nimport { defined } from '@pkg/utils/typeUtils';\n\nconst console = Logging.moby;\n\ntype runClientOptions = ContainerRunClientOptions & {\n /** The executable to run, defaulting to this.executable (i.e. \"docker\") */\n executable?: string;\n};\n\nexport class MobyClient implements ContainerEngineClient {\n constructor(vm: VMExecutor, endpoint: string) {\n this.vm = vm;\n this.endpoint = endpoint;\n }\n\n readonly vm: VMExecutor;\n readonly executable = executable('docker');\n readonly endpoint: string;\n\n /**\n * Run a list of cleanup functions in reverse.\n */\n protected async runCleanups(cleanups: (() => Promise