monkeybox_kubernetes/Workloads/kafka/1.strimzi.yaml

---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: strimzi-cluster-operator
  labels:
    app: strimzi
  namespace: kafka

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkas.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: Kafka
    listKind: KafkaList
    singular: kafka
    plural: kafkas
    shortNames:
      - k
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Desired Kafka replicas
          description: The desired number of Kafka replicas in the cluster
          jsonPath: .spec.kafka.replicas
          type: integer
        - name: Desired ZK replicas
          description: The desired number of ZooKeeper replicas in the cluster
          jsonPath: .spec.zookeeper.replicas
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
        - name: Warnings
          description: Warnings related to the custom resource
          jsonPath: '.status.conditions[?(@.type=="Warning")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                kafka:
                  type: object
                  properties:
                    version:
                      type: string
                      description: >-
                        The kafka broker version. Defaults to
                        {DefaultKafkaVersion}. Consult the user documentation to
                        understand the process required to upgrade or downgrade
                        the version.
                    replicas:
                      type: integer
                      minimum: 1
                      description: The number of pods in the cluster.
                    image:
                      type: string
                      description: >-
                        The docker image for the pods. The default value depends
                        on the configured `Kafka.spec.kafka.version`.
                    listeners:
                      type: array
                      minItems: 1
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            pattern: '^[a-z0-9]{1,11}$'
                            description: >-
                              Name of the listener. The name will be used to
                              identify the listener and the related Kubernetes
                              objects. The name has to be unique within given a
                              Kafka cluster. The name can consist of lowercase
                              characters and numbers and be up to 11 characters
                              long.
                          port:
                            type: integer
                            minimum: 9092
                            description: >-
                              Port number used by the listener inside Kafka. The
                              port number has to be unique within a given Kafka
                              cluster. Allowed port numbers are 9092 and higher
                              with the exception of ports 9404 and 9999, which
                              are already used for Prometheus and JMX. Depending
                              on the listener type, the port number might not be
                              the same as the port number that connects Kafka
                              clients.
                          type:
                            type: string
                            enum:
                              - internal
                              - route
                              - loadbalancer
                              - nodeport
                              - ingress
                              - cluster-ip
                            description: >
                              Type of the listener. Currently the supported
                              types are `internal`, `route`, `loadbalancer`,
                              `nodeport` and `ingress`. 


                              * `internal` type exposes Kafka internally only
                              within the Kubernetes cluster.

                              * `route` type uses OpenShift Routes to expose
                              Kafka.

                              * `loadbalancer` type uses LoadBalancer type
                              services to expose Kafka.

                              * `nodeport` type uses NodePort type services to
                              expose Kafka.

                              * `ingress` type uses Kubernetes Nginx Ingress to
                              expose Kafka with TLS passthrough.

                              * `cluster-ip` type uses a per-broker `ClusterIP`
                              service.
                          tls:
                            type: boolean
                            description: >-
                              Enables TLS encryption on the listener. This is a
                              required property.
                          authentication:
                            type: object
                            properties:
                              accessTokenIsJwt:
                                type: boolean
                                description: >-
                                  Configure whether the access token is treated
                                  as JWT. This must be set to `false` if the
                                  authorization server returns opaque tokens.
                                  Defaults to `true`.
                              checkAccessTokenType:
                                type: boolean
                                description: >-
                                  Configure whether the access token type check
                                  is performed or not. This should be set to
                                  `false` if the authorization server does not
                                  include 'typ' claim in JWT token. Defaults to
                                  `true`.
                              checkAudience:
                                type: boolean
                                description: >-
                                  Enable or disable audience checking. Audience
                                  checks identify the recipients of tokens. If
                                  audience checking is enabled, the OAuth Client
                                  ID also has to be configured using the
                                  `clientId` property. The Kafka broker will
                                  reject tokens that do not have its `clientId`
                                  in their `aud` (audience) claim.Default value
                                  is `false`.
                              checkIssuer:
                                type: boolean
                                description: >-
                                  Enable or disable issuer checking. By default
                                  issuer is checked using the value configured
                                  by `validIssuerUri`. Default value is `true`.
                              clientAudience:
                                type: string
                                description: >-
                                  The audience to use when making requests to
                                  the authorization server's token endpoint.
                                  Used for inter-broker authentication and for
                                  configuring OAuth 2.0 over PLAIN using the
                                  `clientId` and `secret` method.
                              clientId:
                                type: string
                                description: >-
                                  OAuth Client ID which the Kafka broker can use
                                  to authenticate against the authorization
                                  server and use the introspect endpoint URI.
                              clientScope:
                                type: string
                                description: >-
                                  The scope to use when making requests to the
                                  authorization server's token endpoint. Used
                                  for inter-broker authentication and for
                                  configuring OAuth 2.0 over PLAIN using the
                                  `clientId` and `secret` method.
                              clientSecret:
                                type: object
                                properties:
                                  key:
                                    type: string
                                    description: >-
                                      The key under which the secret value is
                                      stored in the Kubernetes Secret.
                                  secretName:
                                    type: string
                                    description: >-
                                      The name of the Kubernetes Secret
                                      containing the secret value.
                                required:
                                  - key
                                  - secretName
                                description: >-
                                  Link to Kubernetes Secret containing the OAuth
                                  client secret which the Kafka broker can use
                                  to authenticate against the authorization
                                  server and use the introspect endpoint URI.
                              connectTimeoutSeconds:
                                type: integer
                                description: >-
                                  The connect timeout in seconds when connecting
                                  to authorization server. If not set, the
                                  effective connect timeout is 60 seconds.
                              customClaimCheck:
                                type: string
                                description: >-
                                  JsonPath filter query to be applied to the JWT
                                  token or to the response of the introspection
                                  endpoint for additional token validation. Not
                                  set by default.
                              disableTlsHostnameVerification:
                                type: boolean
                                description: >-
                                  Enable or disable TLS hostname verification.
                                  Default value is `false`.
                              enableECDSA:
                                type: boolean
                                description: >-
                                  Enable or disable ECDSA support by installing
                                  BouncyCastle crypto provider. ECDSA support is
                                  always enabled. The BouncyCastle libraries are
                                  no longer packaged with Strimzi. Value is
                                  ignored.
                              enableMetrics:
                                type: boolean
                                description: >-
                                  Enable or disable OAuth metrics. Default value
                                  is `false`.
                              enableOauthBearer:
                                type: boolean
                                description: >-
                                  Enable or disable OAuth authentication over
                                  SASL_OAUTHBEARER. Default value is `true`.
                              enablePlain:
                                type: boolean
                                description: >-
                                  Enable or disable OAuth authentication over
                                  SASL_PLAIN. There is no re-authentication
                                  support when this mechanism is used. Default
                                  value is `false`.
                              failFast:
                                type: boolean
                                description: >-
                                  Enable or disable termination of Kafka broker
                                  processes due to potentially recoverable
                                  runtime errors during startup. Default value
                                  is `true`.
                              fallbackUserNameClaim:
                                type: string
                                description: >-
                                  The fallback username claim to be used for the
                                  user id if the claim specified by
                                  `userNameClaim` is not present. This is useful
                                  when `client_credentials` authentication only
                                  results in the client id being provided in
                                  another claim. It only takes effect if
                                  `userNameClaim` is set.
                              fallbackUserNamePrefix:
                                type: string
                                description: >-
                                  The prefix to use with the value of
                                  `fallbackUserNameClaim` to construct the user
                                  id. This only takes effect if
                                  `fallbackUserNameClaim` is true, and the value
                                  is present for the claim. Mapping usernames
                                  and client ids into the same user id space is
                                  useful in preventing name collisions.
                              groupsClaim:
                                type: string
                                description: >-
                                  JsonPath query used to extract groups for the
                                  user during authentication. Extracted groups
                                  can be used by a custom authorizer. By default
                                  no groups are extracted.
                              groupsClaimDelimiter:
                                type: string
                                description: >-
                                  A delimiter used to parse groups when they are
                                  extracted as a single String value rather than
                                  a JSON array. Default value is ',' (comma).
                              httpRetries:
                                type: integer
                                description: >-
                                  The maximum number of retries to attempt if an
                                  initial HTTP request fails. If not set, the
                                  default is to not attempt any retries.
                              httpRetryPauseMs:
                                type: integer
                                description: >-
                                  The pause to take before retrying a failed
                                  HTTP request. If not set, the default is to
                                  not pause at all but to immediately repeat a
                                  request.
                              introspectionEndpointUri:
                                type: string
                                description: >-
                                  URI of the token introspection endpoint which
                                  can be used to validate opaque non-JWT tokens.
                              jwksEndpointUri:
                                type: string
                                description: >-
                                  URI of the JWKS certificate endpoint, which
                                  can be used for local JWT validation.
                              jwksExpirySeconds:
                                type: integer
                                minimum: 1
                                description: >-
                                  Configures how often are the JWKS certificates
                                  considered valid. The expiry interval has to
                                  be at least 60 seconds longer then the refresh
                                  interval specified in `jwksRefreshSeconds`.
                                  Defaults to 360 seconds.
                              jwksIgnoreKeyUse:
                                type: boolean
                                description: >-
                                  Flag to ignore the 'use' attribute of `key`
                                  declarations in a JWKS endpoint response.
                                  Default value is `false`.
                              jwksMinRefreshPauseSeconds:
                                type: integer
                                minimum: 0
                                description: >-
                                  The minimum pause between two consecutive
                                  refreshes. When an unknown signing key is
                                  encountered the refresh is scheduled
                                  immediately, but will always wait for this
                                  minimum pause. Defaults to 1 second.
                              jwksRefreshSeconds:
                                type: integer
                                minimum: 1
                                description: >-
                                  Configures how often are the JWKS certificates
                                  refreshed. The refresh interval has to be at
                                  least 60 seconds shorter then the expiry
                                  interval specified in `jwksExpirySeconds`.
                                  Defaults to 300 seconds.
                              listenerConfig:
                                x-kubernetes-preserve-unknown-fields: true
                                type: object
                                description: >-
                                  Configuration to be used for a specific
                                  listener. All values are prefixed with
                                  listener.name._<listener_name>_.
                              maxSecondsWithoutReauthentication:
                                type: integer
                                description: >-
                                  Maximum number of seconds the authenticated
                                  session remains valid without
                                  re-authentication. This enables Apache Kafka
                                  re-authentication feature, and causes sessions
                                  to expire when the access token expires. If
                                  the access token expires before max time or if
                                  max time is reached, the client has to
                                  re-authenticate, otherwise the server will
                                  drop the connection. Not set by default - the
                                  authenticated session does not expire when the
                                  access token expires. This option only applies
                                  to SASL_OAUTHBEARER authentication mechanism
                                  (when `enableOauthBearer` is `true`).
                              readTimeoutSeconds:
                                type: integer
                                description: >-
                                  The read timeout in seconds when connecting to
                                  authorization server. If not set, the
                                  effective read timeout is 60 seconds.
                              sasl:
                                type: boolean
                                description: Enable or disable SASL on this listener.
                              secrets:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                      description: >-
                                        The key under which the secret value is
                                        stored in the Kubernetes Secret.
                                    secretName:
                                      type: string
                                      description: >-
                                        The name of the Kubernetes Secret
                                        containing the secret value.
                                  required:
                                    - key
                                    - secretName
                                description: >-
                                  Secrets to be mounted to
                                  /opt/kafka/custom-authn-secrets/custom-listener-_<listener_name>-<port>_/_<secret_name>_.
                              tlsTrustedCertificates:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    certificate:
                                      type: string
                                      description: >-
                                        The name of the file certificate in the
                                        Secret.
                                    secretName:
                                      type: string
                                      description: >-
                                        The name of the Secret containing the
                                        certificate.
                                  required:
                                    - certificate
                                    - secretName
                                description: >-
                                  Trusted certificates for TLS connection to the
                                  OAuth server.
                              tokenEndpointUri:
                                type: string
                                description: >-
                                  URI of the Token Endpoint to use with
                                  SASL_PLAIN mechanism when the client
                                  authenticates with `clientId` and a `secret`.
                                  If set, the client can authenticate over
                                  SASL_PLAIN by either setting `username` to
                                  `clientId`, and setting `password` to client
                                  `secret`, or by setting `username` to account
                                  username, and `password` to access token
                                  prefixed with `$accessToken:`. If this option
                                  is not set, the `password` is always
                                  interpreted as an access token (without a
                                  prefix), and `username` as the account
                                  username (a so called 'no-client-credentials'
                                  mode).
                              type:
                                type: string
                                enum:
                                  - tls
                                  - scram-sha-512
                                  - oauth
                                  - custom
                                description: >-
                                  Authentication type. `oauth` type uses SASL
                                  OAUTHBEARER Authentication. `scram-sha-512`
                                  type uses SASL SCRAM-SHA-512 Authentication.
                                  `tls` type uses TLS Client Authentication.
                                  `tls` type is supported only on TLS
                                  listeners.`custom` type allows for any
                                  authentication type to be used.
                              userInfoEndpointUri:
                                type: string
                                description: >-
                                  URI of the User Info Endpoint to use as a
                                  fallback to obtaining the user id when the
                                  Introspection Endpoint does not return
                                  information that can be used for the user id. 
                              userNameClaim:
                                type: string
                                description: >-
                                  Name of the claim from the JWT authentication
                                  token, Introspection Endpoint response or User
                                  Info Endpoint response which will be used to
                                  extract the user id. Defaults to `sub`.
                              validIssuerUri:
                                type: string
                                description: >-
                                  URI of the token issuer used for
                                  authentication.
                              validTokenType:
                                type: string
                                description: >-
                                  Valid value for the `token_type` attribute
                                  returned by the Introspection Endpoint. No
                                  default value, and not checked by default.
                            required:
                              - type
                            description: Authentication configuration for this listener.
                          configuration:
                            type: object
                            properties:
                              brokerCertChainAndKey:
                                type: object
                                properties:
                                  certificate:
                                    type: string
                                    description: >-
                                      The name of the file certificate in the
                                      Secret.
                                  key:
                                    type: string
                                    description: The name of the private key in the Secret.
                                  secretName:
                                    type: string
                                    description: >-
                                      The name of the Secret containing the
                                      certificate.
                                required:
                                  - certificate
                                  - key
                                  - secretName
                                description: >-
                                  Reference to the `Secret` which holds the
                                  certificate and private key pair which will be
                                  used for this listener. The certificate can
                                  optionally contain the whole chain. This field
                                  can be used only with listeners with enabled
                                  TLS encryption.
                              externalTrafficPolicy:
                                type: string
                                enum:
                                  - Local
                                  - Cluster
                                description: >-
                                  Specifies whether the service routes external
                                  traffic to node-local or cluster-wide
                                  endpoints. `Cluster` may cause a second hop to
                                  another node and obscures the client source
                                  IP. `Local` avoids a second hop for
                                  LoadBalancer and Nodeport type services and
                                  preserves the client source IP (when supported
                                  by the infrastructure). If unspecified,
                                  Kubernetes will use `Cluster` as the
                                  default.This field can be used only with
                                  `loadbalancer` or `nodeport` type listener.
                              loadBalancerSourceRanges:
                                type: array
                                items:
                                  type: string
                                description: >-
                                  A list of CIDR ranges (for example
                                  `10.0.0.0/8` or `130.211.204.1/32`) from which
                                  clients can connect to load balancer type
                                  listeners. If supported by the platform,
                                  traffic through the loadbalancer is restricted
                                  to the specified CIDR ranges. This field is
                                  applicable only for loadbalancer type services
                                  and is ignored if the cloud provider does not
                                  support the feature. This field can be used
                                  only with `loadbalancer` type listener.
                              bootstrap:
                                type: object
                                properties:
                                  alternativeNames:
                                    type: array
                                    items:
                                      type: string
                                    description: >-
                                      Additional alternative names for the
                                      bootstrap service. The alternative names
                                      will be added to the list of subject
                                      alternative names of the TLS certificates.
                                  host:
                                    type: string
                                    description: >-
                                      The bootstrap host. This field will be
                                      used in the Ingress resource or in the
                                      Route resource to specify the desired
                                      hostname. This field can be used only with
                                      `route` (optional) or `ingress` (required)
                                      type listeners.
                                  nodePort:
                                    type: integer
                                    description: >-
                                      Node port for the bootstrap service. This
                                      field can be used only with `nodeport`
                                      type listener.
                                  loadBalancerIP:
                                    type: string
                                    description: >-
                                      The loadbalancer is requested with the IP
                                      address specified in this field. This
                                      feature depends on whether the underlying
                                      cloud provider supports specifying the
                                      `loadBalancerIP` when a load balancer is
                                      created. This field is ignored if the
                                      cloud provider does not support the
                                      feature.This field can be used only with
                                      `loadbalancer` type listener.
                                  annotations:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                                    description: >-
                                      Annotations that will be added to the
                                      `Ingress`, `Route`, or `Service` resource.
                                      You can use this field to configure DNS
                                      providers such as External DNS. This field
                                      can be used only with `loadbalancer`,
                                      `nodeport`, `route`, or `ingress` type
                                      listeners.
                                  labels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                                    description: >-
                                      Labels that will be added to the
                                      `Ingress`, `Route`, or `Service` resource.
                                      This field can be used only with
                                      `loadbalancer`, `nodeport`, `route`, or
                                      `ingress` type listeners.
                                description: Bootstrap configuration.
                              brokers:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    broker:
                                      type: integer
                                      description: >-
                                        ID of the kafka broker (broker
                                        identifier). Broker IDs start from 0 and
                                        correspond to the number of broker
                                        replicas.
                                    advertisedHost:
                                      type: string
                                      description: >-
                                        The host name which will be used in the
                                        brokers' `advertised.brokers`.
                                    advertisedPort:
                                      type: integer
                                      description: >-
                                        The port number which will be used in
                                        the brokers' `advertised.brokers`.
                                    host:
                                      type: string
                                      description: >-
                                        The broker host. This field will be used
                                        in the Ingress resource or in the Route
                                        resource to specify the desired
                                        hostname. This field can be used only
                                        with `route` (optional) or `ingress`
                                        (required) type listeners.
                                    nodePort:
                                      type: integer
                                      description: >-
                                        Node port for the per-broker service.
                                        This field can be used only with
                                        `nodeport` type listener.
                                    loadBalancerIP:
                                      type: string
                                      description: >-
                                        The loadbalancer is requested with the
                                        IP address specified in this field. This
                                        feature depends on whether the
                                        underlying cloud provider supports
                                        specifying the `loadBalancerIP` when a
                                        load balancer is created. This field is
                                        ignored if the cloud provider does not
                                        support the feature.This field can be
                                        used only with `loadbalancer` type
                                        listener.
                                    annotations:
                                      x-kubernetes-preserve-unknown-fields: true
                                      type: object
                                      description: >-
                                        Annotations that will be added to the
                                        `Ingress` or `Service` resource. You can
                                        use this field to configure DNS
                                        providers such as External DNS. This
                                        field can be used only with
                                        `loadbalancer`, `nodeport`, or `ingress`
                                        type listeners.
                                    labels:
                                      x-kubernetes-preserve-unknown-fields: true
                                      type: object
                                      description: >-
                                        Labels that will be added to the
                                        `Ingress`, `Route`, or `Service`
                                        resource. This field can be used only
                                        with `loadbalancer`, `nodeport`,
                                        `route`, or `ingress` type listeners.
                                  required:
                                    - broker
                                description: Per-broker configurations.
                              ipFamilyPolicy:
                                type: string
                                enum:
                                  - SingleStack
                                  - PreferDualStack
                                  - RequireDualStack
                                description: >-
                                  Specifies the IP Family Policy used by the
                                  service. Available options are `SingleStack`,
                                  `PreferDualStack` and `RequireDualStack`.
                                  `SingleStack` is for a single IP family.
                                  `PreferDualStack` is for two IP families on
                                  dual-stack configured clusters or a single IP
                                  family on single-stack clusters.
                                  `RequireDualStack` fails unless there are two
                                  IP families on dual-stack configured clusters.
                                  If unspecified, Kubernetes will choose the
                                  default value based on the service type.
                                  Available on Kubernetes 1.20 and newer.
                              ipFamilies:
                                type: array
                                items:
                                  type: string
                                  enum:
                                    - IPv4
                                    - IPv6
                                description: >-
                                  Specifies the IP Families used by the service.
                                  Available options are `IPv4` and `IPv6. If
                                  unspecified, Kubernetes will choose the
                                  default value based on the `ipFamilyPolicy`
                                  setting. Available on Kubernetes 1.20 and
                                  newer.
                              createBootstrapService:
                                type: boolean
                                description: >-
                                  Whether to create the bootstrap service or
                                  not. The bootstrap service is created by
                                  default (if not specified differently). This
                                  field can be used with the `loadBalancer` type
                                  listener.
                              class:
                                type: string
                                description: >-
                                  Configures a specific class for `Ingress` and
                                  `LoadBalancer` that defines which controller
                                  will be used. This field can only be used with
                                  `ingress` and `loadbalancer` type listeners.
                                  If not specified, the default controller is
                                  used. For an `ingress` listener, set the
                                  `ingressClassName` property in the `Ingress`
                                  resources. For a `loadbalancer` listener, set
                                  the `loadBalancerClass` property  in the
                                  `Service` resources.
                              finalizers:
                                type: array
                                items:
                                  type: string
                                description: >-
                                  A list of finalizers which will be configured
                                  for the `LoadBalancer` type Services created
                                  for this listener. If supported by the
                                  platform, the finalizer
                                  `service.kubernetes.io/load-balancer-cleanup`
                                  to make sure that the external load balancer
                                  is deleted together with the service.For more
                                  information, see
                                  https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#garbage-collecting-load-balancers.
                                  This field can be used only with
                                  `loadbalancer` type listeners.
                              maxConnectionCreationRate:
                                type: integer
                                description: >-
                                  The maximum connection creation rate we allow
                                  in this listener at any time. New connections
                                  will be throttled if the limit is reached.
                              maxConnections:
                                type: integer
                                description: >-
                                  The maximum number of connections we allow for
                                  this listener in the broker at any time. New
                                  connections are blocked if the limit is
                                  reached.
                              preferredNodePortAddressType:
                                type: string
                                enum:
                                  - ExternalIP
                                  - ExternalDNS
                                  - InternalIP
                                  - InternalDNS
                                  - Hostname
                                description: >-
                                  Defines which address type should be used as
                                  the node address. Available types are:
                                  `ExternalDNS`, `ExternalIP`, `InternalDNS`,
                                  `InternalIP` and `Hostname`. By default, the
                                  addresses will be used in the following order
                                  (the first one found will be used):


                                  * `ExternalDNS`

                                  * `ExternalIP`

                                  * `InternalDNS`

                                  * `InternalIP`

                                  * `Hostname`


                                  This field is used to select the preferred
                                  address type, which is checked first. If no
                                  address is found for this address type, the
                                  other types are checked in the default order.
                                  This field can only be used with `nodeport`
                                  type listener.
                              useServiceDnsDomain:
                                type: boolean
                                description: >-
                                  Configures whether the Kubernetes service DNS
                                  domain should be used or not. If set to
                                  `true`, the generated addresses will contain
                                  the service DNS domain suffix (by default
                                  `.cluster.local`, can be configured using
                                  environment variable
                                  `KUBERNETES_SERVICE_DNS_DOMAIN`). Defaults to
                                  `false`.This field can be used only with
                                  `internal` and `cluster-ip` type listeners.
                            description: Additional listener configuration.
                          networkPolicyPeers:
                            type: array
                            items:
                              type: object
                              properties:
                                ipBlock:
                                  type: object
                                  properties:
                                    cidr:
                                      type: string
                                    except:
                                      type: array
                                      items:
                                        type: string
                                namespaceSelector:
                                  type: object
                                  properties:
                                    matchExpressions:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          key:
                                            type: string
                                          operator:
                                            type: string
                                          values:
                                            type: array
                                            items:
                                              type: string
                                    matchLabels:
                                      x-kubernetes-preserve-unknown-fields: true
                                      type: object
                                podSelector:
                                  type: object
                                  properties:
                                    matchExpressions:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          key:
                                            type: string
                                          operator:
                                            type: string
                                          values:
                                            type: array
                                            items:
                                              type: string
                                    matchLabels:
                                      x-kubernetes-preserve-unknown-fields: true
                                      type: object
                            description: >-
                              List of peers which should be able to connect to
                              this listener. Peers in this list are combined
                              using a logical OR operation. If this field is
                              empty or missing, all connections will be allowed
                              for this listener. If this field is present and
                              contains at least one item, the listener only
                              allows the traffic which matches at least one item
                              in this list.
                        required:
                          - name
                          - port
                          - type
                          - tls
                      description: Configures listeners of Kafka brokers.
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        Kafka broker config properties with the following
                        prefixes cannot be set: listeners, advertised., broker.,
                        listener., host.name, port, inter.broker.listener.name,
                        sasl., ssl., security., password., log.dir,
                        zookeeper.connect, zookeeper.set.acl, zookeeper.ssl,
                        zookeeper.clientCnxnSocket, authorizer., super.user,
                        cruise.control.metrics.topic,
                        cruise.control.metrics.reporter.bootstrap.servers,node.id,
                        process.roles, controller. (with the exception of:
                        zookeeper.connection.timeout.ms,
                        sasl.server.max.receive.size,ssl.cipher.suites,
                        ssl.protocol, ssl.enabled.protocols,
                        ssl.secure.random.implementation,cruise.control.metrics.topic.num.partitions,
                        cruise.control.metrics.topic.replication.factor,
                        cruise.control.metrics.topic.retention.ms,cruise.control.metrics.topic.auto.create.retries,
                        cruise.control.metrics.topic.auto.create.timeout.ms,cruise.control.metrics.topic.min.insync.replicas,controller.quorum.election.backoff.max.ms,
                        controller.quorum.election.timeout.ms,
                        controller.quorum.fetch.timeout.ms).
                    storage:
                      type: object
                      properties:
                        class:
                          type: string
                          description: >-
                            The storage class to use for dynamic volume
                            allocation.
                        deleteClaim:
                          type: boolean
                          description: >-
                            Specifies if the persistent volume claim has to be
                            deleted when the cluster is un-deployed.
                        id:
                          type: integer
                          minimum: 0
                          description: >-
                            Storage identification number. It is mandatory only
                            for storage volumes defined in a storage of type
                            'jbod'.
                        overrides:
                          type: array
                          items:
                            type: object
                            properties:
                              class:
                                type: string
                                description: >-
                                  The storage class to use for dynamic volume
                                  allocation for this broker.
                              broker:
                                type: integer
                                description: Id of the kafka broker (broker identifier).
                          description: >-
                            Overrides for individual brokers. The `overrides`
                            field allows to specify a different configuration
                            for different brokers.
                        selector:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: >-
                            Specifies a specific persistent volume to use. It
                            contains key:value pairs representing labels for
                            selecting such a volume.
                        size:
                          type: string
                          description: >-
                            When type=persistent-claim, defines the size of the
                            persistent volume claim (i.e 1Gi). Mandatory when
                            type=persistent-claim.
                        sizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            When type=ephemeral, defines the total amount of
                            local storage required for this EmptyDir volume (for
                            example 1Gi).
                        type:
                          type: string
                          enum:
                            - ephemeral
                            - persistent-claim
                            - jbod
                          description: >-
                            Storage type, must be either 'ephemeral',
                            'persistent-claim', or 'jbod'.
                        volumes:
                          type: array
                          items:
                            type: object
                            properties:
                              class:
                                type: string
                                description: >-
                                  The storage class to use for dynamic volume
                                  allocation.
                              deleteClaim:
                                type: boolean
                                description: >-
                                  Specifies if the persistent volume claim has
                                  to be deleted when the cluster is un-deployed.
                              id:
                                type: integer
                                minimum: 0
                                description: >-
                                  Storage identification number. It is mandatory
                                  only for storage volumes defined in a storage
                                  of type 'jbod'.
                              overrides:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    class:
                                      type: string
                                      description: >-
                                        The storage class to use for dynamic
                                        volume allocation for this broker.
                                    broker:
                                      type: integer
                                      description: >-
                                        Id of the kafka broker (broker
                                        identifier).
                                description: >-
                                  Overrides for individual brokers. The
                                  `overrides` field allows to specify a
                                  different configuration for different brokers.
                              selector:
                                x-kubernetes-preserve-unknown-fields: true
                                type: object
                                description: >-
                                  Specifies a specific persistent volume to use.
                                  It contains key:value pairs representing
                                  labels for selecting such a volume.
                              size:
                                type: string
                                description: >-
                                  When type=persistent-claim, defines the size
                                  of the persistent volume claim (i.e 1Gi).
                                  Mandatory when type=persistent-claim.
                              sizeLimit:
                                type: string
                                pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                                description: >-
                                  When type=ephemeral, defines the total amount
                                  of local storage required for this EmptyDir
                                  volume (for example 1Gi).
                              type:
                                type: string
                                enum:
                                  - ephemeral
                                  - persistent-claim
                                description: >-
                                  Storage type, must be either 'ephemeral' or
                                  'persistent-claim'.
                            required:
                              - type
                          description: >-
                            List of volumes as Storage objects representing the
                            JBOD disks array.
                      required:
                        - type
                      description: Storage configuration (disk). Cannot be updated.
                    authorization:
                      type: object
                      properties:
                        allowOnError:
                          type: boolean
                          description: >-
                            Defines whether a Kafka client should be allowed or
                            denied by default when the authorizer fails to query
                            the Open Policy Agent, for example, when it is
                            temporarily unavailable). Defaults to `false` - all
                            actions will be denied.
                        authorizerClass:
                          type: string
                          description: >-
                            Authorization implementation class, which must be
                            available in classpath.
                        clientId:
                          type: string
                          description: >-
                            OAuth Client ID which the Kafka client can use to
                            authenticate against the OAuth server and use the
                            token endpoint URI.
                        connectTimeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The connect timeout in seconds when connecting to
                            authorization server. If not set, the effective
                            connect timeout is 60 seconds.
                        delegateToKafkaAcls:
                          type: boolean
                          description: >-
                            Whether authorization decision should be delegated
                            to the 'Simple' authorizer if DENIED by Keycloak
                            Authorization Services policies. Default value is
                            `false`.
                        disableTlsHostnameVerification:
                          type: boolean
                          description: >-
                            Enable or disable TLS hostname verification. Default
                            value is `false`.
                        enableMetrics:
                          type: boolean
                          description: >-
                            Enable or disable OAuth metrics. Default value is
                            `false`.
                        expireAfterMs:
                          type: integer
                          description: >-
                            The expiration of the records kept in the local
                            cache to avoid querying the Open Policy Agent for
                            every request. Defines how often the cached
                            authorization decisions are reloaded from the Open
                            Policy Agent server. In milliseconds. Defaults to
                            `3600000`.
                        grantsRefreshPeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The time between two consecutive grants refresh runs
                            in seconds. The default value is 60.
                        grantsRefreshPoolSize:
                          type: integer
                          minimum: 1
                          description: >-
                            The number of threads to use to refresh grants for
                            active sessions. The more threads, the more
                            parallelism, so the sooner the job completes.
                            However, using more threads places a heavier load on
                            the authorization server. The default value is 5.
                        httpRetries:
                          type: integer
                          minimum: 0
                          description: >-
                            The maximum number of retries to attempt if an
                            initial HTTP request fails. If not set, the default
                            is to not attempt any retries.
                        initialCacheCapacity:
                          type: integer
                          description: >-
                            Initial capacity of the local cache used by the
                            authorizer to avoid querying the Open Policy Agent
                            for every request Defaults to `5000`.
                        maximumCacheSize:
                          type: integer
                          description: >-
                            Maximum capacity of the local cache used by the
                            authorizer to avoid querying the Open Policy Agent
                            for every request. Defaults to `50000`.
                        readTimeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The read timeout in seconds when connecting to
                            authorization server. If not set, the effective read
                            timeout is 60 seconds.
                        superUsers:
                          type: array
                          items:
                            type: string
                          description: >-
                            List of super users, which are user principals with
                            unlimited access rights.
                        supportsAdminApi:
                          type: boolean
                          description: >-
                            Indicates whether the custom authorizer supports the
                            APIs for managing ACLs using the Kafka Admin API.
                            Defaults to `false`.
                        tlsTrustedCertificates:
                          type: array
                          items:
                            type: object
                            properties:
                              certificate:
                                type: string
                                description: >-
                                  The name of the file certificate in the
                                  Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  certificate.
                            required:
                              - certificate
                              - secretName
                          description: >-
                            Trusted certificates for TLS connection to the OAuth
                            server.
                        tokenEndpointUri:
                          type: string
                          description: Authorization server token endpoint URI.
                        type:
                          type: string
                          enum:
                            - simple
                            - opa
                            - keycloak
                            - custom
                          description: >-
                            Authorization type. Currently, the supported types
                            are `simple`, `keycloak`, `opa` and `custom`.
                            `simple` authorization type uses Kafka's
                            `kafka.security.authorizer.AclAuthorizer` class for
                            authorization. `keycloak` authorization type uses
                            Keycloak Authorization Services for authorization.
                            `opa` authorization type uses Open Policy Agent
                            based authorization.`custom` authorization type uses
                            user-provided implementation for authorization.
                        url:
                          type: string
                          example: 'http://opa:8181/v1/data/kafka/authz/allow'
                          description: >-
                            The URL used to connect to the Open Policy Agent
                            server. The URL has to include the policy which will
                            be queried by the authorizer. This option is
                            required.
                      required:
                        - type
                      description: Authorization configuration for Kafka brokers.
                    rack:
                      type: object
                      properties:
                        topologyKey:
                          type: string
                          example: topology.kubernetes.io/zone
                          description: >-
                            A key that matches labels assigned to the Kubernetes
                            cluster nodes. The value of the label is used to set
                            a broker's `broker.rack` config, and the
                            `client.rack` config for Kafka Connect or
                            MirrorMaker 2.
                      required:
                        - topologyKey
                      description: Configuration of the `broker.rack` broker config.
                    brokerRackInitImage:
                      type: string
                      description: >-
                        The image of the init container used for initializing
                        the `broker.rack`.
                    livenessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod liveness checking.
                    readinessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod readiness checking.
                    jvmOptions:
                      type: object
                      properties:
                        '-XX':
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: A map of -XX options to the JVM.
                        '-Xms':
                          type: string
                          pattern: '^[0-9]+[mMgG]?$'
                          description: '-Xms option to to the JVM.'
                        '-Xmx':
                          type: string
                          pattern: '^[0-9]+[mMgG]?$'
                          description: '-Xmx option to to the JVM.'
                        gcLoggingEnabled:
                          type: boolean
                          description: >-
                            Specifies whether the Garbage Collection logging is
                            enabled. The default is false.
                        javaSystemProperties:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The system property name.
                              value:
                                type: string
                                description: The system property value.
                          description: >-
                            A map of additional system properties which will be
                            passed using the `-D` option to the JVM.
                      description: JVM Options for pods.
                    jmxOptions:
                      type: object
                      properties:
                        authentication:
                          type: object
                          properties:
                            type:
                              type: string
                              enum:
                                - password
                              description: >-
                                Authentication type. Currently the only
                                supported types are `password`.`password` type
                                creates a username and protected port with no
                                TLS.
                          required:
                            - type
                          description: >-
                            Authentication configuration for connecting to the
                            JMX port.
                      description: JMX Options for Kafka brokers.
                    resources:
                      type: object
                      properties:
                        claims:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                        limits:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                        requests:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                      description: CPU and memory resources to reserve.
                    metricsConfig:
                      type: object
                      properties:
                        type:
                          type: string
                          enum:
                            - jmxPrometheusExporter
                          description: >-
                            Metrics type. Only 'jmxPrometheusExporter' supported
                            currently.
                        valueFrom:
                          type: object
                          properties:
                            configMapKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Reference to the key in the ConfigMap containing
                                the configuration.
                          description: >-
                            ConfigMap entry where the Prometheus JMX Exporter
                            configuration is stored. For details of the
                            structure of this configuration, see the
                            {JMXExporter}.
                      required:
                        - type
                        - valueFrom
                      description: Metrics configuration.
                    logging:
                      type: object
                      properties:
                        loggers:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: A Map from logger name to logger level.
                        type:
                          type: string
                          enum:
                            - inline
                            - external
                          description: 'Logging type, must be either ''inline'' or ''external''.'
                        valueFrom:
                          type: object
                          properties:
                            configMapKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Reference to the key in the ConfigMap containing
                                the configuration.
                          description: >-
                            `ConfigMap` entry where the logging configuration is
                            stored. 
                      required:
                        - type
                      description: Logging configuration for Kafka.
                    template:
                      type: object
                      properties:
                        statefulset:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            podManagementPolicy:
                              type: string
                              enum:
                                - OrderedReady
                                - Parallel
                              description: >-
                                PodManagementPolicy which will be used for this
                                StatefulSet. Valid values are `Parallel` and
                                `OrderedReady`. Defaults to `Parallel`.
                          description: Template for Kafka `StatefulSet`.
                        pod:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            imagePullSecrets:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                              description: >-
                                List of references to secrets in the same
                                namespace to use for pulling any of the images
                                used by this Pod. When the
                                `STRIMZI_IMAGE_PULL_SECRETS` environment
                                variable in Cluster Operator and the
                                `imagePullSecrets` option are specified, only
                                the `imagePullSecrets` variable is used and the
                                `STRIMZI_IMAGE_PULL_SECRETS` variable is
                                ignored.
                            securityContext:
                              type: object
                              properties:
                                fsGroup:
                                  type: integer
                                fsGroupChangePolicy:
                                  type: string
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                supplementalGroups:
                                  type: array
                                  items:
                                    type: integer
                                sysctls:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      name:
                                        type: string
                                      value:
                                        type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: >-
                                Configures pod-level security attributes and
                                common container settings.
                            terminationGracePeriodSeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The grace period is the duration in seconds
                                after the processes running in the pod are sent
                                a termination signal, and the time when the
                                processes are forcibly halted with a kill
                                signal. Set this value to longer than the
                                expected cleanup time for your process. Value
                                must be a non-negative integer. A zero value
                                indicates delete immediately. You might need to
                                increase the grace period for very large Kafka
                                clusters, so that the Kafka brokers have enough
                                time to transfer their work to another broker
                                before they are terminated. Defaults to 30
                                seconds.
                            affinity:
                              type: object
                              properties:
                                nodeAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          preference:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: object
                                      properties:
                                        nodeSelectorTerms:
                                          type: array
                                          items:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                podAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                podAntiAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                              description: The pod's affinity rules.
                            tolerations:
                              type: array
                              items:
                                type: object
                                properties:
                                  effect:
                                    type: string
                                  key:
                                    type: string
                                  operator:
                                    type: string
                                  tolerationSeconds:
                                    type: integer
                                  value:
                                    type: string
                              description: The pod's tolerations.
                            priorityClassName:
                              type: string
                              description: >-
                                The name of the priority class used to assign
                                priority to the pods. For more information about
                                priority classes, see {K8sPriorityClass}.
                            schedulerName:
                              type: string
                              description: >-
                                The name of the scheduler used to dispatch this
                                `Pod`. If not specified, the default scheduler
                                will be used.
                            hostAliases:
                              type: array
                              items:
                                type: object
                                properties:
                                  hostnames:
                                    type: array
                                    items:
                                      type: string
                                  ip:
                                    type: string
                              description: >-
                                The pod's HostAliases. HostAliases is an
                                optional list of hosts and IPs that will be
                                injected into the Pod's hosts file if specified.
                            tmpDirSizeLimit:
                              type: string
                              pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                              description: >-
                                Defines the total amount (for example `1Gi`) of
                                local storage required for temporary EmptyDir
                                volume (`/tmp`). Default value is `5Mi`.
                            enableServiceLinks:
                              type: boolean
                              description: >-
                                Indicates whether information about services
                                should be injected into Pod's environment
                                variables.
                            topologySpreadConstraints:
                              type: array
                              items:
                                type: object
                                properties:
                                  labelSelector:
                                    type: object
                                    properties:
                                      matchExpressions:
                                        type: array
                                        items:
                                          type: object
                                          properties:
                                            key:
                                              type: string
                                            operator:
                                              type: string
                                            values:
                                              type: array
                                              items:
                                                type: string
                                      matchLabels:
                                        x-kubernetes-preserve-unknown-fields: true
                                        type: object
                                  matchLabelKeys:
                                    type: array
                                    items:
                                      type: string
                                  maxSkew:
                                    type: integer
                                  minDomains:
                                    type: integer
                                  nodeAffinityPolicy:
                                    type: string
                                  nodeTaintsPolicy:
                                    type: string
                                  topologyKey:
                                    type: string
                                  whenUnsatisfiable:
                                    type: string
                              description: The pod's topology spread constraints.
                          description: Template for Kafka `Pods`.
                        bootstrapService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            ipFamilyPolicy:
                              type: string
                              enum:
                                - SingleStack
                                - PreferDualStack
                                - RequireDualStack
                              description: >-
                                Specifies the IP Family Policy used by the
                                service. Available options are `SingleStack`,
                                `PreferDualStack` and `RequireDualStack`.
                                `SingleStack` is for a single IP family.
                                `PreferDualStack` is for two IP families on
                                dual-stack configured clusters or a single IP
                                family on single-stack clusters.
                                `RequireDualStack` fails unless there are two IP
                                families on dual-stack configured clusters. If
                                unspecified, Kubernetes will choose the default
                                value based on the service type. Available on
                                Kubernetes 1.20 and newer.
                            ipFamilies:
                              type: array
                              items:
                                type: string
                                enum:
                                  - IPv4
                                  - IPv6
                              description: >-
                                Specifies the IP Families used by the service.
                                Available options are `IPv4` and `IPv6. If
                                unspecified, Kubernetes will choose the default
                                value based on the `ipFamilyPolicy` setting.
                                Available on Kubernetes 1.20 and newer.
                          description: Template for Kafka bootstrap `Service`.
                        brokersService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            ipFamilyPolicy:
                              type: string
                              enum:
                                - SingleStack
                                - PreferDualStack
                                - RequireDualStack
                              description: >-
                                Specifies the IP Family Policy used by the
                                service. Available options are `SingleStack`,
                                `PreferDualStack` and `RequireDualStack`.
                                `SingleStack` is for a single IP family.
                                `PreferDualStack` is for two IP families on
                                dual-stack configured clusters or a single IP
                                family on single-stack clusters.
                                `RequireDualStack` fails unless there are two IP
                                families on dual-stack configured clusters. If
                                unspecified, Kubernetes will choose the default
                                value based on the service type. Available on
                                Kubernetes 1.20 and newer.
                            ipFamilies:
                              type: array
                              items:
                                type: string
                                enum:
                                  - IPv4
                                  - IPv6
                              description: >-
                                Specifies the IP Families used by the service.
                                Available options are `IPv4` and `IPv6. If
                                unspecified, Kubernetes will choose the default
                                value based on the `ipFamilyPolicy` setting.
                                Available on Kubernetes 1.20 and newer.
                          description: Template for Kafka broker `Service`.
                        externalBootstrapService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for Kafka external bootstrap `Service`.
                        perPodService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: >-
                            Template for Kafka per-pod `Services` used for
                            access from outside of Kubernetes.
                        externalBootstrapRoute:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for Kafka external bootstrap `Route`.
                        perPodRoute:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: >-
                            Template for Kafka per-pod `Routes` used for access
                            from outside of OpenShift.
                        externalBootstrapIngress:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for Kafka external bootstrap `Ingress`.
                        perPodIngress:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: >-
                            Template for Kafka per-pod `Ingress` used for access
                            from outside of Kubernetes.
                        persistentVolumeClaim:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for all Kafka `PersistentVolumeClaims`.
                        podDisruptionBudget:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: >-
                                Metadata to apply to the
                                `PodDisruptionBudgetTemplate` resource.
                            maxUnavailable:
                              type: integer
                              minimum: 0
                              description: >-
                                Maximum number of unavailable pods to allow
                                automatic Pod eviction. A Pod eviction is
                                allowed when the `maxUnavailable` number of pods
                                or fewer are unavailable after the eviction.
                                Setting this value to 0 prevents all voluntary
                                evictions, so the pods must be evicted manually.
                                Defaults to 1.
                          description: Template for Kafka `PodDisruptionBudget`.
                        kafkaContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the Kafka broker container.
                        initContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the Kafka init container.
                        clusterCaCert:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: >-
                            Template for Secret with Kafka Cluster certificate
                            public key.
                        serviceAccount:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Kafka service account.
                        jmxSecret:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: >-
                            Template for Secret of the Kafka Cluster JMX
                            authentication.
                        clusterRoleBinding:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Kafka ClusterRoleBinding.
                        podSet:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for Kafka `StrimziPodSet` resource.
                      description: >-
                        Template for Kafka cluster resources. The template
                        allows users to specify how the Kubernetes resources are
                        generated.
                  required:
                    - replicas
                    - listeners
                    - storage
                  description: Configuration of the Kafka cluster.
                zookeeper:
                  type: object
                  properties:
                    replicas:
                      type: integer
                      minimum: 1
                      description: The number of pods in the cluster.
                    image:
                      type: string
                      description: The docker image for the pods.
                    storage:
                      type: object
                      properties:
                        class:
                          type: string
                          description: >-
                            The storage class to use for dynamic volume
                            allocation.
                        deleteClaim:
                          type: boolean
                          description: >-
                            Specifies if the persistent volume claim has to be
                            deleted when the cluster is un-deployed.
                        id:
                          type: integer
                          minimum: 0
                          description: >-
                            Storage identification number. It is mandatory only
                            for storage volumes defined in a storage of type
                            'jbod'.
                        overrides:
                          type: array
                          items:
                            type: object
                            properties:
                              class:
                                type: string
                                description: >-
                                  The storage class to use for dynamic volume
                                  allocation for this broker.
                              broker:
                                type: integer
                                description: Id of the kafka broker (broker identifier).
                          description: >-
                            Overrides for individual brokers. The `overrides`
                            field allows to specify a different configuration
                            for different brokers.
                        selector:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: >-
                            Specifies a specific persistent volume to use. It
                            contains key:value pairs representing labels for
                            selecting such a volume.
                        size:
                          type: string
                          description: >-
                            When type=persistent-claim, defines the size of the
                            persistent volume claim (i.e 1Gi). Mandatory when
                            type=persistent-claim.
                        sizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            When type=ephemeral, defines the total amount of
                            local storage required for this EmptyDir volume (for
                            example 1Gi).
                        type:
                          type: string
                          enum:
                            - ephemeral
                            - persistent-claim
                          description: >-
                            Storage type, must be either 'ephemeral' or
                            'persistent-claim'.
                      required:
                        - type
                      description: Storage configuration (disk). Cannot be updated.
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The ZooKeeper broker config. Properties with the
                        following prefixes cannot be set: server., dataDir,
                        dataLogDir, clientPort, authProvider, quorum.auth,
                        requireClientAuthScheme, snapshot.trust.empty,
                        standaloneEnabled, reconfigEnabled,
                        4lw.commands.whitelist, secureClientPort, ssl.,
                        serverCnxnFactory, sslQuorum (with the exception of:
                        ssl.protocol, ssl.quorum.protocol, ssl.enabledProtocols,
                        ssl.quorum.enabledProtocols, ssl.ciphersuites,
                        ssl.quorum.ciphersuites, ssl.hostnameVerification,
                        ssl.quorum.hostnameVerification).
                    livenessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod liveness checking.
                    readinessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod readiness checking.
                    jvmOptions:
                      type: object
                      properties:
                        '-XX':
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: A map of -XX options to the JVM.
                        '-Xms':
                          type: string
                          pattern: '^[0-9]+[mMgG]?$'
                          description: '-Xms option to to the JVM.'
                        '-Xmx':
                          type: string
                          pattern: '^[0-9]+[mMgG]?$'
                          description: '-Xmx option to to the JVM.'
                        gcLoggingEnabled:
                          type: boolean
                          description: >-
                            Specifies whether the Garbage Collection logging is
                            enabled. The default is false.
                        javaSystemProperties:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The system property name.
                              value:
                                type: string
                                description: The system property value.
                          description: >-
                            A map of additional system properties which will be
                            passed using the `-D` option to the JVM.
                      description: JVM Options for pods.
                    jmxOptions:
                      type: object
                      properties:
                        authentication:
                          type: object
                          properties:
                            type:
                              type: string
                              enum:
                                - password
                              description: >-
                                Authentication type. Currently the only
                                supported types are `password`.`password` type
                                creates a username and protected port with no
                                TLS.
                          required:
                            - type
                          description: >-
                            Authentication configuration for connecting to the
                            JMX port.
                      description: JMX Options for Zookeeper nodes.
                    resources:
                      type: object
                      properties:
                        claims:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                        limits:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                        requests:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                      description: CPU and memory resources to reserve.
                    metricsConfig:
                      type: object
                      properties:
                        type:
                          type: string
                          enum:
                            - jmxPrometheusExporter
                          description: >-
                            Metrics type. Only 'jmxPrometheusExporter' supported
                            currently.
                        valueFrom:
                          type: object
                          properties:
                            configMapKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Reference to the key in the ConfigMap containing
                                the configuration.
                          description: >-
                            ConfigMap entry where the Prometheus JMX Exporter
                            configuration is stored. For details of the
                            structure of this configuration, see the
                            {JMXExporter}.
                      required:
                        - type
                        - valueFrom
                      description: Metrics configuration.
                    logging:
                      type: object
                      properties:
                        loggers:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: A Map from logger name to logger level.
                        type:
                          type: string
                          enum:
                            - inline
                            - external
                          description: 'Logging type, must be either ''inline'' or ''external''.'
                        valueFrom:
                          type: object
                          properties:
                            configMapKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Reference to the key in the ConfigMap containing
                                the configuration.
                          description: >-
                            `ConfigMap` entry where the logging configuration is
                            stored. 
                      required:
                        - type
                      description: Logging configuration for ZooKeeper.
                    template:
                      type: object
                      properties:
                        statefulset:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            podManagementPolicy:
                              type: string
                              enum:
                                - OrderedReady
                                - Parallel
                              description: >-
                                PodManagementPolicy which will be used for this
                                StatefulSet. Valid values are `Parallel` and
                                `OrderedReady`. Defaults to `Parallel`.
                          description: Template for ZooKeeper `StatefulSet`.
                        pod:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            imagePullSecrets:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                              description: >-
                                List of references to secrets in the same
                                namespace to use for pulling any of the images
                                used by this Pod. When the
                                `STRIMZI_IMAGE_PULL_SECRETS` environment
                                variable in Cluster Operator and the
                                `imagePullSecrets` option are specified, only
                                the `imagePullSecrets` variable is used and the
                                `STRIMZI_IMAGE_PULL_SECRETS` variable is
                                ignored.
                            securityContext:
                              type: object
                              properties:
                                fsGroup:
                                  type: integer
                                fsGroupChangePolicy:
                                  type: string
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                supplementalGroups:
                                  type: array
                                  items:
                                    type: integer
                                sysctls:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      name:
                                        type: string
                                      value:
                                        type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: >-
                                Configures pod-level security attributes and
                                common container settings.
                            terminationGracePeriodSeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The grace period is the duration in seconds
                                after the processes running in the pod are sent
                                a termination signal, and the time when the
                                processes are forcibly halted with a kill
                                signal. Set this value to longer than the
                                expected cleanup time for your process. Value
                                must be a non-negative integer. A zero value
                                indicates delete immediately. You might need to
                                increase the grace period for very large Kafka
                                clusters, so that the Kafka brokers have enough
                                time to transfer their work to another broker
                                before they are terminated. Defaults to 30
                                seconds.
                            affinity:
                              type: object
                              properties:
                                nodeAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          preference:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: object
                                      properties:
                                        nodeSelectorTerms:
                                          type: array
                                          items:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                podAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                podAntiAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                              description: The pod's affinity rules.
                            tolerations:
                              type: array
                              items:
                                type: object
                                properties:
                                  effect:
                                    type: string
                                  key:
                                    type: string
                                  operator:
                                    type: string
                                  tolerationSeconds:
                                    type: integer
                                  value:
                                    type: string
                              description: The pod's tolerations.
                            priorityClassName:
                              type: string
                              description: >-
                                The name of the priority class used to assign
                                priority to the pods. For more information about
                                priority classes, see {K8sPriorityClass}.
                            schedulerName:
                              type: string
                              description: >-
                                The name of the scheduler used to dispatch this
                                `Pod`. If not specified, the default scheduler
                                will be used.
                            hostAliases:
                              type: array
                              items:
                                type: object
                                properties:
                                  hostnames:
                                    type: array
                                    items:
                                      type: string
                                  ip:
                                    type: string
                              description: >-
                                The pod's HostAliases. HostAliases is an
                                optional list of hosts and IPs that will be
                                injected into the Pod's hosts file if specified.
                            tmpDirSizeLimit:
                              type: string
                              pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                              description: >-
                                Defines the total amount (for example `1Gi`) of
                                local storage required for temporary EmptyDir
                                volume (`/tmp`). Default value is `5Mi`.
                            enableServiceLinks:
                              type: boolean
                              description: >-
                                Indicates whether information about services
                                should be injected into Pod's environment
                                variables.
                            topologySpreadConstraints:
                              type: array
                              items:
                                type: object
                                properties:
                                  labelSelector:
                                    type: object
                                    properties:
                                      matchExpressions:
                                        type: array
                                        items:
                                          type: object
                                          properties:
                                            key:
                                              type: string
                                            operator:
                                              type: string
                                            values:
                                              type: array
                                              items:
                                                type: string
                                      matchLabels:
                                        x-kubernetes-preserve-unknown-fields: true
                                        type: object
                                  matchLabelKeys:
                                    type: array
                                    items:
                                      type: string
                                  maxSkew:
                                    type: integer
                                  minDomains:
                                    type: integer
                                  nodeAffinityPolicy:
                                    type: string
                                  nodeTaintsPolicy:
                                    type: string
                                  topologyKey:
                                    type: string
                                  whenUnsatisfiable:
                                    type: string
                              description: The pod's topology spread constraints.
                          description: Template for ZooKeeper `Pods`.
                        clientService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            ipFamilyPolicy:
                              type: string
                              enum:
                                - SingleStack
                                - PreferDualStack
                                - RequireDualStack
                              description: >-
                                Specifies the IP Family Policy used by the
                                service. Available options are `SingleStack`,
                                `PreferDualStack` and `RequireDualStack`.
                                `SingleStack` is for a single IP family.
                                `PreferDualStack` is for two IP families on
                                dual-stack configured clusters or a single IP
                                family on single-stack clusters.
                                `RequireDualStack` fails unless there are two IP
                                families on dual-stack configured clusters. If
                                unspecified, Kubernetes will choose the default
                                value based on the service type. Available on
                                Kubernetes 1.20 and newer.
                            ipFamilies:
                              type: array
                              items:
                                type: string
                                enum:
                                  - IPv4
                                  - IPv6
                              description: >-
                                Specifies the IP Families used by the service.
                                Available options are `IPv4` and `IPv6. If
                                unspecified, Kubernetes will choose the default
                                value based on the `ipFamilyPolicy` setting.
                                Available on Kubernetes 1.20 and newer.
                          description: Template for ZooKeeper client `Service`.
                        nodesService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            ipFamilyPolicy:
                              type: string
                              enum:
                                - SingleStack
                                - PreferDualStack
                                - RequireDualStack
                              description: >-
                                Specifies the IP Family Policy used by the
                                service. Available options are `SingleStack`,
                                `PreferDualStack` and `RequireDualStack`.
                                `SingleStack` is for a single IP family.
                                `PreferDualStack` is for two IP families on
                                dual-stack configured clusters or a single IP
                                family on single-stack clusters.
                                `RequireDualStack` fails unless there are two IP
                                families on dual-stack configured clusters. If
                                unspecified, Kubernetes will choose the default
                                value based on the service type. Available on
                                Kubernetes 1.20 and newer.
                            ipFamilies:
                              type: array
                              items:
                                type: string
                                enum:
                                  - IPv4
                                  - IPv6
                              description: >-
                                Specifies the IP Families used by the service.
                                Available options are `IPv4` and `IPv6. If
                                unspecified, Kubernetes will choose the default
                                value based on the `ipFamilyPolicy` setting.
                                Available on Kubernetes 1.20 and newer.
                          description: Template for ZooKeeper nodes `Service`.
                        persistentVolumeClaim:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for all ZooKeeper `PersistentVolumeClaims`.
                        podDisruptionBudget:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: >-
                                Metadata to apply to the
                                `PodDisruptionBudgetTemplate` resource.
                            maxUnavailable:
                              type: integer
                              minimum: 0
                              description: >-
                                Maximum number of unavailable pods to allow
                                automatic Pod eviction. A Pod eviction is
                                allowed when the `maxUnavailable` number of pods
                                or fewer are unavailable after the eviction.
                                Setting this value to 0 prevents all voluntary
                                evictions, so the pods must be evicted manually.
                                Defaults to 1.
                          description: Template for ZooKeeper `PodDisruptionBudget`.
                        zookeeperContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the ZooKeeper container.
                        serviceAccount:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the ZooKeeper service account.
                        jmxSecret:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: >-
                            Template for Secret of the Zookeeper Cluster JMX
                            authentication.
                        podSet:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for ZooKeeper `StrimziPodSet` resource.
                      description: >-
                        Template for ZooKeeper cluster resources. The template
                        allows users to specify how the Kubernetes resources are
                        generated.
                  required:
                    - replicas
                    - storage
                  description: Configuration of the ZooKeeper cluster.
                entityOperator:
                  type: object
                  properties:
                    topicOperator:
                      type: object
                      properties:
                        watchedNamespace:
                          type: string
                          description: The namespace the Topic Operator should watch.
                        image:
                          type: string
                          description: The image to use for the Topic Operator.
                        reconciliationIntervalSeconds:
                          type: integer
                          minimum: 0
                          description: Interval between periodic reconciliations.
                        zookeeperSessionTimeoutSeconds:
                          type: integer
                          minimum: 0
                          description: Timeout for the ZooKeeper session.
                        startupProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod startup checking.
                        livenessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod liveness checking.
                        readinessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod readiness checking.
                        resources:
                          type: object
                          properties:
                            claims:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                            limits:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                            requests:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                          description: CPU and memory resources to reserve.
                        topicMetadataMaxAttempts:
                          type: integer
                          minimum: 0
                          description: The number of attempts at getting topic metadata.
                        logging:
                          type: object
                          properties:
                            loggers:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: A Map from logger name to logger level.
                            type:
                              type: string
                              enum:
                                - inline
                                - external
                              description: >-
                                Logging type, must be either 'inline' or
                                'external'.
                            valueFrom:
                              type: object
                              properties:
                                configMapKeyRef:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                    name:
                                      type: string
                                    optional:
                                      type: boolean
                                  description: >-
                                    Reference to the key in the ConfigMap
                                    containing the configuration.
                              description: >-
                                `ConfigMap` entry where the logging
                                configuration is stored. 
                          required:
                            - type
                          description: Logging configuration.
                        jvmOptions:
                          type: object
                          properties:
                            '-XX':
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: A map of -XX options to the JVM.
                            '-Xms':
                              type: string
                              pattern: '^[0-9]+[mMgG]?$'
                              description: '-Xms option to to the JVM.'
                            '-Xmx':
                              type: string
                              pattern: '^[0-9]+[mMgG]?$'
                              description: '-Xmx option to to the JVM.'
                            gcLoggingEnabled:
                              type: boolean
                              description: >-
                                Specifies whether the Garbage Collection logging
                                is enabled. The default is false.
                            javaSystemProperties:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The system property name.
                                  value:
                                    type: string
                                    description: The system property value.
                              description: >-
                                A map of additional system properties which will
                                be passed using the `-D` option to the JVM.
                          description: JVM Options for pods.
                      description: Configuration of the Topic Operator.
                    userOperator:
                      type: object
                      properties:
                        watchedNamespace:
                          type: string
                          description: The namespace the User Operator should watch.
                        image:
                          type: string
                          description: The image to use for the User Operator.
                        reconciliationIntervalSeconds:
                          type: integer
                          minimum: 0
                          description: Interval between periodic reconciliations.
                        zookeeperSessionTimeoutSeconds:
                          type: integer
                          minimum: 0
                          description: Timeout for the ZooKeeper session.
                        secretPrefix:
                          type: string
                          description: >-
                            The prefix that will be added to the KafkaUser name
                            to be used as the Secret name.
                        livenessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod liveness checking.
                        readinessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod readiness checking.
                        resources:
                          type: object
                          properties:
                            claims:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                            limits:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                            requests:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                          description: CPU and memory resources to reserve.
                        logging:
                          type: object
                          properties:
                            loggers:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: A Map from logger name to logger level.
                            type:
                              type: string
                              enum:
                                - inline
                                - external
                              description: >-
                                Logging type, must be either 'inline' or
                                'external'.
                            valueFrom:
                              type: object
                              properties:
                                configMapKeyRef:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                    name:
                                      type: string
                                    optional:
                                      type: boolean
                                  description: >-
                                    Reference to the key in the ConfigMap
                                    containing the configuration.
                              description: >-
                                `ConfigMap` entry where the logging
                                configuration is stored. 
                          required:
                            - type
                          description: Logging configuration.
                        jvmOptions:
                          type: object
                          properties:
                            '-XX':
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: A map of -XX options to the JVM.
                            '-Xms':
                              type: string
                              pattern: '^[0-9]+[mMgG]?$'
                              description: '-Xms option to to the JVM.'
                            '-Xmx':
                              type: string
                              pattern: '^[0-9]+[mMgG]?$'
                              description: '-Xmx option to to the JVM.'
                            gcLoggingEnabled:
                              type: boolean
                              description: >-
                                Specifies whether the Garbage Collection logging
                                is enabled. The default is false.
                            javaSystemProperties:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The system property name.
                                  value:
                                    type: string
                                    description: The system property value.
                              description: >-
                                A map of additional system properties which will
                                be passed using the `-D` option to the JVM.
                          description: JVM Options for pods.
                      description: Configuration of the User Operator.
                    tlsSidecar:
                      type: object
                      properties:
                        image:
                          type: string
                          description: The docker image for the container.
                        livenessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod liveness checking.
                        logLevel:
                          type: string
                          enum:
                            - emerg
                            - alert
                            - crit
                            - err
                            - warning
                            - notice
                            - info
                            - debug
                          description: >-
                            The log level for the TLS sidecar. Default value is
                            `notice`.
                        readinessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod readiness checking.
                        resources:
                          type: object
                          properties:
                            claims:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                            limits:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                            requests:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                          description: CPU and memory resources to reserve.
                      description: TLS sidecar configuration.
                    template:
                      type: object
                      properties:
                        deployment:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            deploymentStrategy:
                              type: string
                              enum:
                                - RollingUpdate
                                - Recreate
                              description: >-
                                Pod replacement strategy for deployment
                                configuration changes. Valid values are
                                `RollingUpdate` and `Recreate`. Defaults to
                                `RollingUpdate`.
                          description: Template for Entity Operator `Deployment`.
                        pod:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            imagePullSecrets:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                              description: >-
                                List of references to secrets in the same
                                namespace to use for pulling any of the images
                                used by this Pod. When the
                                `STRIMZI_IMAGE_PULL_SECRETS` environment
                                variable in Cluster Operator and the
                                `imagePullSecrets` option are specified, only
                                the `imagePullSecrets` variable is used and the
                                `STRIMZI_IMAGE_PULL_SECRETS` variable is
                                ignored.
                            securityContext:
                              type: object
                              properties:
                                fsGroup:
                                  type: integer
                                fsGroupChangePolicy:
                                  type: string
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                supplementalGroups:
                                  type: array
                                  items:
                                    type: integer
                                sysctls:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      name:
                                        type: string
                                      value:
                                        type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: >-
                                Configures pod-level security attributes and
                                common container settings.
                            terminationGracePeriodSeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The grace period is the duration in seconds
                                after the processes running in the pod are sent
                                a termination signal, and the time when the
                                processes are forcibly halted with a kill
                                signal. Set this value to longer than the
                                expected cleanup time for your process. Value
                                must be a non-negative integer. A zero value
                                indicates delete immediately. You might need to
                                increase the grace period for very large Kafka
                                clusters, so that the Kafka brokers have enough
                                time to transfer their work to another broker
                                before they are terminated. Defaults to 30
                                seconds.
                            affinity:
                              type: object
                              properties:
                                nodeAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          preference:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: object
                                      properties:
                                        nodeSelectorTerms:
                                          type: array
                                          items:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                podAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                podAntiAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                              description: The pod's affinity rules.
                            tolerations:
                              type: array
                              items:
                                type: object
                                properties:
                                  effect:
                                    type: string
                                  key:
                                    type: string
                                  operator:
                                    type: string
                                  tolerationSeconds:
                                    type: integer
                                  value:
                                    type: string
                              description: The pod's tolerations.
                            priorityClassName:
                              type: string
                              description: >-
                                The name of the priority class used to assign
                                priority to the pods. For more information about
                                priority classes, see {K8sPriorityClass}.
                            schedulerName:
                              type: string
                              description: >-
                                The name of the scheduler used to dispatch this
                                `Pod`. If not specified, the default scheduler
                                will be used.
                            hostAliases:
                              type: array
                              items:
                                type: object
                                properties:
                                  hostnames:
                                    type: array
                                    items:
                                      type: string
                                  ip:
                                    type: string
                              description: >-
                                The pod's HostAliases. HostAliases is an
                                optional list of hosts and IPs that will be
                                injected into the Pod's hosts file if specified.
                            tmpDirSizeLimit:
                              type: string
                              pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                              description: >-
                                Defines the total amount (for example `1Gi`) of
                                local storage required for temporary EmptyDir
                                volume (`/tmp`). Default value is `5Mi`.
                            enableServiceLinks:
                              type: boolean
                              description: >-
                                Indicates whether information about services
                                should be injected into Pod's environment
                                variables.
                            topologySpreadConstraints:
                              type: array
                              items:
                                type: object
                                properties:
                                  labelSelector:
                                    type: object
                                    properties:
                                      matchExpressions:
                                        type: array
                                        items:
                                          type: object
                                          properties:
                                            key:
                                              type: string
                                            operator:
                                              type: string
                                            values:
                                              type: array
                                              items:
                                                type: string
                                      matchLabels:
                                        x-kubernetes-preserve-unknown-fields: true
                                        type: object
                                  matchLabelKeys:
                                    type: array
                                    items:
                                      type: string
                                  maxSkew:
                                    type: integer
                                  minDomains:
                                    type: integer
                                  nodeAffinityPolicy:
                                    type: string
                                  nodeTaintsPolicy:
                                    type: string
                                  topologyKey:
                                    type: string
                                  whenUnsatisfiable:
                                    type: string
                              description: The pod's topology spread constraints.
                          description: Template for Entity Operator `Pods`.
                        topicOperatorContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the Entity Topic Operator container.
                        userOperatorContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the Entity User Operator container.
                        tlsSidecarContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: >-
                            Template for the Entity Operator TLS sidecar
                            container.
                        serviceAccount:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Entity Operator service account.
                        entityOperatorRole:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Entity Operator Role.
                        topicOperatorRoleBinding:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Entity Topic Operator RoleBinding.
                        userOperatorRoleBinding:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Entity Topic Operator RoleBinding.
                      description: >-
                        Template for Entity Operator resources. The template
                        allows users to specify how a `Deployment` and `Pod` is
                        generated.
                  description: Configuration of the Entity Operator.
                clusterCa:
                  type: object
                  properties:
                    generateCertificateAuthority:
                      type: boolean
                      description: >-
                        If true then Certificate Authority certificates will be
                        generated automatically. Otherwise the user will need to
                        provide a Secret with the CA certificate. Default is
                        true.
                    generateSecretOwnerReference:
                      type: boolean
                      description: >-
                        If `true`, the Cluster and Client CA Secrets are
                        configured with the `ownerReference` set to the `Kafka`
                        resource. If the `Kafka` resource is deleted when
                        `true`, the CA Secrets are also deleted. If `false`, the
                        `ownerReference` is disabled. If the `Kafka` resource is
                        deleted when `false`, the CA Secrets are retained and
                        available for reuse. Default is `true`.
                    validityDays:
                      type: integer
                      minimum: 1
                      description: >-
                        The number of days generated certificates should be
                        valid for. The default is 365.
                    renewalDays:
                      type: integer
                      minimum: 1
                      description: >-
                        The number of days in the certificate renewal period.
                        This is the number of days before the a certificate
                        expires during which renewal actions may be performed.
                        When `generateCertificateAuthority` is true, this will
                        cause the generation of a new certificate. When
                        `generateCertificateAuthority` is true, this will cause
                        extra logging at WARN level about the pending
                        certificate expiry. Default is 30.
                    certificateExpirationPolicy:
                      type: string
                      enum:
                        - renew-certificate
                        - replace-key
                      description: >-
                        How should CA certificate expiration be handled when
                        `generateCertificateAuthority=true`. The default is for
                        a new CA certificate to be generated reusing the
                        existing private key.
                  description: Configuration of the cluster certificate authority.
                clientsCa:
                  type: object
                  properties:
                    generateCertificateAuthority:
                      type: boolean
                      description: >-
                        If true then Certificate Authority certificates will be
                        generated automatically. Otherwise the user will need to
                        provide a Secret with the CA certificate. Default is
                        true.
                    generateSecretOwnerReference:
                      type: boolean
                      description: >-
                        If `true`, the Cluster and Client CA Secrets are
                        configured with the `ownerReference` set to the `Kafka`
                        resource. If the `Kafka` resource is deleted when
                        `true`, the CA Secrets are also deleted. If `false`, the
                        `ownerReference` is disabled. If the `Kafka` resource is
                        deleted when `false`, the CA Secrets are retained and
                        available for reuse. Default is `true`.
                    validityDays:
                      type: integer
                      minimum: 1
                      description: >-
                        The number of days generated certificates should be
                        valid for. The default is 365.
                    renewalDays:
                      type: integer
                      minimum: 1
                      description: >-
                        The number of days in the certificate renewal period.
                        This is the number of days before the a certificate
                        expires during which renewal actions may be performed.
                        When `generateCertificateAuthority` is true, this will
                        cause the generation of a new certificate. When
                        `generateCertificateAuthority` is true, this will cause
                        extra logging at WARN level about the pending
                        certificate expiry. Default is 30.
                    certificateExpirationPolicy:
                      type: string
                      enum:
                        - renew-certificate
                        - replace-key
                      description: >-
                        How should CA certificate expiration be handled when
                        `generateCertificateAuthority=true`. The default is for
                        a new CA certificate to be generated reusing the
                        existing private key.
                  description: Configuration of the clients certificate authority.
                cruiseControl:
                  type: object
                  properties:
                    image:
                      type: string
                      description: The docker image for the pods.
                    tlsSidecar:
                      type: object
                      properties:
                        image:
                          type: string
                          description: The docker image for the container.
                        livenessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod liveness checking.
                        logLevel:
                          type: string
                          enum:
                            - emerg
                            - alert
                            - crit
                            - err
                            - warning
                            - notice
                            - info
                            - debug
                          description: >-
                            The log level for the TLS sidecar. Default value is
                            `notice`.
                        readinessProbe:
                          type: object
                          properties:
                            failureThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive failures for the probe to be
                                considered failed after having succeeded.
                                Defaults to 3. Minimum value is 1.
                            initialDelaySeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The initial delay before first the health is
                                first checked. Default to 15 seconds. Minimum
                                value is 0.
                            periodSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                How often (in seconds) to perform the probe.
                                Default to 10 seconds. Minimum value is 1.
                            successThreshold:
                              type: integer
                              minimum: 1
                              description: >-
                                Minimum consecutive successes for the probe to
                                be considered successful after having failed.
                                Defaults to 1. Must be 1 for liveness. Minimum
                                value is 1.
                            timeoutSeconds:
                              type: integer
                              minimum: 1
                              description: >-
                                The timeout for each attempted health check.
                                Default to 5 seconds. Minimum value is 1.
                          description: Pod readiness checking.
                        resources:
                          type: object
                          properties:
                            claims:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                            limits:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                            requests:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                          description: CPU and memory resources to reserve.
                      description: TLS sidecar configuration.
                    resources:
                      type: object
                      properties:
                        claims:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                        limits:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                        requests:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                      description: >-
                        CPU and memory resources to reserve for the Cruise
                        Control container.
                    livenessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod liveness checking for the Cruise Control container.
                    readinessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod readiness checking for the Cruise Control container.
                    jvmOptions:
                      type: object
                      properties:
                        '-XX':
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: A map of -XX options to the JVM.
                        '-Xms':
                          type: string
                          pattern: '^[0-9]+[mMgG]?$'
                          description: '-Xms option to to the JVM.'
                        '-Xmx':
                          type: string
                          pattern: '^[0-9]+[mMgG]?$'
                          description: '-Xmx option to to the JVM.'
                        gcLoggingEnabled:
                          type: boolean
                          description: >-
                            Specifies whether the Garbage Collection logging is
                            enabled. The default is false.
                        javaSystemProperties:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The system property name.
                              value:
                                type: string
                                description: The system property value.
                          description: >-
                            A map of additional system properties which will be
                            passed using the `-D` option to the JVM.
                      description: JVM Options for the Cruise Control container.
                    logging:
                      type: object
                      properties:
                        loggers:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                          description: A Map from logger name to logger level.
                        type:
                          type: string
                          enum:
                            - inline
                            - external
                          description: 'Logging type, must be either ''inline'' or ''external''.'
                        valueFrom:
                          type: object
                          properties:
                            configMapKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Reference to the key in the ConfigMap containing
                                the configuration.
                          description: >-
                            `ConfigMap` entry where the logging configuration is
                            stored. 
                      required:
                        - type
                      description: Logging configuration (Log4j 2) for Cruise Control.
                    template:
                      type: object
                      properties:
                        deployment:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            deploymentStrategy:
                              type: string
                              enum:
                                - RollingUpdate
                                - Recreate
                              description: >-
                                Pod replacement strategy for deployment
                                configuration changes. Valid values are
                                `RollingUpdate` and `Recreate`. Defaults to
                                `RollingUpdate`.
                          description: Template for Cruise Control `Deployment`.
                        pod:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            imagePullSecrets:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                              description: >-
                                List of references to secrets in the same
                                namespace to use for pulling any of the images
                                used by this Pod. When the
                                `STRIMZI_IMAGE_PULL_SECRETS` environment
                                variable in Cluster Operator and the
                                `imagePullSecrets` option are specified, only
                                the `imagePullSecrets` variable is used and the
                                `STRIMZI_IMAGE_PULL_SECRETS` variable is
                                ignored.
                            securityContext:
                              type: object
                              properties:
                                fsGroup:
                                  type: integer
                                fsGroupChangePolicy:
                                  type: string
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                supplementalGroups:
                                  type: array
                                  items:
                                    type: integer
                                sysctls:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      name:
                                        type: string
                                      value:
                                        type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: >-
                                Configures pod-level security attributes and
                                common container settings.
                            terminationGracePeriodSeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The grace period is the duration in seconds
                                after the processes running in the pod are sent
                                a termination signal, and the time when the
                                processes are forcibly halted with a kill
                                signal. Set this value to longer than the
                                expected cleanup time for your process. Value
                                must be a non-negative integer. A zero value
                                indicates delete immediately. You might need to
                                increase the grace period for very large Kafka
                                clusters, so that the Kafka brokers have enough
                                time to transfer their work to another broker
                                before they are terminated. Defaults to 30
                                seconds.
                            affinity:
                              type: object
                              properties:
                                nodeAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          preference:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: object
                                      properties:
                                        nodeSelectorTerms:
                                          type: array
                                          items:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                podAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                podAntiAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                              description: The pod's affinity rules.
                            tolerations:
                              type: array
                              items:
                                type: object
                                properties:
                                  effect:
                                    type: string
                                  key:
                                    type: string
                                  operator:
                                    type: string
                                  tolerationSeconds:
                                    type: integer
                                  value:
                                    type: string
                              description: The pod's tolerations.
                            priorityClassName:
                              type: string
                              description: >-
                                The name of the priority class used to assign
                                priority to the pods. For more information about
                                priority classes, see {K8sPriorityClass}.
                            schedulerName:
                              type: string
                              description: >-
                                The name of the scheduler used to dispatch this
                                `Pod`. If not specified, the default scheduler
                                will be used.
                            hostAliases:
                              type: array
                              items:
                                type: object
                                properties:
                                  hostnames:
                                    type: array
                                    items:
                                      type: string
                                  ip:
                                    type: string
                              description: >-
                                The pod's HostAliases. HostAliases is an
                                optional list of hosts and IPs that will be
                                injected into the Pod's hosts file if specified.
                            tmpDirSizeLimit:
                              type: string
                              pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                              description: >-
                                Defines the total amount (for example `1Gi`) of
                                local storage required for temporary EmptyDir
                                volume (`/tmp`). Default value is `5Mi`.
                            enableServiceLinks:
                              type: boolean
                              description: >-
                                Indicates whether information about services
                                should be injected into Pod's environment
                                variables.
                            topologySpreadConstraints:
                              type: array
                              items:
                                type: object
                                properties:
                                  labelSelector:
                                    type: object
                                    properties:
                                      matchExpressions:
                                        type: array
                                        items:
                                          type: object
                                          properties:
                                            key:
                                              type: string
                                            operator:
                                              type: string
                                            values:
                                              type: array
                                              items:
                                                type: string
                                      matchLabels:
                                        x-kubernetes-preserve-unknown-fields: true
                                        type: object
                                  matchLabelKeys:
                                    type: array
                                    items:
                                      type: string
                                  maxSkew:
                                    type: integer
                                  minDomains:
                                    type: integer
                                  nodeAffinityPolicy:
                                    type: string
                                  nodeTaintsPolicy:
                                    type: string
                                  topologyKey:
                                    type: string
                                  whenUnsatisfiable:
                                    type: string
                              description: The pod's topology spread constraints.
                          description: Template for Cruise Control `Pods`.
                        apiService:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            ipFamilyPolicy:
                              type: string
                              enum:
                                - SingleStack
                                - PreferDualStack
                                - RequireDualStack
                              description: >-
                                Specifies the IP Family Policy used by the
                                service. Available options are `SingleStack`,
                                `PreferDualStack` and `RequireDualStack`.
                                `SingleStack` is for a single IP family.
                                `PreferDualStack` is for two IP families on
                                dual-stack configured clusters or a single IP
                                family on single-stack clusters.
                                `RequireDualStack` fails unless there are two IP
                                families on dual-stack configured clusters. If
                                unspecified, Kubernetes will choose the default
                                value based on the service type. Available on
                                Kubernetes 1.20 and newer.
                            ipFamilies:
                              type: array
                              items:
                                type: string
                                enum:
                                  - IPv4
                                  - IPv6
                              description: >-
                                Specifies the IP Families used by the service.
                                Available options are `IPv4` and `IPv6. If
                                unspecified, Kubernetes will choose the default
                                value based on the `ipFamilyPolicy` setting.
                                Available on Kubernetes 1.20 and newer.
                          description: Template for Cruise Control API `Service`.
                        podDisruptionBudget:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: >-
                                Metadata to apply to the
                                `PodDisruptionBudgetTemplate` resource.
                            maxUnavailable:
                              type: integer
                              minimum: 0
                              description: >-
                                Maximum number of unavailable pods to allow
                                automatic Pod eviction. A Pod eviction is
                                allowed when the `maxUnavailable` number of pods
                                or fewer are unavailable after the eviction.
                                Setting this value to 0 prevents all voluntary
                                evictions, so the pods must be evicted manually.
                                Defaults to 1.
                          description: Template for Cruise Control `PodDisruptionBudget`.
                        cruiseControlContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the Cruise Control container.
                        tlsSidecarContainer:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: >-
                            Template for the Cruise Control TLS sidecar
                            container.
                        serviceAccount:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Cruise Control service account.
                      description: >-
                        Template to specify how Cruise Control resources,
                        `Deployments` and `Pods`, are generated.
                    brokerCapacity:
                      type: object
                      properties:
                        disk:
                          type: string
                          pattern: '^[0-9]+([.][0-9]*)?([KMGTPE]i?|e[0-9]+)?$'
                          description: >-
                            Broker capacity for disk in bytes. Use a number
                            value with either standard Kubernetes byte units (K,
                            M, G, or T), their bibyte (power of two) equivalents
                            (Ki, Mi, Gi, or Ti), or a byte value with or without
                            E notation. For example, 100000M, 100000Mi,
                            104857600000, or 1e+11.
                        cpuUtilization:
                          type: integer
                          minimum: 0
                          maximum: 100
                          description: >-
                            Broker capacity for CPU resource utilization as a
                            percentage (0 - 100).
                        cpu:
                          type: string
                          pattern: '^[0-9]+([.][0-9]{0,3}|[m]?)$'
                          description: >-
                            Broker capacity for CPU resource in cores or
                            millicores. For example, 1, 1.500, 1500m. For more
                            information on valid CPU resource units see
                            https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-cpu.
                        inboundNetwork:
                          type: string
                          pattern: '^[0-9]+([KMG]i?)?B/s$'
                          description: >-
                            Broker capacity for inbound network throughput in
                            bytes per second. Use an integer value with standard
                            Kubernetes byte units (K, M, G) or their bibyte
                            (power of two) equivalents (Ki, Mi, Gi) per second.
                            For example, 10000KiB/s.
                        outboundNetwork:
                          type: string
                          pattern: '^[0-9]+([KMG]i?)?B/s$'
                          description: >-
                            Broker capacity for outbound network throughput in
                            bytes per second. Use an integer value with standard
                            Kubernetes byte units (K, M, G) or their bibyte
                            (power of two) equivalents (Ki, Mi, Gi) per second.
                            For example, 10000KiB/s.
                        overrides:
                          type: array
                          items:
                            type: object
                            properties:
                              brokers:
                                type: array
                                items:
                                  type: integer
                                description: List of Kafka brokers (broker identifiers).
                              cpu:
                                type: string
                                pattern: '^[0-9]+([.][0-9]{0,3}|[m]?)$'
                                description: >-
                                  Broker capacity for CPU resource in cores or
                                  millicores. For example, 1, 1.500, 1500m. For
                                  more information on valid CPU resource units
                                  see
                                  https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-cpu.
                              inboundNetwork:
                                type: string
                                pattern: '^[0-9]+([KMG]i?)?B/s$'
                                description: >-
                                  Broker capacity for inbound network throughput
                                  in bytes per second. Use an integer value with
                                  standard Kubernetes byte units (K, M, G) or
                                  their bibyte (power of two) equivalents (Ki,
                                  Mi, Gi) per second. For example, 10000KiB/s.
                              outboundNetwork:
                                type: string
                                pattern: '^[0-9]+([KMG]i?)?B/s$'
                                description: >-
                                  Broker capacity for outbound network
                                  throughput in bytes per second. Use an integer
                                  value with standard Kubernetes byte units (K,
                                  M, G) or their bibyte (power of two)
                                  equivalents (Ki, Mi, Gi) per second. For
                                  example, 10000KiB/s.
                            required:
                              - brokers
                          description: >-
                            Overrides for individual brokers. The `overrides`
                            property lets you specify a different capacity
                            configuration for different brokers.
                      description: The Cruise Control `brokerCapacity` configuration.
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The Cruise Control configuration. For a full list of
                        configuration options refer to
                        https://github.com/linkedin/cruise-control/wiki/Configurations.
                        Note that properties with the following prefixes cannot
                        be set: bootstrap.servers, client.id, zookeeper.,
                        network., security.,
                        failed.brokers.zk.path,webserver.http.,
                        webserver.api.urlprefix, webserver.session.path,
                        webserver.accesslog., two.step.,
                        request.reason.required,metric.reporter.sampler.bootstrap.servers,
                        capacity.config.file, self.healing., ssl.,
                        kafka.broker.failure.detection.enable,
                        topic.config.provider.class (with the exception of:
                        ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols,
                        webserver.http.cors.enabled, webserver.http.cors.origin,
                        webserver.http.cors.exposeheaders,
                        webserver.security.enable, webserver.ssl.enable).
                    metricsConfig:
                      type: object
                      properties:
                        type:
                          type: string
                          enum:
                            - jmxPrometheusExporter
                          description: >-
                            Metrics type. Only 'jmxPrometheusExporter' supported
                            currently.
                        valueFrom:
                          type: object
                          properties:
                            configMapKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Reference to the key in the ConfigMap containing
                                the configuration.
                          description: >-
                            ConfigMap entry where the Prometheus JMX Exporter
                            configuration is stored. For details of the
                            structure of this configuration, see the
                            {JMXExporter}.
                      required:
                        - type
                        - valueFrom
                      description: Metrics configuration.
                  description: >-
                    Configuration for Cruise Control deployment. Deploys a
                    Cruise Control instance when specified.
                jmxTrans:
                  type: object
                  properties:
                    image:
                      type: string
                      description: The image to use for the JmxTrans.
                    outputDefinitions:
                      type: array
                      items:
                        type: object
                        properties:
                          outputType:
                            type: string
                            description: >-
                              Template for setting the format of the data that
                              will be pushed.For more information see
                              https://github.com/jmxtrans/jmxtrans/wiki/OutputWriters[JmxTrans
                              OutputWriters].
                          host:
                            type: string
                            description: >-
                              The DNS/hostname of the remote host that the data
                              is pushed to.
                          port:
                            type: integer
                            description: >-
                              The port of the remote host that the data is
                              pushed to.
                          flushDelayInSeconds:
                            type: integer
                            description: >-
                              How many seconds the JmxTrans waits before pushing
                              a new set of data out.
                          typeNames:
                            type: array
                            items:
                              type: string
                            description: >-
                              Template for filtering data to be included in
                              response to a wildcard query. For more information
                              see
                              https://github.com/jmxtrans/jmxtrans/wiki/Queries[JmxTrans
                              queries].
                          name:
                            type: string
                            description: >-
                              Template for setting the name of the output
                              definition. This is used to identify where to send
                              the results of queries should be sent.
                        required:
                          - outputType
                          - name
                      description: >-
                        Defines the output hosts that will be referenced later
                        on. For more information on these properties see,
                        xref:type-JmxTransOutputDefinitionTemplate-reference[`JmxTransOutputDefinitionTemplate`
                        schema reference].
                    logLevel:
                      type: string
                      description: >-
                        Sets the logging level of the JmxTrans deployment.For
                        more information see,
                        https://github.com/jmxtrans/jmxtrans-agent/wiki/Troubleshooting[JmxTrans
                        Logging Level].
                    kafkaQueries:
                      type: array
                      items:
                        type: object
                        properties:
                          targetMBean:
                            type: string
                            description: >-
                              If using wildcards instead of a specific MBean
                              then the data is gathered from multiple MBeans.
                              Otherwise if specifying an MBean then data is
                              gathered from that specified MBean.
                          attributes:
                            type: array
                            items:
                              type: string
                            description: >-
                              Determine which attributes of the targeted MBean
                              should be included.
                          outputs:
                            type: array
                            items:
                              type: string
                            description: >-
                              List of the names of output definitions specified
                              in the spec.kafka.jmxTrans.outputDefinitions that
                              have defined where JMX metrics are pushed to, and
                              in which data format.
                        required:
                          - targetMBean
                          - attributes
                          - outputs
                      description: >-
                        Queries to send to the Kafka brokers to define what data
                        should be read from each broker. For more information on
                        these properties see,
                        xref:type-JmxTransQueryTemplate-reference[`JmxTransQueryTemplate`
                        schema reference].
                    resources:
                      type: object
                      properties:
                        claims:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                        limits:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                        requests:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                      description: CPU and memory resources to reserve.
                    template:
                      type: object
                      properties:
                        deployment:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            deploymentStrategy:
                              type: string
                              enum:
                                - RollingUpdate
                                - Recreate
                              description: >-
                                Pod replacement strategy for deployment
                                configuration changes. Valid values are
                                `RollingUpdate` and `Recreate`. Defaults to
                                `RollingUpdate`.
                          description: Template for JmxTrans `Deployment`.
                        pod:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            imagePullSecrets:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                              description: >-
                                List of references to secrets in the same
                                namespace to use for pulling any of the images
                                used by this Pod. When the
                                `STRIMZI_IMAGE_PULL_SECRETS` environment
                                variable in Cluster Operator and the
                                `imagePullSecrets` option are specified, only
                                the `imagePullSecrets` variable is used and the
                                `STRIMZI_IMAGE_PULL_SECRETS` variable is
                                ignored.
                            securityContext:
                              type: object
                              properties:
                                fsGroup:
                                  type: integer
                                fsGroupChangePolicy:
                                  type: string
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                supplementalGroups:
                                  type: array
                                  items:
                                    type: integer
                                sysctls:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      name:
                                        type: string
                                      value:
                                        type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: >-
                                Configures pod-level security attributes and
                                common container settings.
                            terminationGracePeriodSeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The grace period is the duration in seconds
                                after the processes running in the pod are sent
                                a termination signal, and the time when the
                                processes are forcibly halted with a kill
                                signal. Set this value to longer than the
                                expected cleanup time for your process. Value
                                must be a non-negative integer. A zero value
                                indicates delete immediately. You might need to
                                increase the grace period for very large Kafka
                                clusters, so that the Kafka brokers have enough
                                time to transfer their work to another broker
                                before they are terminated. Defaults to 30
                                seconds.
                            affinity:
                              type: object
                              properties:
                                nodeAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          preference:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: object
                                      properties:
                                        nodeSelectorTerms:
                                          type: array
                                          items:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                podAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                podAntiAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                              description: The pod's affinity rules.
                            tolerations:
                              type: array
                              items:
                                type: object
                                properties:
                                  effect:
                                    type: string
                                  key:
                                    type: string
                                  operator:
                                    type: string
                                  tolerationSeconds:
                                    type: integer
                                  value:
                                    type: string
                              description: The pod's tolerations.
                            priorityClassName:
                              type: string
                              description: >-
                                The name of the priority class used to assign
                                priority to the pods. For more information about
                                priority classes, see {K8sPriorityClass}.
                            schedulerName:
                              type: string
                              description: >-
                                The name of the scheduler used to dispatch this
                                `Pod`. If not specified, the default scheduler
                                will be used.
                            hostAliases:
                              type: array
                              items:
                                type: object
                                properties:
                                  hostnames:
                                    type: array
                                    items:
                                      type: string
                                  ip:
                                    type: string
                              description: >-
                                The pod's HostAliases. HostAliases is an
                                optional list of hosts and IPs that will be
                                injected into the Pod's hosts file if specified.
                            tmpDirSizeLimit:
                              type: string
                              pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                              description: >-
                                Defines the total amount (for example `1Gi`) of
                                local storage required for temporary EmptyDir
                                volume (`/tmp`). Default value is `5Mi`.
                            enableServiceLinks:
                              type: boolean
                              description: >-
                                Indicates whether information about services
                                should be injected into Pod's environment
                                variables.
                            topologySpreadConstraints:
                              type: array
                              items:
                                type: object
                                properties:
                                  labelSelector:
                                    type: object
                                    properties:
                                      matchExpressions:
                                        type: array
                                        items:
                                          type: object
                                          properties:
                                            key:
                                              type: string
                                            operator:
                                              type: string
                                            values:
                                              type: array
                                              items:
                                                type: string
                                      matchLabels:
                                        x-kubernetes-preserve-unknown-fields: true
                                        type: object
                                  matchLabelKeys:
                                    type: array
                                    items:
                                      type: string
                                  maxSkew:
                                    type: integer
                                  minDomains:
                                    type: integer
                                  nodeAffinityPolicy:
                                    type: string
                                  nodeTaintsPolicy:
                                    type: string
                                  topologyKey:
                                    type: string
                                  whenUnsatisfiable:
                                    type: string
                              description: The pod's topology spread constraints.
                          description: Template for JmxTrans `Pods`.
                        container:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for JmxTrans container.
                        serviceAccount:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the JmxTrans service account.
                      description: Template for JmxTrans resources.
                  required:
                    - outputDefinitions
                    - kafkaQueries
                  description: >-
                    As of Strimzi 0.35.0, JMXTrans is not supported anymore and
                    this option is ignored.
                kafkaExporter:
                  type: object
                  properties:
                    image:
                      type: string
                      description: The docker image for the pods.
                    groupRegex:
                      type: string
                      description: >-
                        Regular expression to specify which consumer groups to
                        collect. Default value is `.*`.
                    topicRegex:
                      type: string
                      description: >-
                        Regular expression to specify which topics to collect.
                        Default value is `.*`.
                    resources:
                      type: object
                      properties:
                        claims:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                        limits:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                        requests:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                      description: CPU and memory resources to reserve.
                    logging:
                      type: string
                      description: >-
                        Only log messages with the given severity or above.
                        Valid levels: [`info`, `debug`, `trace`]. Default log
                        level is `info`.
                    enableSaramaLogging:
                      type: boolean
                      description: >-
                        Enable Sarama logging, a Go client library used by the
                        Kafka Exporter.
                    template:
                      type: object
                      properties:
                        deployment:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            deploymentStrategy:
                              type: string
                              enum:
                                - RollingUpdate
                                - Recreate
                              description: >-
                                Pod replacement strategy for deployment
                                configuration changes. Valid values are
                                `RollingUpdate` and `Recreate`. Defaults to
                                `RollingUpdate`.
                          description: Template for Kafka Exporter `Deployment`.
                        pod:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                            imagePullSecrets:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                              description: >-
                                List of references to secrets in the same
                                namespace to use for pulling any of the images
                                used by this Pod. When the
                                `STRIMZI_IMAGE_PULL_SECRETS` environment
                                variable in Cluster Operator and the
                                `imagePullSecrets` option are specified, only
                                the `imagePullSecrets` variable is used and the
                                `STRIMZI_IMAGE_PULL_SECRETS` variable is
                                ignored.
                            securityContext:
                              type: object
                              properties:
                                fsGroup:
                                  type: integer
                                fsGroupChangePolicy:
                                  type: string
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                supplementalGroups:
                                  type: array
                                  items:
                                    type: integer
                                sysctls:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      name:
                                        type: string
                                      value:
                                        type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: >-
                                Configures pod-level security attributes and
                                common container settings.
                            terminationGracePeriodSeconds:
                              type: integer
                              minimum: 0
                              description: >-
                                The grace period is the duration in seconds
                                after the processes running in the pod are sent
                                a termination signal, and the time when the
                                processes are forcibly halted with a kill
                                signal. Set this value to longer than the
                                expected cleanup time for your process. Value
                                must be a non-negative integer. A zero value
                                indicates delete immediately. You might need to
                                increase the grace period for very large Kafka
                                clusters, so that the Kafka brokers have enough
                                time to transfer their work to another broker
                                before they are terminated. Defaults to 30
                                seconds.
                            affinity:
                              type: object
                              properties:
                                nodeAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          preference:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: object
                                      properties:
                                        nodeSelectorTerms:
                                          type: array
                                          items:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchFields:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                podAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                podAntiAffinity:
                                  type: object
                                  properties:
                                    preferredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          podAffinityTerm:
                                            type: object
                                            properties:
                                              labelSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaceSelector:
                                                type: object
                                                properties:
                                                  matchExpressions:
                                                    type: array
                                                    items:
                                                      type: object
                                                      properties:
                                                        key:
                                                          type: string
                                                        operator:
                                                          type: string
                                                        values:
                                                          type: array
                                                          items:
                                                            type: string
                                                  matchLabels:
                                                    x-kubernetes-preserve-unknown-fields: true
                                                    type: object
                                              namespaces:
                                                type: array
                                                items:
                                                  type: string
                                              topologyKey:
                                                type: string
                                          weight:
                                            type: integer
                                    requiredDuringSchedulingIgnoredDuringExecution:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                              description: The pod's affinity rules.
                            tolerations:
                              type: array
                              items:
                                type: object
                                properties:
                                  effect:
                                    type: string
                                  key:
                                    type: string
                                  operator:
                                    type: string
                                  tolerationSeconds:
                                    type: integer
                                  value:
                                    type: string
                              description: The pod's tolerations.
                            priorityClassName:
                              type: string
                              description: >-
                                The name of the priority class used to assign
                                priority to the pods. For more information about
                                priority classes, see {K8sPriorityClass}.
                            schedulerName:
                              type: string
                              description: >-
                                The name of the scheduler used to dispatch this
                                `Pod`. If not specified, the default scheduler
                                will be used.
                            hostAliases:
                              type: array
                              items:
                                type: object
                                properties:
                                  hostnames:
                                    type: array
                                    items:
                                      type: string
                                  ip:
                                    type: string
                              description: >-
                                The pod's HostAliases. HostAliases is an
                                optional list of hosts and IPs that will be
                                injected into the Pod's hosts file if specified.
                            tmpDirSizeLimit:
                              type: string
                              pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                              description: >-
                                Defines the total amount (for example `1Gi`) of
                                local storage required for temporary EmptyDir
                                volume (`/tmp`). Default value is `5Mi`.
                            enableServiceLinks:
                              type: boolean
                              description: >-
                                Indicates whether information about services
                                should be injected into Pod's environment
                                variables.
                            topologySpreadConstraints:
                              type: array
                              items:
                                type: object
                                properties:
                                  labelSelector:
                                    type: object
                                    properties:
                                      matchExpressions:
                                        type: array
                                        items:
                                          type: object
                                          properties:
                                            key:
                                              type: string
                                            operator:
                                              type: string
                                            values:
                                              type: array
                                              items:
                                                type: string
                                      matchLabels:
                                        x-kubernetes-preserve-unknown-fields: true
                                        type: object
                                  matchLabelKeys:
                                    type: array
                                    items:
                                      type: string
                                  maxSkew:
                                    type: integer
                                  minDomains:
                                    type: integer
                                  nodeAffinityPolicy:
                                    type: string
                                  nodeTaintsPolicy:
                                    type: string
                                  topologyKey:
                                    type: string
                                  whenUnsatisfiable:
                                    type: string
                              description: The pod's topology spread constraints.
                          description: Template for Kafka Exporter `Pods`.
                        service:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for Kafka Exporter `Service`.
                        container:
                          type: object
                          properties:
                            env:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                    description: The environment variable key.
                                  value:
                                    type: string
                                    description: The environment variable value.
                              description: >-
                                Environment variables which should be applied to
                                the container.
                            securityContext:
                              type: object
                              properties:
                                allowPrivilegeEscalation:
                                  type: boolean
                                capabilities:
                                  type: object
                                  properties:
                                    add:
                                      type: array
                                      items:
                                        type: string
                                    drop:
                                      type: array
                                      items:
                                        type: string
                                privileged:
                                  type: boolean
                                procMount:
                                  type: string
                                readOnlyRootFilesystem:
                                  type: boolean
                                runAsGroup:
                                  type: integer
                                runAsNonRoot:
                                  type: boolean
                                runAsUser:
                                  type: integer
                                seLinuxOptions:
                                  type: object
                                  properties:
                                    level:
                                      type: string
                                    role:
                                      type: string
                                    type:
                                      type: string
                                    user:
                                      type: string
                                seccompProfile:
                                  type: object
                                  properties:
                                    localhostProfile:
                                      type: string
                                    type:
                                      type: string
                                windowsOptions:
                                  type: object
                                  properties:
                                    gmsaCredentialSpec:
                                      type: string
                                    gmsaCredentialSpecName:
                                      type: string
                                    hostProcess:
                                      type: boolean
                                    runAsUserName:
                                      type: string
                              description: Security context for the container.
                          description: Template for the Kafka Exporter container.
                        serviceAccount:
                          type: object
                          properties:
                            metadata:
                              type: object
                              properties:
                                labels:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: Labels added to the Kubernetes resource.
                                annotations:
                                  x-kubernetes-preserve-unknown-fields: true
                                  type: object
                                  description: >-
                                    Annotations added to the Kubernetes
                                    resource.
                              description: Metadata applied to the resource.
                          description: Template for the Kafka Exporter service account.
                      description: Customization of deployment templates and pods.
                    livenessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod liveness check.
                    readinessProbe:
                      type: object
                      properties:
                        failureThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive failures for the probe to be
                            considered failed after having succeeded. Defaults
                            to 3. Minimum value is 1.
                        initialDelaySeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The initial delay before first the health is first
                            checked. Default to 15 seconds. Minimum value is 0.
                        periodSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            How often (in seconds) to perform the probe. Default
                            to 10 seconds. Minimum value is 1.
                        successThreshold:
                          type: integer
                          minimum: 1
                          description: >-
                            Minimum consecutive successes for the probe to be
                            considered successful after having failed. Defaults
                            to 1. Must be 1 for liveness. Minimum value is 1.
                        timeoutSeconds:
                          type: integer
                          minimum: 1
                          description: >-
                            The timeout for each attempted health check. Default
                            to 5 seconds. Minimum value is 1.
                      description: Pod readiness check.
                  description: >-
                    Configuration of the Kafka Exporter. Kafka Exporter can
                    provide additional metrics, for example lag of consumer
                    group at topic/partition.
                maintenanceTimeWindows:
                  type: array
                  items:
                    type: string
                  description: >-
                    A list of time windows for maintenance tasks (that is,
                    certificates renewal). Each time window is defined by a cron
                    expression.
              required:
                - kafka
                - zookeeper
              description: >-
                The specification of the Kafka and ZooKeeper clusters, and Topic
                Operator.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                listeners:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          *The `type` property has been deprecated, and should
                          now be configured using `name`.* The name of the
                          listener.
                      name:
                        type: string
                        description: The name of the listener.
                      addresses:
                        type: array
                        items:
                          type: object
                          properties:
                            host:
                              type: string
                              description: >-
                                The DNS name or IP address of the Kafka
                                bootstrap service.
                            port:
                              type: integer
                              description: The port of the Kafka bootstrap service.
                        description: A list of the addresses for this listener.
                      bootstrapServers:
                        type: string
                        description: >-
                          A comma-separated list of `host:port` pairs for
                          connecting to the Kafka cluster using this listener.
                      certificates:
                        type: array
                        items:
                          type: string
                        description: >-
                          A list of TLS certificates which can be used to verify
                          the identity of the server when connecting to the
                          given listener. Set only for `tls` and `external`
                          listeners.
                  description: Addresses of the internal and external listeners.
                clusterId:
                  type: string
                  description: Kafka cluster Id.
              description: >-
                The status of the Kafka and ZooKeeper clusters, and Topic
                Operator.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-cluster-operator-global
  labels:
    app: strimzi
rules:
  - apiGroups:
      - rbac.authorization.k8s.io
    resources:
      - clusterrolebindings
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - storage.k8s.io
    resources:
      - storageclasses
    verbs:
      - get
  - apiGroups:
      - ''
    resources:
      - nodes
    verbs:
      - list

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: strimzi-cluster-operator-leader-election
  labels:
    app: strimzi
  namespace: kafka
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-cluster-operator-leader-election
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-cluster-operator-leader-election
  labels:
    app: strimzi
rules:
  - apiGroups:
      - coordination.k8s.io
    resources:
      - leases
    verbs:
      - create
  - apiGroups:
      - coordination.k8s.io
    resources:
      - leases
    resourceNames:
      - strimzi-cluster-operator
    verbs:
      - get
      - list
      - watch
      - delete
      - patch
      - update

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-entity-operator
  labels:
    app: strimzi
rules:
  - apiGroups:
      - kafka.strimzi.io
    resources:
      - kafkatopics
      - kafkatopics/status
      - kafkausers
      - kafkausers/status
    verbs:
      - get
      - list
      - watch
      - create
      - patch
      - update
      - delete
  - apiGroups:
      - ''
    resources:
      - events
    verbs:
      - create
  - apiGroups:
      - ''
    resources:
      - secrets
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-cluster-operator-watched
  labels:
    app: strimzi
rules:
  - apiGroups:
      - ''
    resources:
      - pods
    verbs:
      - watch
      - list
  - apiGroups:
      - kafka.strimzi.io
    resources:
      - kafkas
      - kafkas/status
      - kafkaconnects
      - kafkaconnects/status
      - kafkaconnectors
      - kafkaconnectors/status
      - kafkamirrormakers
      - kafkamirrormakers/status
      - kafkabridges
      - kafkabridges/status
      - kafkamirrormaker2s
      - kafkamirrormaker2s/status
      - kafkarebalances
      - kafkarebalances/status
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - core.strimzi.io
    resources:
      - strimzipodsets
      - strimzipodsets/status
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-kafka-broker
  labels:
    app: strimzi
rules:
  - apiGroups:
      - ''
    resources:
      - nodes
    verbs:
      - get

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkamirrormaker2s.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaMirrorMaker2
    listKind: KafkaMirrorMaker2List
    singular: kafkamirrormaker2
    plural: kafkamirrormaker2s
    shortNames:
      - kmm2
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
        scale:
          specReplicasPath: .spec.replicas
          statusReplicasPath: .status.replicas
          labelSelectorPath: .status.labelSelector
      additionalPrinterColumns:
        - name: Desired replicas
          description: The desired number of Kafka MirrorMaker 2 replicas
          jsonPath: .spec.replicas
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                version:
                  type: string
                  description: >-
                    The Kafka Connect version. Defaults to
                    {DefaultKafkaVersion}. Consult the user documentation to
                    understand the process required to upgrade or downgrade the
                    version.
                replicas:
                  type: integer
                  description: >-
                    The number of pods in the Kafka Connect group. Defaults to
                    `3`.
                image:
                  type: string
                  description: The docker image for the pods.
                connectCluster:
                  type: string
                  description: >-
                    The cluster alias used for Kafka Connect. The alias must
                    match a cluster in the list at `spec.clusters`.
                clusters:
                  type: array
                  items:
                    type: object
                    properties:
                      alias:
                        type: string
                        pattern: '^[a-zA-Z0-9\._\-]{1,100}$'
                        description: Alias used to reference the Kafka cluster.
                      bootstrapServers:
                        type: string
                        description: >-
                          A comma-separated list of `host:port` pairs for
                          establishing the connection to the Kafka cluster.
                      tls:
                        type: object
                        properties:
                          trustedCertificates:
                            type: array
                            items:
                              type: object
                              properties:
                                certificate:
                                  type: string
                                  description: >-
                                    The name of the file certificate in the
                                    Secret.
                                secretName:
                                  type: string
                                  description: >-
                                    The name of the Secret containing the
                                    certificate.
                              required:
                                - certificate
                                - secretName
                            description: Trusted certificates for TLS connection.
                        description: >-
                          TLS configuration for connecting MirrorMaker 2
                          connectors to a cluster.
                      authentication:
                        type: object
                        properties:
                          accessToken:
                            type: object
                            properties:
                              key:
                                type: string
                                description: >-
                                  The key under which the secret value is stored
                                  in the Kubernetes Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Kubernetes Secret containing
                                  the secret value.
                            required:
                              - key
                              - secretName
                            description: >-
                              Link to Kubernetes Secret containing the access
                              token which was obtained from the authorization
                              server.
                          accessTokenIsJwt:
                            type: boolean
                            description: >-
                              Configure whether access token should be treated
                              as JWT. This should be set to `false` if the
                              authorization server returns opaque tokens.
                              Defaults to `true`.
                          audience:
                            type: string
                            description: >-
                              OAuth audience to use when authenticating against
                              the authorization server. Some authorization
                              servers require the audience to be explicitly set.
                              The possible values depend on how the
                              authorization server is configured. By default,
                              `audience` is not specified when performing the
                              token endpoint request.
                          certificateAndKey:
                            type: object
                            properties:
                              certificate:
                                type: string
                                description: >-
                                  The name of the file certificate in the
                                  Secret.
                              key:
                                type: string
                                description: The name of the private key in the Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  certificate.
                            required:
                              - certificate
                              - key
                              - secretName
                            description: >-
                              Reference to the `Secret` which holds the
                              certificate and private key pair.
                          clientId:
                            type: string
                            description: >-
                              OAuth Client ID which the Kafka client can use to
                              authenticate against the OAuth server and use the
                              token endpoint URI.
                          clientSecret:
                            type: object
                            properties:
                              key:
                                type: string
                                description: >-
                                  The key under which the secret value is stored
                                  in the Kubernetes Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Kubernetes Secret containing
                                  the secret value.
                            required:
                              - key
                              - secretName
                            description: >-
                              Link to Kubernetes Secret containing the OAuth
                              client secret which the Kafka client can use to
                              authenticate against the OAuth server and use the
                              token endpoint URI.
                          connectTimeoutSeconds:
                            type: integer
                            description: >-
                              The connect timeout in seconds when connecting to
                              authorization server. If not set, the effective
                              connect timeout is 60 seconds.
                          disableTlsHostnameVerification:
                            type: boolean
                            description: >-
                              Enable or disable TLS hostname verification.
                              Default value is `false`.
                          enableMetrics:
                            type: boolean
                            description: >-
                              Enable or disable OAuth metrics. Default value is
                              `false`.
                          httpRetries:
                            type: integer
                            description: >-
                              The maximum number of retries to attempt if an
                              initial HTTP request fails. If not set, the
                              default is to not attempt any retries.
                          httpRetryPauseMs:
                            type: integer
                            description: >-
                              The pause to take before retrying a failed HTTP
                              request. If not set, the default is to not pause
                              at all but to immediately repeat a request.
                          maxTokenExpirySeconds:
                            type: integer
                            description: >-
                              Set or limit time-to-live of the access tokens to
                              the specified number of seconds. This should be
                              set if the authorization server returns opaque
                              tokens.
                          passwordSecret:
                            type: object
                            properties:
                              password:
                                type: string
                                description: >-
                                  The name of the key in the Secret under which
                                  the password is stored.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  password.
                            required:
                              - password
                              - secretName
                            description: >-
                              Reference to the `Secret` which holds the
                              password.
                          readTimeoutSeconds:
                            type: integer
                            description: >-
                              The read timeout in seconds when connecting to
                              authorization server. If not set, the effective
                              read timeout is 60 seconds.
                          refreshToken:
                            type: object
                            properties:
                              key:
                                type: string
                                description: >-
                                  The key under which the secret value is stored
                                  in the Kubernetes Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Kubernetes Secret containing
                                  the secret value.
                            required:
                              - key
                              - secretName
                            description: >-
                              Link to Kubernetes Secret containing the refresh
                              token which can be used to obtain access token
                              from the authorization server.
                          scope:
                            type: string
                            description: >-
                              OAuth scope to use when authenticating against the
                              authorization server. Some authorization servers
                              require this to be set. The possible values depend
                              on how authorization server is configured. By
                              default `scope` is not specified when doing the
                              token endpoint request.
                          tlsTrustedCertificates:
                            type: array
                            items:
                              type: object
                              properties:
                                certificate:
                                  type: string
                                  description: >-
                                    The name of the file certificate in the
                                    Secret.
                                secretName:
                                  type: string
                                  description: >-
                                    The name of the Secret containing the
                                    certificate.
                              required:
                                - certificate
                                - secretName
                            description: >-
                              Trusted certificates for TLS connection to the
                              OAuth server.
                          tokenEndpointUri:
                            type: string
                            description: Authorization server token endpoint URI.
                          type:
                            type: string
                            enum:
                              - tls
                              - scram-sha-256
                              - scram-sha-512
                              - plain
                              - oauth
                            description: >-
                              Authentication type. Currently the supported types
                              are `tls`, `scram-sha-256`, `scram-sha-512`,
                              `plain`, and 'oauth'. `scram-sha-256` and
                              `scram-sha-512` types use SASL SCRAM-SHA-256 and
                              SASL SCRAM-SHA-512 Authentication, respectively.
                              `plain` type uses SASL PLAIN Authentication.
                              `oauth` type uses SASL OAUTHBEARER Authentication.
                              The `tls` type uses TLS Client Authentication. The
                              `tls` type is supported only over TLS connections.
                          username:
                            type: string
                            description: Username used for the authentication.
                        required:
                          - type
                        description: >-
                          Authentication configuration for connecting to the
                          cluster.
                      config:
                        x-kubernetes-preserve-unknown-fields: true
                        type: object
                        description: >-
                          The MirrorMaker 2 cluster config. Properties with the
                          following prefixes cannot be set: ssl., sasl.,
                          security., listeners, plugin.path, rest.,
                          bootstrap.servers, consumer.interceptor.classes,
                          producer.interceptor.classes (with the exception of:
                          ssl.endpoint.identification.algorithm,
                          ssl.cipher.suites, ssl.protocol,
                          ssl.enabled.protocols).
                    required:
                      - alias
                      - bootstrapServers
                  description: Kafka clusters for mirroring.
                mirrors:
                  type: array
                  items:
                    type: object
                    properties:
                      sourceCluster:
                        type: string
                        description: >-
                          The alias of the source cluster used by the Kafka
                          MirrorMaker 2 connectors. The alias must match a
                          cluster in the list at `spec.clusters`.
                      targetCluster:
                        type: string
                        description: >-
                          The alias of the target cluster used by the Kafka
                          MirrorMaker 2 connectors. The alias must match a
                          cluster in the list at `spec.clusters`.
                      sourceConnector:
                        type: object
                        properties:
                          tasksMax:
                            type: integer
                            minimum: 1
                            description: >-
                              The maximum number of tasks for the Kafka
                              Connector.
                          config:
                            x-kubernetes-preserve-unknown-fields: true
                            type: object
                            description: >-
                              The Kafka Connector configuration. The following
                              properties cannot be set: connector.class,
                              tasks.max.
                          autoRestart:
                            type: object
                            properties:
                              enabled:
                                type: boolean
                                description: >-
                                  Whether automatic restart for failed
                                  connectors and tasks should be enabled or
                                  disabled.
                            description: >-
                              Automatic restart of connector and tasks
                              configuration.
                          pause:
                            type: boolean
                            description: >-
                              Whether the connector should be paused. Defaults
                              to false.
                        description: >-
                          The specification of the Kafka MirrorMaker 2 source
                          connector.
                      heartbeatConnector:
                        type: object
                        properties:
                          tasksMax:
                            type: integer
                            minimum: 1
                            description: >-
                              The maximum number of tasks for the Kafka
                              Connector.
                          config:
                            x-kubernetes-preserve-unknown-fields: true
                            type: object
                            description: >-
                              The Kafka Connector configuration. The following
                              properties cannot be set: connector.class,
                              tasks.max.
                          autoRestart:
                            type: object
                            properties:
                              enabled:
                                type: boolean
                                description: >-
                                  Whether automatic restart for failed
                                  connectors and tasks should be enabled or
                                  disabled.
                            description: >-
                              Automatic restart of connector and tasks
                              configuration.
                          pause:
                            type: boolean
                            description: >-
                              Whether the connector should be paused. Defaults
                              to false.
                        description: >-
                          The specification of the Kafka MirrorMaker 2 heartbeat
                          connector.
                      checkpointConnector:
                        type: object
                        properties:
                          tasksMax:
                            type: integer
                            minimum: 1
                            description: >-
                              The maximum number of tasks for the Kafka
                              Connector.
                          config:
                            x-kubernetes-preserve-unknown-fields: true
                            type: object
                            description: >-
                              The Kafka Connector configuration. The following
                              properties cannot be set: connector.class,
                              tasks.max.
                          autoRestart:
                            type: object
                            properties:
                              enabled:
                                type: boolean
                                description: >-
                                  Whether automatic restart for failed
                                  connectors and tasks should be enabled or
                                  disabled.
                            description: >-
                              Automatic restart of connector and tasks
                              configuration.
                          pause:
                            type: boolean
                            description: >-
                              Whether the connector should be paused. Defaults
                              to false.
                        description: >-
                          The specification of the Kafka MirrorMaker 2
                          checkpoint connector.
                      topicsPattern:
                        type: string
                        description: >-
                          A regular expression matching the topics to be
                          mirrored, for example, "topic1\|topic2\|topic3".
                          Comma-separated lists are also supported.
                      topicsBlacklistPattern:
                        type: string
                        description: >-
                          A regular expression matching the topics to exclude
                          from mirroring. Comma-separated lists are also
                          supported.
                      topicsExcludePattern:
                        type: string
                        description: >-
                          A regular expression matching the topics to exclude
                          from mirroring. Comma-separated lists are also
                          supported.
                      groupsPattern:
                        type: string
                        description: >-
                          A regular expression matching the consumer groups to
                          be mirrored. Comma-separated lists are also supported.
                      groupsBlacklistPattern:
                        type: string
                        description: >-
                          A regular expression matching the consumer groups to
                          exclude from mirroring. Comma-separated lists are also
                          supported.
                      groupsExcludePattern:
                        type: string
                        description: >-
                          A regular expression matching the consumer groups to
                          exclude from mirroring. Comma-separated lists are also
                          supported.
                    required:
                      - sourceCluster
                      - targetCluster
                  description: Configuration of the MirrorMaker 2 connectors.
                resources:
                  type: object
                  properties:
                    claims:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                    limits:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                    requests:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                  description: >-
                    The maximum limits for CPU and memory resources and the
                    requested initial resources.
                livenessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod liveness checking.
                readinessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod readiness checking.
                jvmOptions:
                  type: object
                  properties:
                    '-XX':
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A map of -XX options to the JVM.
                    '-Xms':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xms option to to the JVM.'
                    '-Xmx':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xmx option to to the JVM.'
                    gcLoggingEnabled:
                      type: boolean
                      description: >-
                        Specifies whether the Garbage Collection logging is
                        enabled. The default is false.
                    javaSystemProperties:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            description: The system property name.
                          value:
                            type: string
                            description: The system property value.
                      description: >-
                        A map of additional system properties which will be
                        passed using the `-D` option to the JVM.
                  description: JVM Options for pods.
                jmxOptions:
                  type: object
                  properties:
                    authentication:
                      type: object
                      properties:
                        type:
                          type: string
                          enum:
                            - password
                          description: >-
                            Authentication type. Currently the only supported
                            types are `password`.`password` type creates a
                            username and protected port with no TLS.
                      required:
                        - type
                      description: >-
                        Authentication configuration for connecting to the JMX
                        port.
                  description: JMX Options.
                logging:
                  type: object
                  properties:
                    loggers:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A Map from logger name to logger level.
                    type:
                      type: string
                      enum:
                        - inline
                        - external
                      description: 'Logging type, must be either ''inline'' or ''external''.'
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        `ConfigMap` entry where the logging configuration is
                        stored. 
                  required:
                    - type
                  description: Logging configuration for Kafka Connect.
                clientRackInitImage:
                  type: string
                  description: >-
                    The image of the init container used for initializing the
                    `client.rack`.
                rack:
                  type: object
                  properties:
                    topologyKey:
                      type: string
                      example: topology.kubernetes.io/zone
                      description: >-
                        A key that matches labels assigned to the Kubernetes
                        cluster nodes. The value of the label is used to set a
                        broker's `broker.rack` config, and the `client.rack`
                        config for Kafka Connect or MirrorMaker 2.
                  required:
                    - topologyKey
                  description: >-
                    Configuration of the node label which will be used as the
                    `client.rack` consumer configuration.
                tracing:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jaeger
                        - opentelemetry
                      description: >-
                        Type of the tracing used. Currently the only supported
                        types are `jaeger` for OpenTracing (Jaeger) tracing and
                        `opentelemetry` for OpenTelemetry tracing. The
                        OpenTracing (Jaeger) tracing is deprecated.
                  required:
                    - type
                  description: The configuration of tracing in Kafka Connect.
                template:
                  type: object
                  properties:
                    deployment:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        deploymentStrategy:
                          type: string
                          enum:
                            - RollingUpdate
                            - Recreate
                          description: >-
                            Pod replacement strategy for deployment
                            configuration changes. Valid values are
                            `RollingUpdate` and `Recreate`. Defaults to
                            `RollingUpdate`.
                      description: Template for Kafka Connect `Deployment`.
                    podSet:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for Kafka Connect `StrimziPodSet` resource.
                    pod:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        imagePullSecrets:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                          description: >-
                            List of references to secrets in the same namespace
                            to use for pulling any of the images used by this
                            Pod. When the `STRIMZI_IMAGE_PULL_SECRETS`
                            environment variable in Cluster Operator and the
                            `imagePullSecrets` option are specified, only the
                            `imagePullSecrets` variable is used and the
                            `STRIMZI_IMAGE_PULL_SECRETS` variable is ignored.
                        securityContext:
                          type: object
                          properties:
                            fsGroup:
                              type: integer
                            fsGroupChangePolicy:
                              type: string
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            supplementalGroups:
                              type: array
                              items:
                                type: integer
                            sysctls:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                  value:
                                    type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: >-
                            Configures pod-level security attributes and common
                            container settings.
                        terminationGracePeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The grace period is the duration in seconds after
                            the processes running in the pod are sent a
                            termination signal, and the time when the processes
                            are forcibly halted with a kill signal. Set this
                            value to longer than the expected cleanup time for
                            your process. Value must be a non-negative integer.
                            A zero value indicates delete immediately. You might
                            need to increase the grace period for very large
                            Kafka clusters, so that the Kafka brokers have
                            enough time to transfer their work to another broker
                            before they are terminated. Defaults to 30 seconds.
                        affinity:
                          type: object
                          properties:
                            nodeAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      preference:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: object
                                  properties:
                                    nodeSelectorTerms:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                            podAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                            podAntiAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                          description: The pod's affinity rules.
                        tolerations:
                          type: array
                          items:
                            type: object
                            properties:
                              effect:
                                type: string
                              key:
                                type: string
                              operator:
                                type: string
                              tolerationSeconds:
                                type: integer
                              value:
                                type: string
                          description: The pod's tolerations.
                        priorityClassName:
                          type: string
                          description: >-
                            The name of the priority class used to assign
                            priority to the pods. For more information about
                            priority classes, see {K8sPriorityClass}.
                        schedulerName:
                          type: string
                          description: >-
                            The name of the scheduler used to dispatch this
                            `Pod`. If not specified, the default scheduler will
                            be used.
                        hostAliases:
                          type: array
                          items:
                            type: object
                            properties:
                              hostnames:
                                type: array
                                items:
                                  type: string
                              ip:
                                type: string
                          description: >-
                            The pod's HostAliases. HostAliases is an optional
                            list of hosts and IPs that will be injected into the
                            Pod's hosts file if specified.
                        tmpDirSizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            Defines the total amount (for example `1Gi`) of
                            local storage required for temporary EmptyDir volume
                            (`/tmp`). Default value is `5Mi`.
                        enableServiceLinks:
                          type: boolean
                          description: >-
                            Indicates whether information about services should
                            be injected into Pod's environment variables.
                        topologySpreadConstraints:
                          type: array
                          items:
                            type: object
                            properties:
                              labelSelector:
                                type: object
                                properties:
                                  matchExpressions:
                                    type: array
                                    items:
                                      type: object
                                      properties:
                                        key:
                                          type: string
                                        operator:
                                          type: string
                                        values:
                                          type: array
                                          items:
                                            type: string
                                  matchLabels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                              matchLabelKeys:
                                type: array
                                items:
                                  type: string
                              maxSkew:
                                type: integer
                              minDomains:
                                type: integer
                              nodeAffinityPolicy:
                                type: string
                              nodeTaintsPolicy:
                                type: string
                              topologyKey:
                                type: string
                              whenUnsatisfiable:
                                type: string
                          description: The pod's topology spread constraints.
                      description: Template for Kafka Connect `Pods`.
                    apiService:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        ipFamilyPolicy:
                          type: string
                          enum:
                            - SingleStack
                            - PreferDualStack
                            - RequireDualStack
                          description: >-
                            Specifies the IP Family Policy used by the service.
                            Available options are `SingleStack`,
                            `PreferDualStack` and `RequireDualStack`.
                            `SingleStack` is for a single IP family.
                            `PreferDualStack` is for two IP families on
                            dual-stack configured clusters or a single IP family
                            on single-stack clusters. `RequireDualStack` fails
                            unless there are two IP families on dual-stack
                            configured clusters. If unspecified, Kubernetes will
                            choose the default value based on the service type.
                            Available on Kubernetes 1.20 and newer.
                        ipFamilies:
                          type: array
                          items:
                            type: string
                            enum:
                              - IPv4
                              - IPv6
                          description: >-
                            Specifies the IP Families used by the service.
                            Available options are `IPv4` and `IPv6. If
                            unspecified, Kubernetes will choose the default
                            value based on the `ipFamilyPolicy` setting.
                            Available on Kubernetes 1.20 and newer.
                      description: Template for Kafka Connect API `Service`.
                    headlessService:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        ipFamilyPolicy:
                          type: string
                          enum:
                            - SingleStack
                            - PreferDualStack
                            - RequireDualStack
                          description: >-
                            Specifies the IP Family Policy used by the service.
                            Available options are `SingleStack`,
                            `PreferDualStack` and `RequireDualStack`.
                            `SingleStack` is for a single IP family.
                            `PreferDualStack` is for two IP families on
                            dual-stack configured clusters or a single IP family
                            on single-stack clusters. `RequireDualStack` fails
                            unless there are two IP families on dual-stack
                            configured clusters. If unspecified, Kubernetes will
                            choose the default value based on the service type.
                            Available on Kubernetes 1.20 and newer.
                        ipFamilies:
                          type: array
                          items:
                            type: string
                            enum:
                              - IPv4
                              - IPv6
                          description: >-
                            Specifies the IP Families used by the service.
                            Available options are `IPv4` and `IPv6. If
                            unspecified, Kubernetes will choose the default
                            value based on the `ipFamilyPolicy` setting.
                            Available on Kubernetes 1.20 and newer.
                      description: Template for Kafka Connect headless `Service`.
                    connectContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for the Kafka Connect container.
                    initContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for the Kafka init container.
                    podDisruptionBudget:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: >-
                            Metadata to apply to the
                            `PodDisruptionBudgetTemplate` resource.
                        maxUnavailable:
                          type: integer
                          minimum: 0
                          description: >-
                            Maximum number of unavailable pods to allow
                            automatic Pod eviction. A Pod eviction is allowed
                            when the `maxUnavailable` number of pods or fewer
                            are unavailable after the eviction. Setting this
                            value to 0 prevents all voluntary evictions, so the
                            pods must be evicted manually. Defaults to 1.
                      description: Template for Kafka Connect `PodDisruptionBudget`.
                    serviceAccount:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Connect service account.
                    clusterRoleBinding:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Connect ClusterRoleBinding.
                    buildPod:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        imagePullSecrets:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                          description: >-
                            List of references to secrets in the same namespace
                            to use for pulling any of the images used by this
                            Pod. When the `STRIMZI_IMAGE_PULL_SECRETS`
                            environment variable in Cluster Operator and the
                            `imagePullSecrets` option are specified, only the
                            `imagePullSecrets` variable is used and the
                            `STRIMZI_IMAGE_PULL_SECRETS` variable is ignored.
                        securityContext:
                          type: object
                          properties:
                            fsGroup:
                              type: integer
                            fsGroupChangePolicy:
                              type: string
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            supplementalGroups:
                              type: array
                              items:
                                type: integer
                            sysctls:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                  value:
                                    type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: >-
                            Configures pod-level security attributes and common
                            container settings.
                        terminationGracePeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The grace period is the duration in seconds after
                            the processes running in the pod are sent a
                            termination signal, and the time when the processes
                            are forcibly halted with a kill signal. Set this
                            value to longer than the expected cleanup time for
                            your process. Value must be a non-negative integer.
                            A zero value indicates delete immediately. You might
                            need to increase the grace period for very large
                            Kafka clusters, so that the Kafka brokers have
                            enough time to transfer their work to another broker
                            before they are terminated. Defaults to 30 seconds.
                        affinity:
                          type: object
                          properties:
                            nodeAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      preference:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: object
                                  properties:
                                    nodeSelectorTerms:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                            podAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                            podAntiAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                          description: The pod's affinity rules.
                        tolerations:
                          type: array
                          items:
                            type: object
                            properties:
                              effect:
                                type: string
                              key:
                                type: string
                              operator:
                                type: string
                              tolerationSeconds:
                                type: integer
                              value:
                                type: string
                          description: The pod's tolerations.
                        priorityClassName:
                          type: string
                          description: >-
                            The name of the priority class used to assign
                            priority to the pods. For more information about
                            priority classes, see {K8sPriorityClass}.
                        schedulerName:
                          type: string
                          description: >-
                            The name of the scheduler used to dispatch this
                            `Pod`. If not specified, the default scheduler will
                            be used.
                        hostAliases:
                          type: array
                          items:
                            type: object
                            properties:
                              hostnames:
                                type: array
                                items:
                                  type: string
                              ip:
                                type: string
                          description: >-
                            The pod's HostAliases. HostAliases is an optional
                            list of hosts and IPs that will be injected into the
                            Pod's hosts file if specified.
                        tmpDirSizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            Defines the total amount (for example `1Gi`) of
                            local storage required for temporary EmptyDir volume
                            (`/tmp`). Default value is `5Mi`.
                        enableServiceLinks:
                          type: boolean
                          description: >-
                            Indicates whether information about services should
                            be injected into Pod's environment variables.
                        topologySpreadConstraints:
                          type: array
                          items:
                            type: object
                            properties:
                              labelSelector:
                                type: object
                                properties:
                                  matchExpressions:
                                    type: array
                                    items:
                                      type: object
                                      properties:
                                        key:
                                          type: string
                                        operator:
                                          type: string
                                        values:
                                          type: array
                                          items:
                                            type: string
                                  matchLabels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                              matchLabelKeys:
                                type: array
                                items:
                                  type: string
                              maxSkew:
                                type: integer
                              minDomains:
                                type: integer
                              nodeAffinityPolicy:
                                type: string
                              nodeTaintsPolicy:
                                type: string
                              topologyKey:
                                type: string
                              whenUnsatisfiable:
                                type: string
                          description: The pod's topology spread constraints.
                      description: >-
                        Template for Kafka Connect Build `Pods`. The build pod
                        is used only on Kubernetes.
                    buildContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: >-
                        Template for the Kafka Connect Build container. The
                        build container is used only on Kubernetes.
                    buildConfig:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: >-
                            Metadata to apply to the
                            `PodDisruptionBudgetTemplate` resource.
                        pullSecret:
                          type: string
                          description: >-
                            Container Registry Secret with the credentials for
                            pulling the base image.
                      description: >-
                        Template for the Kafka Connect BuildConfig used to build
                        new container images. The BuildConfig is used only on
                        OpenShift.
                    buildServiceAccount:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Connect Build service account.
                    jmxSecret:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: >-
                        Template for Secret of the Kafka Connect Cluster JMX
                        authentication.
                  description: >-
                    Template for Kafka Connect and Kafka Mirror Maker 2
                    resources. The template allows users to specify how the
                    `Deployment`, `Pods` and `Service` are generated.
                externalConfiguration:
                  type: object
                  properties:
                    env:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            description: >-
                              Name of the environment variable which will be
                              passed to the Kafka Connect pods. The name of the
                              environment variable cannot start with `KAFKA_` or
                              `STRIMZI_`.
                          valueFrom:
                            type: object
                            properties:
                              configMapKeyRef:
                                type: object
                                properties:
                                  key:
                                    type: string
                                  name:
                                    type: string
                                  optional:
                                    type: boolean
                                description: Reference to a key in a ConfigMap.
                              secretKeyRef:
                                type: object
                                properties:
                                  key:
                                    type: string
                                  name:
                                    type: string
                                  optional:
                                    type: boolean
                                description: Reference to a key in a Secret.
                            description: >-
                              Value of the environment variable which will be
                              passed to the Kafka Connect pods. It can be passed
                              either as a reference to Secret or ConfigMap
                              field. The field has to specify exactly one Secret
                              or ConfigMap.
                        required:
                          - name
                          - valueFrom
                      description: >-
                        Makes data from a Secret or ConfigMap available in the
                        Kafka Connect pods as environment variables.
                    volumes:
                      type: array
                      items:
                        type: object
                        properties:
                          configMap:
                            type: object
                            properties:
                              defaultMode:
                                type: integer
                              items:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                    mode:
                                      type: integer
                                    path:
                                      type: string
                              name:
                                type: string
                              optional:
                                type: boolean
                            description: >-
                              Reference to a key in a ConfigMap. Exactly one
                              Secret or ConfigMap has to be specified.
                          name:
                            type: string
                            description: >-
                              Name of the volume which will be added to the
                              Kafka Connect pods.
                          secret:
                            type: object
                            properties:
                              defaultMode:
                                type: integer
                              items:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                    mode:
                                      type: integer
                                    path:
                                      type: string
                              optional:
                                type: boolean
                              secretName:
                                type: string
                            description: >-
                              Reference to a key in a Secret. Exactly one Secret
                              or ConfigMap has to be specified.
                        required:
                          - name
                      description: >-
                        Makes data from a Secret or ConfigMap available in the
                        Kafka Connect pods as volumes.
                  description: >-
                    Pass data from Secrets or ConfigMaps to the Kafka Connect
                    pods and use them to configure connectors.
                metricsConfig:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jmxPrometheusExporter
                      description: >-
                        Metrics type. Only 'jmxPrometheusExporter' supported
                        currently.
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        ConfigMap entry where the Prometheus JMX Exporter
                        configuration is stored. For details of the structure of
                        this configuration, see the {JMXExporter}.
                  required:
                    - type
                    - valueFrom
                  description: Metrics configuration.
              required:
                - connectCluster
              description: The specification of the Kafka MirrorMaker 2 cluster.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                url:
                  type: string
                  description: >-
                    The URL of the REST API endpoint for managing and monitoring
                    Kafka Connect connectors.
                autoRestartStatuses:
                  type: array
                  items:
                    type: object
                    properties:
                      count:
                        type: integer
                        description: >-
                          The number of times the connector or task is
                          restarted.
                      connectorName:
                        type: string
                        description: The name of the connector being restarted.
                      lastRestartTimestamp:
                        type: string
                        description: >-
                          The last time the automatic restart was attempted. The
                          required format is 'yyyy-MM-ddTHH:mm:ssZ' in the UTC
                          time zone.
                  description: List of MirrorMaker 2 connector auto restart statuses.
                connectorPlugins:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The type of the connector plugin. The available types
                          are `sink` and `source`.
                      version:
                        type: string
                        description: The version of the connector plugin.
                      class:
                        type: string
                        description: The class of the connector plugin.
                  description: >-
                    The list of connector plugins available in this Kafka
                    Connect deployment.
                connectors:
                  type: array
                  items:
                    x-kubernetes-preserve-unknown-fields: true
                    type: object
                  description: >-
                    List of MirrorMaker 2 connector statuses, as reported by the
                    Kafka Connect REST API.
                labelSelector:
                  type: string
                  description: Label selector for pods providing this resource.
                replicas:
                  type: integer
                  description: >-
                    The current number of pods being used to provide this
                    resource.
              description: The status of the Kafka MirrorMaker 2 cluster.

---
kind: ConfigMap
apiVersion: v1
metadata:
  name: strimzi-cluster-operator
  labels:
    app: strimzi
  namespace: kafka
data:
  log4j2.properties: >
    name = COConfig

    monitorInterval = 30


    appender.console.type = Console

    appender.console.name = STDOUT

    appender.console.layout.type = PatternLayout

    appender.console.layout.pattern = %d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L -
    %m%n


    rootLogger.level = ${env:STRIMZI_LOG_LEVEL:-INFO}

    rootLogger.appenderRefs = stdout

    rootLogger.appenderRef.console.ref = STDOUT


    # Kafka AdminClient logging is a bit noisy at INFO level

    logger.kafka.name = org.apache.kafka

    logger.kafka.level = WARN


    # Zookeeper is very verbose even on INFO level -> We set it to WARN by
    default

    logger.zookeepertrustmanager.name = org.apache.zookeeper

    logger.zookeepertrustmanager.level = WARN


    # Keeps separate level for Netty logging -> to not be changed by the root
    logger

    logger.netty.name = io.netty

    logger.netty.level = INFO


    # Keeps separate log level for OkHttp client

    logger.okhttp3.name = okhttp3

    logger.okhttp3.level = INFO

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: strimzi-cluster-operator-kafka-client-delegation
  labels:
    app: strimzi
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-kafka-client
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: strimzi-cluster-operator
  labels:
    app: strimzi
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-cluster-operator-global
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkarebalances.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaRebalance
    listKind: KafkaRebalanceList
    singular: kafkarebalance
    plural: kafkarebalances
    shortNames:
      - kr
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this resource rebalances
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: PendingProposal
          description: A proposal has been requested from Cruise Control
          jsonPath: '.status.conditions[?(@.type=="PendingProposal")].status'
          type: string
        - name: ProposalReady
          description: A proposal is ready and waiting for approval
          jsonPath: '.status.conditions[?(@.type=="ProposalReady")].status'
          type: string
        - name: Rebalancing
          description: Cruise Control is doing the rebalance
          jsonPath: '.status.conditions[?(@.type=="Rebalancing")].status'
          type: string
        - name: Ready
          description: The rebalance is complete
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
        - name: NotReady
          description: There is an error on the custom resource
          jsonPath: '.status.conditions[?(@.type=="NotReady")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                mode:
                  type: string
                  enum:
                    - full
                    - add-brokers
                    - remove-brokers
                  description: >
                    Mode to run the rebalancing. The supported modes are `full`,
                    `add-brokers`, `remove-brokers`.

                    If not specified, the `full` mode is used by default. 


                    * `full` mode runs the rebalancing across all the brokers in
                    the cluster.

                    * `add-brokers` mode can be used after scaling up the
                    cluster to move some replicas to the newly added brokers.

                    * `remove-brokers` mode can be used before scaling down the
                    cluster to move replicas out of the brokers to be removed.
                brokers:
                  type: array
                  items:
                    type: integer
                  description: >-
                    The list of newly added brokers in case of scaling up or the
                    ones to be removed in case of scaling down to use for
                    rebalancing. This list can be used only with rebalancing
                    mode `add-brokers` and `removed-brokers`. It is ignored with
                    `full` mode.
                goals:
                  type: array
                  items:
                    type: string
                  description: >-
                    A list of goals, ordered by decreasing priority, to use for
                    generating and executing the rebalance proposal. The
                    supported goals are available at
                    https://github.com/linkedin/cruise-control#goals. If an
                    empty goals list is provided, the goals declared in the
                    default.goals Cruise Control configuration parameter are
                    used.
                skipHardGoalCheck:
                  type: boolean
                  description: >-
                    Whether to allow the hard goals specified in the Kafka CR to
                    be skipped in optimization proposal generation. This can be
                    useful when some of those hard goals are preventing a
                    balance solution being found. Default is false.
                rebalanceDisk:
                  type: boolean
                  description: >-
                    Enables intra-broker disk balancing, which balances disk
                    space utilization between disks on the same broker. Only
                    applies to Kafka deployments that use JBOD storage with
                    multiple disks. When enabled, inter-broker balancing is
                    disabled. Default is false.
                excludedTopics:
                  type: string
                  description: >-
                    A regular expression where any matching topics will be
                    excluded from the calculation of optimization proposals.
                    This expression will be parsed by the
                    java.util.regex.Pattern class; for more information on the
                    supported format consult the documentation for that class.
                concurrentPartitionMovementsPerBroker:
                  type: integer
                  minimum: 0
                  description: >-
                    The upper bound of ongoing partition replica movements going
                    into/out of each broker. Default is 5.
                concurrentIntraBrokerPartitionMovements:
                  type: integer
                  minimum: 0
                  description: >-
                    The upper bound of ongoing partition replica movements
                    between disks within each broker. Default is 2.
                concurrentLeaderMovements:
                  type: integer
                  minimum: 0
                  description: >-
                    The upper bound of ongoing partition leadership movements.
                    Default is 1000.
                replicationThrottle:
                  type: integer
                  minimum: 0
                  description: >-
                    The upper bound, in bytes per second, on the bandwidth used
                    to move replicas. There is no limit by default.
                replicaMovementStrategies:
                  type: array
                  items:
                    type: string
                  description: >-
                    A list of strategy class names used to determine the
                    execution order for the replica movements in the generated
                    optimization proposal. By default
                    BaseReplicaMovementStrategy is used, which will execute the
                    replica movements in the order that they were generated.
              description: The specification of the Kafka rebalance.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                sessionId:
                  type: string
                  description: >-
                    The session identifier for requests to Cruise Control
                    pertaining to this KafkaRebalance resource. This is used by
                    the Kafka Rebalance operator to track the status of ongoing
                    rebalancing operations.
                optimizationResult:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: A JSON object describing the optimization result.
              description: The status of the Kafka rebalance.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-cluster-operator-namespaced
  labels:
    app: strimzi
rules:
  - apiGroups:
      - rbac.authorization.k8s.io
    resources:
      - rolebindings
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - rbac.authorization.k8s.io
    resources:
      - roles
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - ''
    resources:
      - pods
      - serviceaccounts
      - configmaps
      - services
      - endpoints
      - secrets
      - persistentvolumeclaims
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - apps
    resources:
      - deployments
      - deployments/scale
      - deployments/status
      - statefulsets
      - replicasets
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - ''
      - events.k8s.io
    resources:
      - events
    verbs:
      - create
  - apiGroups:
      - build.openshift.io
    resources:
      - buildconfigs
      - buildconfigs/instantiate
      - builds
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - networking.k8s.io
    resources:
      - networkpolicies
      - ingresses
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - route.openshift.io
    resources:
      - routes
      - routes/custom-host
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update
  - apiGroups:
      - image.openshift.io
    resources:
      - imagestreams
    verbs:
      - get
  - apiGroups:
      - policy
    resources:
      - poddisruptionbudgets
    verbs:
      - get
      - list
      - watch
      - create
      - delete
      - patch
      - update

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: strimzi-cluster-operator-entity-operator-delegation
  labels:
    app: strimzi
  namespace: kafka
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-entity-operator
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkaconnects.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaConnect
    listKind: KafkaConnectList
    singular: kafkaconnect
    plural: kafkaconnects
    shortNames:
      - kc
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
        scale:
          specReplicasPath: .spec.replicas
          statusReplicasPath: .status.replicas
          labelSelectorPath: .status.labelSelector
      additionalPrinterColumns:
        - name: Desired replicas
          description: The desired number of Kafka Connect replicas
          jsonPath: .spec.replicas
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                version:
                  type: string
                  description: >-
                    The Kafka Connect version. Defaults to
                    {DefaultKafkaVersion}. Consult the user documentation to
                    understand the process required to upgrade or downgrade the
                    version.
                replicas:
                  type: integer
                  description: >-
                    The number of pods in the Kafka Connect group. Defaults to
                    `3`.
                image:
                  type: string
                  description: The docker image for the pods.
                bootstrapServers:
                  type: string
                  description: >-
                    Bootstrap servers to connect to. This should be given as a
                    comma separated list of _<hostname>_:_<port>_ pairs.
                tls:
                  type: object
                  properties:
                    trustedCertificates:
                      type: array
                      items:
                        type: object
                        properties:
                          certificate:
                            type: string
                            description: The name of the file certificate in the Secret.
                          secretName:
                            type: string
                            description: The name of the Secret containing the certificate.
                        required:
                          - certificate
                          - secretName
                      description: Trusted certificates for TLS connection.
                  description: TLS configuration.
                authentication:
                  type: object
                  properties:
                    accessToken:
                      type: object
                      properties:
                        key:
                          type: string
                          description: >-
                            The key under which the secret value is stored in
                            the Kubernetes Secret.
                        secretName:
                          type: string
                          description: >-
                            The name of the Kubernetes Secret containing the
                            secret value.
                      required:
                        - key
                        - secretName
                      description: >-
                        Link to Kubernetes Secret containing the access token
                        which was obtained from the authorization server.
                    accessTokenIsJwt:
                      type: boolean
                      description: >-
                        Configure whether access token should be treated as JWT.
                        This should be set to `false` if the authorization
                        server returns opaque tokens. Defaults to `true`.
                    audience:
                      type: string
                      description: >-
                        OAuth audience to use when authenticating against the
                        authorization server. Some authorization servers require
                        the audience to be explicitly set. The possible values
                        depend on how the authorization server is configured. By
                        default, `audience` is not specified when performing the
                        token endpoint request.
                    certificateAndKey:
                      type: object
                      properties:
                        certificate:
                          type: string
                          description: The name of the file certificate in the Secret.
                        key:
                          type: string
                          description: The name of the private key in the Secret.
                        secretName:
                          type: string
                          description: The name of the Secret containing the certificate.
                      required:
                        - certificate
                        - key
                        - secretName
                      description: >-
                        Reference to the `Secret` which holds the certificate
                        and private key pair.
                    clientId:
                      type: string
                      description: >-
                        OAuth Client ID which the Kafka client can use to
                        authenticate against the OAuth server and use the token
                        endpoint URI.
                    clientSecret:
                      type: object
                      properties:
                        key:
                          type: string
                          description: >-
                            The key under which the secret value is stored in
                            the Kubernetes Secret.
                        secretName:
                          type: string
                          description: >-
                            The name of the Kubernetes Secret containing the
                            secret value.
                      required:
                        - key
                        - secretName
                      description: >-
                        Link to Kubernetes Secret containing the OAuth client
                        secret which the Kafka client can use to authenticate
                        against the OAuth server and use the token endpoint URI.
                    connectTimeoutSeconds:
                      type: integer
                      description: >-
                        The connect timeout in seconds when connecting to
                        authorization server. If not set, the effective connect
                        timeout is 60 seconds.
                    disableTlsHostnameVerification:
                      type: boolean
                      description: >-
                        Enable or disable TLS hostname verification. Default
                        value is `false`.
                    enableMetrics:
                      type: boolean
                      description: >-
                        Enable or disable OAuth metrics. Default value is
                        `false`.
                    httpRetries:
                      type: integer
                      description: >-
                        The maximum number of retries to attempt if an initial
                        HTTP request fails. If not set, the default is to not
                        attempt any retries.
                    httpRetryPauseMs:
                      type: integer
                      description: >-
                        The pause to take before retrying a failed HTTP request.
                        If not set, the default is to not pause at all but to
                        immediately repeat a request.
                    maxTokenExpirySeconds:
                      type: integer
                      description: >-
                        Set or limit time-to-live of the access tokens to the
                        specified number of seconds. This should be set if the
                        authorization server returns opaque tokens.
                    passwordSecret:
                      type: object
                      properties:
                        password:
                          type: string
                          description: >-
                            The name of the key in the Secret under which the
                            password is stored.
                        secretName:
                          type: string
                          description: The name of the Secret containing the password.
                      required:
                        - password
                        - secretName
                      description: Reference to the `Secret` which holds the password.
                    readTimeoutSeconds:
                      type: integer
                      description: >-
                        The read timeout in seconds when connecting to
                        authorization server. If not set, the effective read
                        timeout is 60 seconds.
                    refreshToken:
                      type: object
                      properties:
                        key:
                          type: string
                          description: >-
                            The key under which the secret value is stored in
                            the Kubernetes Secret.
                        secretName:
                          type: string
                          description: >-
                            The name of the Kubernetes Secret containing the
                            secret value.
                      required:
                        - key
                        - secretName
                      description: >-
                        Link to Kubernetes Secret containing the refresh token
                        which can be used to obtain access token from the
                        authorization server.
                    scope:
                      type: string
                      description: >-
                        OAuth scope to use when authenticating against the
                        authorization server. Some authorization servers require
                        this to be set. The possible values depend on how
                        authorization server is configured. By default `scope`
                        is not specified when doing the token endpoint request.
                    tlsTrustedCertificates:
                      type: array
                      items:
                        type: object
                        properties:
                          certificate:
                            type: string
                            description: The name of the file certificate in the Secret.
                          secretName:
                            type: string
                            description: The name of the Secret containing the certificate.
                        required:
                          - certificate
                          - secretName
                      description: >-
                        Trusted certificates for TLS connection to the OAuth
                        server.
                    tokenEndpointUri:
                      type: string
                      description: Authorization server token endpoint URI.
                    type:
                      type: string
                      enum:
                        - tls
                        - scram-sha-256
                        - scram-sha-512
                        - plain
                        - oauth
                      description: >-
                        Authentication type. Currently the supported types are
                        `tls`, `scram-sha-256`, `scram-sha-512`, `plain`, and
                        'oauth'. `scram-sha-256` and `scram-sha-512` types use
                        SASL SCRAM-SHA-256 and SASL SCRAM-SHA-512
                        Authentication, respectively. `plain` type uses SASL
                        PLAIN Authentication. `oauth` type uses SASL OAUTHBEARER
                        Authentication. The `tls` type uses TLS Client
                        Authentication. The `tls` type is supported only over
                        TLS connections.
                    username:
                      type: string
                      description: Username used for the authentication.
                  required:
                    - type
                  description: Authentication configuration for Kafka Connect.
                config:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: >-
                    The Kafka Connect configuration. Properties with the
                    following prefixes cannot be set: ssl., sasl., security.,
                    listeners, plugin.path, rest., bootstrap.servers,
                    consumer.interceptor.classes, producer.interceptor.classes
                    (with the exception of:
                    ssl.endpoint.identification.algorithm, ssl.cipher.suites,
                    ssl.protocol, ssl.enabled.protocols).
                resources:
                  type: object
                  properties:
                    claims:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                    limits:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                    requests:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                  description: >-
                    The maximum limits for CPU and memory resources and the
                    requested initial resources.
                livenessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod liveness checking.
                readinessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod readiness checking.
                jvmOptions:
                  type: object
                  properties:
                    '-XX':
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A map of -XX options to the JVM.
                    '-Xms':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xms option to to the JVM.'
                    '-Xmx':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xmx option to to the JVM.'
                    gcLoggingEnabled:
                      type: boolean
                      description: >-
                        Specifies whether the Garbage Collection logging is
                        enabled. The default is false.
                    javaSystemProperties:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            description: The system property name.
                          value:
                            type: string
                            description: The system property value.
                      description: >-
                        A map of additional system properties which will be
                        passed using the `-D` option to the JVM.
                  description: JVM Options for pods.
                jmxOptions:
                  type: object
                  properties:
                    authentication:
                      type: object
                      properties:
                        type:
                          type: string
                          enum:
                            - password
                          description: >-
                            Authentication type. Currently the only supported
                            types are `password`.`password` type creates a
                            username and protected port with no TLS.
                      required:
                        - type
                      description: >-
                        Authentication configuration for connecting to the JMX
                        port.
                  description: JMX Options.
                logging:
                  type: object
                  properties:
                    loggers:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A Map from logger name to logger level.
                    type:
                      type: string
                      enum:
                        - inline
                        - external
                      description: 'Logging type, must be either ''inline'' or ''external''.'
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        `ConfigMap` entry where the logging configuration is
                        stored. 
                  required:
                    - type
                  description: Logging configuration for Kafka Connect.
                clientRackInitImage:
                  type: string
                  description: >-
                    The image of the init container used for initializing the
                    `client.rack`.
                rack:
                  type: object
                  properties:
                    topologyKey:
                      type: string
                      example: topology.kubernetes.io/zone
                      description: >-
                        A key that matches labels assigned to the Kubernetes
                        cluster nodes. The value of the label is used to set a
                        broker's `broker.rack` config, and the `client.rack`
                        config for Kafka Connect or MirrorMaker 2.
                  required:
                    - topologyKey
                  description: >-
                    Configuration of the node label which will be used as the
                    `client.rack` consumer configuration.
                tracing:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jaeger
                        - opentelemetry
                      description: >-
                        Type of the tracing used. Currently the only supported
                        types are `jaeger` for OpenTracing (Jaeger) tracing and
                        `opentelemetry` for OpenTelemetry tracing. The
                        OpenTracing (Jaeger) tracing is deprecated.
                  required:
                    - type
                  description: The configuration of tracing in Kafka Connect.
                template:
                  type: object
                  properties:
                    deployment:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        deploymentStrategy:
                          type: string
                          enum:
                            - RollingUpdate
                            - Recreate
                          description: >-
                            Pod replacement strategy for deployment
                            configuration changes. Valid values are
                            `RollingUpdate` and `Recreate`. Defaults to
                            `RollingUpdate`.
                      description: Template for Kafka Connect `Deployment`.
                    podSet:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for Kafka Connect `StrimziPodSet` resource.
                    pod:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        imagePullSecrets:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                          description: >-
                            List of references to secrets in the same namespace
                            to use for pulling any of the images used by this
                            Pod. When the `STRIMZI_IMAGE_PULL_SECRETS`
                            environment variable in Cluster Operator and the
                            `imagePullSecrets` option are specified, only the
                            `imagePullSecrets` variable is used and the
                            `STRIMZI_IMAGE_PULL_SECRETS` variable is ignored.
                        securityContext:
                          type: object
                          properties:
                            fsGroup:
                              type: integer
                            fsGroupChangePolicy:
                              type: string
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            supplementalGroups:
                              type: array
                              items:
                                type: integer
                            sysctls:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                  value:
                                    type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: >-
                            Configures pod-level security attributes and common
                            container settings.
                        terminationGracePeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The grace period is the duration in seconds after
                            the processes running in the pod are sent a
                            termination signal, and the time when the processes
                            are forcibly halted with a kill signal. Set this
                            value to longer than the expected cleanup time for
                            your process. Value must be a non-negative integer.
                            A zero value indicates delete immediately. You might
                            need to increase the grace period for very large
                            Kafka clusters, so that the Kafka brokers have
                            enough time to transfer their work to another broker
                            before they are terminated. Defaults to 30 seconds.
                        affinity:
                          type: object
                          properties:
                            nodeAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      preference:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: object
                                  properties:
                                    nodeSelectorTerms:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                            podAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                            podAntiAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                          description: The pod's affinity rules.
                        tolerations:
                          type: array
                          items:
                            type: object
                            properties:
                              effect:
                                type: string
                              key:
                                type: string
                              operator:
                                type: string
                              tolerationSeconds:
                                type: integer
                              value:
                                type: string
                          description: The pod's tolerations.
                        priorityClassName:
                          type: string
                          description: >-
                            The name of the priority class used to assign
                            priority to the pods. For more information about
                            priority classes, see {K8sPriorityClass}.
                        schedulerName:
                          type: string
                          description: >-
                            The name of the scheduler used to dispatch this
                            `Pod`. If not specified, the default scheduler will
                            be used.
                        hostAliases:
                          type: array
                          items:
                            type: object
                            properties:
                              hostnames:
                                type: array
                                items:
                                  type: string
                              ip:
                                type: string
                          description: >-
                            The pod's HostAliases. HostAliases is an optional
                            list of hosts and IPs that will be injected into the
                            Pod's hosts file if specified.
                        tmpDirSizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            Defines the total amount (for example `1Gi`) of
                            local storage required for temporary EmptyDir volume
                            (`/tmp`). Default value is `5Mi`.
                        enableServiceLinks:
                          type: boolean
                          description: >-
                            Indicates whether information about services should
                            be injected into Pod's environment variables.
                        topologySpreadConstraints:
                          type: array
                          items:
                            type: object
                            properties:
                              labelSelector:
                                type: object
                                properties:
                                  matchExpressions:
                                    type: array
                                    items:
                                      type: object
                                      properties:
                                        key:
                                          type: string
                                        operator:
                                          type: string
                                        values:
                                          type: array
                                          items:
                                            type: string
                                  matchLabels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                              matchLabelKeys:
                                type: array
                                items:
                                  type: string
                              maxSkew:
                                type: integer
                              minDomains:
                                type: integer
                              nodeAffinityPolicy:
                                type: string
                              nodeTaintsPolicy:
                                type: string
                              topologyKey:
                                type: string
                              whenUnsatisfiable:
                                type: string
                          description: The pod's topology spread constraints.
                      description: Template for Kafka Connect `Pods`.
                    apiService:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        ipFamilyPolicy:
                          type: string
                          enum:
                            - SingleStack
                            - PreferDualStack
                            - RequireDualStack
                          description: >-
                            Specifies the IP Family Policy used by the service.
                            Available options are `SingleStack`,
                            `PreferDualStack` and `RequireDualStack`.
                            `SingleStack` is for a single IP family.
                            `PreferDualStack` is for two IP families on
                            dual-stack configured clusters or a single IP family
                            on single-stack clusters. `RequireDualStack` fails
                            unless there are two IP families on dual-stack
                            configured clusters. If unspecified, Kubernetes will
                            choose the default value based on the service type.
                            Available on Kubernetes 1.20 and newer.
                        ipFamilies:
                          type: array
                          items:
                            type: string
                            enum:
                              - IPv4
                              - IPv6
                          description: >-
                            Specifies the IP Families used by the service.
                            Available options are `IPv4` and `IPv6. If
                            unspecified, Kubernetes will choose the default
                            value based on the `ipFamilyPolicy` setting.
                            Available on Kubernetes 1.20 and newer.
                      description: Template for Kafka Connect API `Service`.
                    headlessService:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        ipFamilyPolicy:
                          type: string
                          enum:
                            - SingleStack
                            - PreferDualStack
                            - RequireDualStack
                          description: >-
                            Specifies the IP Family Policy used by the service.
                            Available options are `SingleStack`,
                            `PreferDualStack` and `RequireDualStack`.
                            `SingleStack` is for a single IP family.
                            `PreferDualStack` is for two IP families on
                            dual-stack configured clusters or a single IP family
                            on single-stack clusters. `RequireDualStack` fails
                            unless there are two IP families on dual-stack
                            configured clusters. If unspecified, Kubernetes will
                            choose the default value based on the service type.
                            Available on Kubernetes 1.20 and newer.
                        ipFamilies:
                          type: array
                          items:
                            type: string
                            enum:
                              - IPv4
                              - IPv6
                          description: >-
                            Specifies the IP Families used by the service.
                            Available options are `IPv4` and `IPv6. If
                            unspecified, Kubernetes will choose the default
                            value based on the `ipFamilyPolicy` setting.
                            Available on Kubernetes 1.20 and newer.
                      description: Template for Kafka Connect headless `Service`.
                    connectContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for the Kafka Connect container.
                    initContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for the Kafka init container.
                    podDisruptionBudget:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: >-
                            Metadata to apply to the
                            `PodDisruptionBudgetTemplate` resource.
                        maxUnavailable:
                          type: integer
                          minimum: 0
                          description: >-
                            Maximum number of unavailable pods to allow
                            automatic Pod eviction. A Pod eviction is allowed
                            when the `maxUnavailable` number of pods or fewer
                            are unavailable after the eviction. Setting this
                            value to 0 prevents all voluntary evictions, so the
                            pods must be evicted manually. Defaults to 1.
                      description: Template for Kafka Connect `PodDisruptionBudget`.
                    serviceAccount:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Connect service account.
                    clusterRoleBinding:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Connect ClusterRoleBinding.
                    buildPod:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        imagePullSecrets:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                          description: >-
                            List of references to secrets in the same namespace
                            to use for pulling any of the images used by this
                            Pod. When the `STRIMZI_IMAGE_PULL_SECRETS`
                            environment variable in Cluster Operator and the
                            `imagePullSecrets` option are specified, only the
                            `imagePullSecrets` variable is used and the
                            `STRIMZI_IMAGE_PULL_SECRETS` variable is ignored.
                        securityContext:
                          type: object
                          properties:
                            fsGroup:
                              type: integer
                            fsGroupChangePolicy:
                              type: string
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            supplementalGroups:
                              type: array
                              items:
                                type: integer
                            sysctls:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                  value:
                                    type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: >-
                            Configures pod-level security attributes and common
                            container settings.
                        terminationGracePeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The grace period is the duration in seconds after
                            the processes running in the pod are sent a
                            termination signal, and the time when the processes
                            are forcibly halted with a kill signal. Set this
                            value to longer than the expected cleanup time for
                            your process. Value must be a non-negative integer.
                            A zero value indicates delete immediately. You might
                            need to increase the grace period for very large
                            Kafka clusters, so that the Kafka brokers have
                            enough time to transfer their work to another broker
                            before they are terminated. Defaults to 30 seconds.
                        affinity:
                          type: object
                          properties:
                            nodeAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      preference:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: object
                                  properties:
                                    nodeSelectorTerms:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                            podAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                            podAntiAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                          description: The pod's affinity rules.
                        tolerations:
                          type: array
                          items:
                            type: object
                            properties:
                              effect:
                                type: string
                              key:
                                type: string
                              operator:
                                type: string
                              tolerationSeconds:
                                type: integer
                              value:
                                type: string
                          description: The pod's tolerations.
                        priorityClassName:
                          type: string
                          description: >-
                            The name of the priority class used to assign
                            priority to the pods. For more information about
                            priority classes, see {K8sPriorityClass}.
                        schedulerName:
                          type: string
                          description: >-
                            The name of the scheduler used to dispatch this
                            `Pod`. If not specified, the default scheduler will
                            be used.
                        hostAliases:
                          type: array
                          items:
                            type: object
                            properties:
                              hostnames:
                                type: array
                                items:
                                  type: string
                              ip:
                                type: string
                          description: >-
                            The pod's HostAliases. HostAliases is an optional
                            list of hosts and IPs that will be injected into the
                            Pod's hosts file if specified.
                        tmpDirSizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            Defines the total amount (for example `1Gi`) of
                            local storage required for temporary EmptyDir volume
                            (`/tmp`). Default value is `5Mi`.
                        enableServiceLinks:
                          type: boolean
                          description: >-
                            Indicates whether information about services should
                            be injected into Pod's environment variables.
                        topologySpreadConstraints:
                          type: array
                          items:
                            type: object
                            properties:
                              labelSelector:
                                type: object
                                properties:
                                  matchExpressions:
                                    type: array
                                    items:
                                      type: object
                                      properties:
                                        key:
                                          type: string
                                        operator:
                                          type: string
                                        values:
                                          type: array
                                          items:
                                            type: string
                                  matchLabels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                              matchLabelKeys:
                                type: array
                                items:
                                  type: string
                              maxSkew:
                                type: integer
                              minDomains:
                                type: integer
                              nodeAffinityPolicy:
                                type: string
                              nodeTaintsPolicy:
                                type: string
                              topologyKey:
                                type: string
                              whenUnsatisfiable:
                                type: string
                          description: The pod's topology spread constraints.
                      description: >-
                        Template for Kafka Connect Build `Pods`. The build pod
                        is used only on Kubernetes.
                    buildContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: >-
                        Template for the Kafka Connect Build container. The
                        build container is used only on Kubernetes.
                    buildConfig:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: >-
                            Metadata to apply to the
                            `PodDisruptionBudgetTemplate` resource.
                        pullSecret:
                          type: string
                          description: >-
                            Container Registry Secret with the credentials for
                            pulling the base image.
                      description: >-
                        Template for the Kafka Connect BuildConfig used to build
                        new container images. The BuildConfig is used only on
                        OpenShift.
                    buildServiceAccount:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Connect Build service account.
                    jmxSecret:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: >-
                        Template for Secret of the Kafka Connect Cluster JMX
                        authentication.
                  description: >-
                    Template for Kafka Connect and Kafka Mirror Maker 2
                    resources. The template allows users to specify how the
                    `Deployment`, `Pods` and `Service` are generated.
                externalConfiguration:
                  type: object
                  properties:
                    env:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            description: >-
                              Name of the environment variable which will be
                              passed to the Kafka Connect pods. The name of the
                              environment variable cannot start with `KAFKA_` or
                              `STRIMZI_`.
                          valueFrom:
                            type: object
                            properties:
                              configMapKeyRef:
                                type: object
                                properties:
                                  key:
                                    type: string
                                  name:
                                    type: string
                                  optional:
                                    type: boolean
                                description: Reference to a key in a ConfigMap.
                              secretKeyRef:
                                type: object
                                properties:
                                  key:
                                    type: string
                                  name:
                                    type: string
                                  optional:
                                    type: boolean
                                description: Reference to a key in a Secret.
                            description: >-
                              Value of the environment variable which will be
                              passed to the Kafka Connect pods. It can be passed
                              either as a reference to Secret or ConfigMap
                              field. The field has to specify exactly one Secret
                              or ConfigMap.
                        required:
                          - name
                          - valueFrom
                      description: >-
                        Makes data from a Secret or ConfigMap available in the
                        Kafka Connect pods as environment variables.
                    volumes:
                      type: array
                      items:
                        type: object
                        properties:
                          configMap:
                            type: object
                            properties:
                              defaultMode:
                                type: integer
                              items:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                    mode:
                                      type: integer
                                    path:
                                      type: string
                              name:
                                type: string
                              optional:
                                type: boolean
                            description: >-
                              Reference to a key in a ConfigMap. Exactly one
                              Secret or ConfigMap has to be specified.
                          name:
                            type: string
                            description: >-
                              Name of the volume which will be added to the
                              Kafka Connect pods.
                          secret:
                            type: object
                            properties:
                              defaultMode:
                                type: integer
                              items:
                                type: array
                                items:
                                  type: object
                                  properties:
                                    key:
                                      type: string
                                    mode:
                                      type: integer
                                    path:
                                      type: string
                              optional:
                                type: boolean
                              secretName:
                                type: string
                            description: >-
                              Reference to a key in a Secret. Exactly one Secret
                              or ConfigMap has to be specified.
                        required:
                          - name
                      description: >-
                        Makes data from a Secret or ConfigMap available in the
                        Kafka Connect pods as volumes.
                  description: >-
                    Pass data from Secrets or ConfigMaps to the Kafka Connect
                    pods and use them to configure connectors.
                build:
                  type: object
                  properties:
                    output:
                      type: object
                      properties:
                        additionalKanikoOptions:
                          type: array
                          items:
                            type: string
                          description: >-
                            Configures additional options which will be passed
                            to the Kaniko executor when building the new Connect
                            image. Allowed options are: --customPlatform,
                            --insecure, --insecure-pull, --insecure-registry,
                            --log-format, --log-timestamp, --registry-mirror,
                            --reproducible, --single-snapshot,
                            --skip-tls-verify, --skip-tls-verify-pull,
                            --skip-tls-verify-registry, --verbosity,
                            --snapshotMode, --use-new-run. These options will be
                            used only on Kubernetes where the Kaniko executor is
                            used. They will be ignored on OpenShift. The options
                            are described in the
                            link:https://github.com/GoogleContainerTools/kaniko[Kaniko
                            GitHub repository^]. Changing this field does not
                            trigger new build of the Kafka Connect image.
                        image:
                          type: string
                          description: The name of the image which will be built. Required.
                        pushSecret:
                          type: string
                          description: >-
                            Container Registry Secret with the credentials for
                            pushing the newly built image.
                        type:
                          type: string
                          enum:
                            - docker
                            - imagestream
                          description: >-
                            Output type. Must be either `docker` for pushing the
                            newly build image to Docker compatible registry or
                            `imagestream` for pushing the image to OpenShift
                            ImageStream. Required.
                      required:
                        - image
                        - type
                      description: >-
                        Configures where should the newly built image be stored.
                        Required.
                    resources:
                      type: object
                      properties:
                        claims:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                        limits:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                        requests:
                          x-kubernetes-preserve-unknown-fields: true
                          type: object
                      description: CPU and memory resources to reserve for the build.
                    plugins:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            pattern: '^[a-z0-9][-_a-z0-9]*[a-z0-9]$'
                            description: >-
                              The unique name of the connector plugin. Will be
                              used to generate the path where the connector
                              artifacts will be stored. The name has to be
                              unique within the KafkaConnect resource. The name
                              has to follow the following pattern:
                              `^[a-z][-_a-z0-9]*[a-z]$`. Required.
                          artifacts:
                            type: array
                            items:
                              type: object
                              properties:
                                artifact:
                                  type: string
                                  description: >-
                                    Maven artifact id. Applicable to the `maven`
                                    artifact type only.
                                fileName:
                                  type: string
                                  description: >-
                                    Name under which the artifact will be
                                    stored.
                                group:
                                  type: string
                                  description: >-
                                    Maven group id. Applicable to the `maven`
                                    artifact type only.
                                insecure:
                                  type: boolean
                                  description: >-
                                    By default, connections using TLS are
                                    verified to check they are secure. The
                                    server certificate used must be valid,
                                    trusted, and contain the server name. By
                                    setting this option to `true`, all TLS
                                    verification is disabled and the artifact
                                    will be downloaded, even when the server is
                                    considered insecure.
                                repository:
                                  type: string
                                  description: >-
                                    Maven repository to download the artifact
                                    from. Applicable to the `maven` artifact
                                    type only.
                                sha512sum:
                                  type: string
                                  description: >-
                                    SHA512 checksum of the artifact. Optional.
                                    If specified, the checksum will be verified
                                    while building the new container. If not
                                    specified, the downloaded artifact will not
                                    be verified. Not applicable to the `maven`
                                    artifact type. 
                                type:
                                  type: string
                                  enum:
                                    - jar
                                    - tgz
                                    - zip
                                    - maven
                                    - other
                                  description: >-
                                    Artifact type. Currently, the supported
                                    artifact types are `tgz`, `jar`, `zip`,
                                    `other` and `maven`.
                                url:
                                  type: string
                                  pattern: >-
                                    ^(https?|ftp)://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]$
                                  description: >-
                                    URL of the artifact which will be
                                    downloaded. Strimzi does not do any security
                                    scanning of the downloaded artifacts. For
                                    security reasons, you should first verify
                                    the artifacts manually and configure the
                                    checksum verification to make sure the same
                                    artifact is used in the automated build.
                                    Required for `jar`, `zip`, `tgz` and `other`
                                    artifacts. Not applicable to the `maven`
                                    artifact type.
                                version:
                                  type: string
                                  description: >-
                                    Maven version number. Applicable to the
                                    `maven` artifact type only.
                              required:
                                - type
                            description: >-
                              List of artifacts which belong to this connector
                              plugin. Required.
                        required:
                          - name
                          - artifacts
                      description: >-
                        List of connector plugins which should be added to the
                        Kafka Connect. Required.
                  required:
                    - output
                    - plugins
                  description: >-
                    Configures how the Connect container image should be built.
                    Optional.
                metricsConfig:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jmxPrometheusExporter
                      description: >-
                        Metrics type. Only 'jmxPrometheusExporter' supported
                        currently.
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        ConfigMap entry where the Prometheus JMX Exporter
                        configuration is stored. For details of the structure of
                        this configuration, see the {JMXExporter}.
                  required:
                    - type
                    - valueFrom
                  description: Metrics configuration.
              required:
                - bootstrapServers
              description: The specification of the Kafka Connect cluster.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                url:
                  type: string
                  description: >-
                    The URL of the REST API endpoint for managing and monitoring
                    Kafka Connect connectors.
                connectorPlugins:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The type of the connector plugin. The available types
                          are `sink` and `source`.
                      version:
                        type: string
                        description: The version of the connector plugin.
                      class:
                        type: string
                        description: The class of the connector plugin.
                  description: >-
                    The list of connector plugins available in this Kafka
                    Connect deployment.
                labelSelector:
                  type: string
                  description: Label selector for pods providing this resource.
                replicas:
                  type: integer
                  description: >-
                    The current number of pods being used to provide this
                    resource.
              description: The status of the Kafka Connect cluster.

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: strimzi-cluster-operator
  labels:
    app: strimzi
  namespace: kafka
spec:
  replicas: 1
  selector:
    matchLabels:
      name: strimzi-cluster-operator
      strimzi.io/kind: cluster-operator
  template:
    metadata:
      labels:
        name: strimzi-cluster-operator
        strimzi.io/kind: cluster-operator
    spec:
      serviceAccountName: strimzi-cluster-operator
      volumes:
        - name: strimzi-tmp
          emptyDir:
            medium: Memory
            sizeLimit: 1Mi
        - name: co-config-volume
          configMap:
            name: strimzi-cluster-operator
      containers:
        - name: strimzi-cluster-operator
          image: 'quay.io/strimzi/operator:0.35.1'
          ports:
            - containerPort: 8080
              name: http
          args:
            - /opt/strimzi/bin/cluster_operator_run.sh
          volumeMounts:
            - name: strimzi-tmp
              mountPath: /tmp
            - name: co-config-volume
              mountPath: /opt/strimzi/custom-config/
          env:
            - name: STRIMZI_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: STRIMZI_FULL_RECONCILIATION_INTERVAL_MS
              value: '120000'
            - name: STRIMZI_OPERATION_TIMEOUT_MS
              value: '300000'
            - name: STRIMZI_DEFAULT_TLS_SIDECAR_ENTITY_OPERATOR_IMAGE
              value: 'quay.io/strimzi/kafka:0.35.1-kafka-3.4.0'
            - name: STRIMZI_DEFAULT_KAFKA_EXPORTER_IMAGE
              value: 'quay.io/strimzi/kafka:0.35.1-kafka-3.4.0'
            - name: STRIMZI_DEFAULT_CRUISE_CONTROL_IMAGE
              value: 'quay.io/strimzi/kafka:0.35.1-kafka-3.4.0'
            - name: STRIMZI_KAFKA_IMAGES
              value: |
                3.3.1=quay.io/strimzi/kafka:0.35.1-kafka-3.3.1
                3.3.2=quay.io/strimzi/kafka:0.35.1-kafka-3.3.2
                3.4.0=quay.io/strimzi/kafka:0.35.1-kafka-3.4.0
            - name: STRIMZI_KAFKA_CONNECT_IMAGES
              value: |
                3.3.1=quay.io/strimzi/kafka:0.35.1-kafka-3.3.1
                3.3.2=quay.io/strimzi/kafka:0.35.1-kafka-3.3.2
                3.4.0=quay.io/strimzi/kafka:0.35.1-kafka-3.4.0
            - name: STRIMZI_KAFKA_MIRROR_MAKER_IMAGES
              value: |
                3.3.1=quay.io/strimzi/kafka:0.35.1-kafka-3.3.1
                3.3.2=quay.io/strimzi/kafka:0.35.1-kafka-3.3.2
                3.4.0=quay.io/strimzi/kafka:0.35.1-kafka-3.4.0
            - name: STRIMZI_KAFKA_MIRROR_MAKER_2_IMAGES
              value: |
                3.3.1=quay.io/strimzi/kafka:0.35.1-kafka-3.3.1
                3.3.2=quay.io/strimzi/kafka:0.35.1-kafka-3.3.2
                3.4.0=quay.io/strimzi/kafka:0.35.1-kafka-3.4.0
            - name: STRIMZI_DEFAULT_TOPIC_OPERATOR_IMAGE
              value: 'quay.io/strimzi/operator:0.35.1'
            - name: STRIMZI_DEFAULT_USER_OPERATOR_IMAGE
              value: 'quay.io/strimzi/operator:0.35.1'
            - name: STRIMZI_DEFAULT_KAFKA_INIT_IMAGE
              value: 'quay.io/strimzi/operator:0.35.1'
            - name: STRIMZI_DEFAULT_KAFKA_BRIDGE_IMAGE
              value: 'quay.io/strimzi/kafka-bridge:0.25.0'
            - name: STRIMZI_DEFAULT_KANIKO_EXECUTOR_IMAGE
              value: 'quay.io/strimzi/kaniko-executor:0.35.1'
            - name: STRIMZI_DEFAULT_MAVEN_BUILDER
              value: 'quay.io/strimzi/maven-builder:0.35.1'
            - name: STRIMZI_OPERATOR_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: STRIMZI_FEATURE_GATES
              value: ''
            - name: STRIMZI_LEADER_ELECTION_ENABLED
              value: 'true'
            - name: STRIMZI_LEADER_ELECTION_LEASE_NAME
              value: strimzi-cluster-operator
            - name: STRIMZI_LEADER_ELECTION_LEASE_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: STRIMZI_LEADER_ELECTION_IDENTITY
              valueFrom:
                fieldRef:
                  fieldPath: metadata.name
          livenessProbe:
            httpGet:
              path: /healthy
              port: http
            initialDelaySeconds: 10
            periodSeconds: 30
          readinessProbe:
            httpGet:
              path: /ready
              port: http
            initialDelaySeconds: 10
            periodSeconds: 30
          resources:
            limits:
              cpu: 1000m
              memory: 384Mi
            requests:
              cpu: 200m
              memory: 384Mi

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkatopics.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaTopic
    listKind: KafkaTopicList
    singular: kafkatopic
    plural: kafkatopics
    shortNames:
      - kt
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this topic belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Partitions
          description: The desired number of partitions in the topic
          jsonPath: .spec.partitions
          type: integer
        - name: Replication factor
          description: The desired number of replicas of each partition
          jsonPath: .spec.replicas
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                partitions:
                  type: integer
                  minimum: 1
                  description: >-
                    The number of partitions the topic should have. This cannot
                    be decreased after topic creation. It can be increased after
                    topic creation, but it is important to understand the
                    consequences that has, especially for topics with semantic
                    partitioning. When absent this will default to the broker
                    configuration for `num.partitions`.
                replicas:
                  type: integer
                  minimum: 1
                  maximum: 32767
                  description: >-
                    The number of replicas the topic should have. When absent
                    this will default to the broker configuration for
                    `default.replication.factor`.
                config:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: The topic configuration.
                topicName:
                  type: string
                  description: >-
                    The name of the topic. When absent this will default to the
                    metadata.name of the topic. It is recommended to not set
                    this unless the topic name is not a valid Kubernetes
                    resource name.
              description: The specification of the topic.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                topicName:
                  type: string
                  description: Topic name.
              description: The status of the topic.
    - name: v1beta1
      served: true
      storage: false
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this topic belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Partitions
          description: The desired number of partitions in the topic
          jsonPath: .spec.partitions
          type: integer
        - name: Replication factor
          description: The desired number of replicas of each partition
          jsonPath: .spec.replicas
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                partitions:
                  type: integer
                  minimum: 1
                  description: >-
                    The number of partitions the topic should have. This cannot
                    be decreased after topic creation. It can be increased after
                    topic creation, but it is important to understand the
                    consequences that has, especially for topics with semantic
                    partitioning. When absent this will default to the broker
                    configuration for `num.partitions`.
                replicas:
                  type: integer
                  minimum: 1
                  maximum: 32767
                  description: >-
                    The number of replicas the topic should have. When absent
                    this will default to the broker configuration for
                    `default.replication.factor`.
                config:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: The topic configuration.
                topicName:
                  type: string
                  description: >-
                    The name of the topic. When absent this will default to the
                    metadata.name of the topic. It is recommended to not set
                    this unless the topic name is not a valid Kubernetes
                    resource name.
              description: The specification of the topic.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                topicName:
                  type: string
                  description: Topic name.
              description: The status of the topic.
    - name: v1alpha1
      served: true
      storage: false
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this topic belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Partitions
          description: The desired number of partitions in the topic
          jsonPath: .spec.partitions
          type: integer
        - name: Replication factor
          description: The desired number of replicas of each partition
          jsonPath: .spec.replicas
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                partitions:
                  type: integer
                  minimum: 1
                  description: >-
                    The number of partitions the topic should have. This cannot
                    be decreased after topic creation. It can be increased after
                    topic creation, but it is important to understand the
                    consequences that has, especially for topics with semantic
                    partitioning. When absent this will default to the broker
                    configuration for `num.partitions`.
                replicas:
                  type: integer
                  minimum: 1
                  maximum: 32767
                  description: >-
                    The number of replicas the topic should have. When absent
                    this will default to the broker configuration for
                    `default.replication.factor`.
                config:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: The topic configuration.
                topicName:
                  type: string
                  description: >-
                    The name of the topic. When absent this will default to the
                    metadata.name of the topic. It is recommended to not set
                    this unless the topic name is not a valid Kubernetes
                    resource name.
              description: The specification of the topic.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                topicName:
                  type: string
                  description: Topic name.
              description: The status of the topic.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: strimzi-kafka-client
  labels:
    app: strimzi
rules:
  - apiGroups:
      - ''
    resources:
      - nodes
    verbs:
      - get

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkaconnectors.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaConnector
    listKind: KafkaConnectorList
    singular: kafkaconnector
    plural: kafkaconnectors
    shortNames:
      - kctr
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
        scale:
          specReplicasPath: .spec.tasksMax
          statusReplicasPath: .status.tasksMax
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka Connect cluster this connector belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Connector class
          description: The class used by this connector
          jsonPath: .spec.class
          type: string
        - name: Max Tasks
          description: Maximum number of tasks
          jsonPath: .spec.tasksMax
          type: integer
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                class:
                  type: string
                  description: The Class for the Kafka Connector.
                tasksMax:
                  type: integer
                  minimum: 1
                  description: The maximum number of tasks for the Kafka Connector.
                autoRestart:
                  type: object
                  properties:
                    enabled:
                      type: boolean
                      description: >-
                        Whether automatic restart for failed connectors and
                        tasks should be enabled or disabled.
                  description: Automatic restart of connector and tasks configuration.
                config:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: >-
                    The Kafka Connector configuration. The following properties
                    cannot be set: connector.class, tasks.max.
                pause:
                  type: boolean
                  description: Whether the connector should be paused. Defaults to false.
              description: The specification of the Kafka Connector.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                autoRestart:
                  type: object
                  properties:
                    count:
                      type: integer
                      description: The number of times the connector or task is restarted.
                    connectorName:
                      type: string
                      description: The name of the connector being restarted.
                    lastRestartTimestamp:
                      type: string
                      description: >-
                        The last time the automatic restart was attempted. The
                        required format is 'yyyy-MM-ddTHH:mm:ssZ' in the UTC
                        time zone.
                  description: The auto restart status.
                connectorStatus:
                  x-kubernetes-preserve-unknown-fields: true
                  type: object
                  description: >-
                    The connector status, as reported by the Kafka Connect REST
                    API.
                tasksMax:
                  type: integer
                  description: The maximum number of tasks for the Kafka Connector.
                topics:
                  type: array
                  items:
                    type: string
                  description: The list of topics used by the Kafka Connector.
              description: The status of the Kafka Connector.

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkamirrormakers.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaMirrorMaker
    listKind: KafkaMirrorMakerList
    singular: kafkamirrormaker
    plural: kafkamirrormakers
    shortNames:
      - kmm
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
        scale:
          specReplicasPath: .spec.replicas
          statusReplicasPath: .status.replicas
          labelSelectorPath: .status.labelSelector
      additionalPrinterColumns:
        - name: Desired replicas
          description: The desired number of Kafka MirrorMaker replicas
          jsonPath: .spec.replicas
          type: integer
        - name: Consumer Bootstrap Servers
          description: The boostrap servers for the consumer
          jsonPath: .spec.consumer.bootstrapServers
          type: string
          priority: 1
        - name: Producer Bootstrap Servers
          description: The boostrap servers for the producer
          jsonPath: .spec.producer.bootstrapServers
          type: string
          priority: 1
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                version:
                  type: string
                  description: >-
                    The Kafka MirrorMaker version. Defaults to
                    {DefaultKafkaVersion}. Consult the documentation to
                    understand the process required to upgrade or downgrade the
                    version.
                replicas:
                  type: integer
                  minimum: 0
                  description: The number of pods in the `Deployment`.
                image:
                  type: string
                  description: The docker image for the pods.
                consumer:
                  type: object
                  properties:
                    numStreams:
                      type: integer
                      minimum: 1
                      description: >-
                        Specifies the number of consumer stream threads to
                        create.
                    offsetCommitInterval:
                      type: integer
                      description: >-
                        Specifies the offset auto-commit interval in ms. Default
                        value is 60000.
                    bootstrapServers:
                      type: string
                      description: >-
                        A list of host:port pairs for establishing the initial
                        connection to the Kafka cluster.
                    groupId:
                      type: string
                      description: >-
                        A unique string that identifies the consumer group this
                        consumer belongs to.
                    authentication:
                      type: object
                      properties:
                        accessToken:
                          type: object
                          properties:
                            key:
                              type: string
                              description: >-
                                The key under which the secret value is stored
                                in the Kubernetes Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Kubernetes Secret containing the
                                secret value.
                          required:
                            - key
                            - secretName
                          description: >-
                            Link to Kubernetes Secret containing the access
                            token which was obtained from the authorization
                            server.
                        accessTokenIsJwt:
                          type: boolean
                          description: >-
                            Configure whether access token should be treated as
                            JWT. This should be set to `false` if the
                            authorization server returns opaque tokens. Defaults
                            to `true`.
                        audience:
                          type: string
                          description: >-
                            OAuth audience to use when authenticating against
                            the authorization server. Some authorization servers
                            require the audience to be explicitly set. The
                            possible values depend on how the authorization
                            server is configured. By default, `audience` is not
                            specified when performing the token endpoint
                            request.
                        certificateAndKey:
                          type: object
                          properties:
                            certificate:
                              type: string
                              description: The name of the file certificate in the Secret.
                            key:
                              type: string
                              description: The name of the private key in the Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Secret containing the
                                certificate.
                          required:
                            - certificate
                            - key
                            - secretName
                          description: >-
                            Reference to the `Secret` which holds the
                            certificate and private key pair.
                        clientId:
                          type: string
                          description: >-
                            OAuth Client ID which the Kafka client can use to
                            authenticate against the OAuth server and use the
                            token endpoint URI.
                        clientSecret:
                          type: object
                          properties:
                            key:
                              type: string
                              description: >-
                                The key under which the secret value is stored
                                in the Kubernetes Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Kubernetes Secret containing the
                                secret value.
                          required:
                            - key
                            - secretName
                          description: >-
                            Link to Kubernetes Secret containing the OAuth
                            client secret which the Kafka client can use to
                            authenticate against the OAuth server and use the
                            token endpoint URI.
                        connectTimeoutSeconds:
                          type: integer
                          description: >-
                            The connect timeout in seconds when connecting to
                            authorization server. If not set, the effective
                            connect timeout is 60 seconds.
                        disableTlsHostnameVerification:
                          type: boolean
                          description: >-
                            Enable or disable TLS hostname verification. Default
                            value is `false`.
                        enableMetrics:
                          type: boolean
                          description: >-
                            Enable or disable OAuth metrics. Default value is
                            `false`.
                        httpRetries:
                          type: integer
                          description: >-
                            The maximum number of retries to attempt if an
                            initial HTTP request fails. If not set, the default
                            is to not attempt any retries.
                        httpRetryPauseMs:
                          type: integer
                          description: >-
                            The pause to take before retrying a failed HTTP
                            request. If not set, the default is to not pause at
                            all but to immediately repeat a request.
                        maxTokenExpirySeconds:
                          type: integer
                          description: >-
                            Set or limit time-to-live of the access tokens to
                            the specified number of seconds. This should be set
                            if the authorization server returns opaque tokens.
                        passwordSecret:
                          type: object
                          properties:
                            password:
                              type: string
                              description: >-
                                The name of the key in the Secret under which
                                the password is stored.
                            secretName:
                              type: string
                              description: The name of the Secret containing the password.
                          required:
                            - password
                            - secretName
                          description: Reference to the `Secret` which holds the password.
                        readTimeoutSeconds:
                          type: integer
                          description: >-
                            The read timeout in seconds when connecting to
                            authorization server. If not set, the effective read
                            timeout is 60 seconds.
                        refreshToken:
                          type: object
                          properties:
                            key:
                              type: string
                              description: >-
                                The key under which the secret value is stored
                                in the Kubernetes Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Kubernetes Secret containing the
                                secret value.
                          required:
                            - key
                            - secretName
                          description: >-
                            Link to Kubernetes Secret containing the refresh
                            token which can be used to obtain access token from
                            the authorization server.
                        scope:
                          type: string
                          description: >-
                            OAuth scope to use when authenticating against the
                            authorization server. Some authorization servers
                            require this to be set. The possible values depend
                            on how authorization server is configured. By
                            default `scope` is not specified when doing the
                            token endpoint request.
                        tlsTrustedCertificates:
                          type: array
                          items:
                            type: object
                            properties:
                              certificate:
                                type: string
                                description: >-
                                  The name of the file certificate in the
                                  Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  certificate.
                            required:
                              - certificate
                              - secretName
                          description: >-
                            Trusted certificates for TLS connection to the OAuth
                            server.
                        tokenEndpointUri:
                          type: string
                          description: Authorization server token endpoint URI.
                        type:
                          type: string
                          enum:
                            - tls
                            - scram-sha-256
                            - scram-sha-512
                            - plain
                            - oauth
                          description: >-
                            Authentication type. Currently the supported types
                            are `tls`, `scram-sha-256`, `scram-sha-512`,
                            `plain`, and 'oauth'. `scram-sha-256` and
                            `scram-sha-512` types use SASL SCRAM-SHA-256 and
                            SASL SCRAM-SHA-512 Authentication, respectively.
                            `plain` type uses SASL PLAIN Authentication. `oauth`
                            type uses SASL OAUTHBEARER Authentication. The `tls`
                            type uses TLS Client Authentication. The `tls` type
                            is supported only over TLS connections.
                        username:
                          type: string
                          description: Username used for the authentication.
                      required:
                        - type
                      description: >-
                        Authentication configuration for connecting to the
                        cluster.
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The MirrorMaker consumer config. Properties with the
                        following prefixes cannot be set: ssl.,
                        bootstrap.servers, group.id, sasl., security.,
                        interceptor.classes (with the exception of:
                        ssl.endpoint.identification.algorithm,
                        ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols).
                    tls:
                      type: object
                      properties:
                        trustedCertificates:
                          type: array
                          items:
                            type: object
                            properties:
                              certificate:
                                type: string
                                description: >-
                                  The name of the file certificate in the
                                  Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  certificate.
                            required:
                              - certificate
                              - secretName
                          description: Trusted certificates for TLS connection.
                      description: >-
                        TLS configuration for connecting MirrorMaker to the
                        cluster.
                  required:
                    - bootstrapServers
                    - groupId
                  description: Configuration of source cluster.
                producer:
                  type: object
                  properties:
                    bootstrapServers:
                      type: string
                      description: >-
                        A list of host:port pairs for establishing the initial
                        connection to the Kafka cluster.
                    abortOnSendFailure:
                      type: boolean
                      description: >-
                        Flag to set the MirrorMaker to exit on a failed send.
                        Default value is `true`.
                    authentication:
                      type: object
                      properties:
                        accessToken:
                          type: object
                          properties:
                            key:
                              type: string
                              description: >-
                                The key under which the secret value is stored
                                in the Kubernetes Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Kubernetes Secret containing the
                                secret value.
                          required:
                            - key
                            - secretName
                          description: >-
                            Link to Kubernetes Secret containing the access
                            token which was obtained from the authorization
                            server.
                        accessTokenIsJwt:
                          type: boolean
                          description: >-
                            Configure whether access token should be treated as
                            JWT. This should be set to `false` if the
                            authorization server returns opaque tokens. Defaults
                            to `true`.
                        audience:
                          type: string
                          description: >-
                            OAuth audience to use when authenticating against
                            the authorization server. Some authorization servers
                            require the audience to be explicitly set. The
                            possible values depend on how the authorization
                            server is configured. By default, `audience` is not
                            specified when performing the token endpoint
                            request.
                        certificateAndKey:
                          type: object
                          properties:
                            certificate:
                              type: string
                              description: The name of the file certificate in the Secret.
                            key:
                              type: string
                              description: The name of the private key in the Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Secret containing the
                                certificate.
                          required:
                            - certificate
                            - key
                            - secretName
                          description: >-
                            Reference to the `Secret` which holds the
                            certificate and private key pair.
                        clientId:
                          type: string
                          description: >-
                            OAuth Client ID which the Kafka client can use to
                            authenticate against the OAuth server and use the
                            token endpoint URI.
                        clientSecret:
                          type: object
                          properties:
                            key:
                              type: string
                              description: >-
                                The key under which the secret value is stored
                                in the Kubernetes Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Kubernetes Secret containing the
                                secret value.
                          required:
                            - key
                            - secretName
                          description: >-
                            Link to Kubernetes Secret containing the OAuth
                            client secret which the Kafka client can use to
                            authenticate against the OAuth server and use the
                            token endpoint URI.
                        connectTimeoutSeconds:
                          type: integer
                          description: >-
                            The connect timeout in seconds when connecting to
                            authorization server. If not set, the effective
                            connect timeout is 60 seconds.
                        disableTlsHostnameVerification:
                          type: boolean
                          description: >-
                            Enable or disable TLS hostname verification. Default
                            value is `false`.
                        enableMetrics:
                          type: boolean
                          description: >-
                            Enable or disable OAuth metrics. Default value is
                            `false`.
                        httpRetries:
                          type: integer
                          description: >-
                            The maximum number of retries to attempt if an
                            initial HTTP request fails. If not set, the default
                            is to not attempt any retries.
                        httpRetryPauseMs:
                          type: integer
                          description: >-
                            The pause to take before retrying a failed HTTP
                            request. If not set, the default is to not pause at
                            all but to immediately repeat a request.
                        maxTokenExpirySeconds:
                          type: integer
                          description: >-
                            Set or limit time-to-live of the access tokens to
                            the specified number of seconds. This should be set
                            if the authorization server returns opaque tokens.
                        passwordSecret:
                          type: object
                          properties:
                            password:
                              type: string
                              description: >-
                                The name of the key in the Secret under which
                                the password is stored.
                            secretName:
                              type: string
                              description: The name of the Secret containing the password.
                          required:
                            - password
                            - secretName
                          description: Reference to the `Secret` which holds the password.
                        readTimeoutSeconds:
                          type: integer
                          description: >-
                            The read timeout in seconds when connecting to
                            authorization server. If not set, the effective read
                            timeout is 60 seconds.
                        refreshToken:
                          type: object
                          properties:
                            key:
                              type: string
                              description: >-
                                The key under which the secret value is stored
                                in the Kubernetes Secret.
                            secretName:
                              type: string
                              description: >-
                                The name of the Kubernetes Secret containing the
                                secret value.
                          required:
                            - key
                            - secretName
                          description: >-
                            Link to Kubernetes Secret containing the refresh
                            token which can be used to obtain access token from
                            the authorization server.
                        scope:
                          type: string
                          description: >-
                            OAuth scope to use when authenticating against the
                            authorization server. Some authorization servers
                            require this to be set. The possible values depend
                            on how authorization server is configured. By
                            default `scope` is not specified when doing the
                            token endpoint request.
                        tlsTrustedCertificates:
                          type: array
                          items:
                            type: object
                            properties:
                              certificate:
                                type: string
                                description: >-
                                  The name of the file certificate in the
                                  Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  certificate.
                            required:
                              - certificate
                              - secretName
                          description: >-
                            Trusted certificates for TLS connection to the OAuth
                            server.
                        tokenEndpointUri:
                          type: string
                          description: Authorization server token endpoint URI.
                        type:
                          type: string
                          enum:
                            - tls
                            - scram-sha-256
                            - scram-sha-512
                            - plain
                            - oauth
                          description: >-
                            Authentication type. Currently the supported types
                            are `tls`, `scram-sha-256`, `scram-sha-512`,
                            `plain`, and 'oauth'. `scram-sha-256` and
                            `scram-sha-512` types use SASL SCRAM-SHA-256 and
                            SASL SCRAM-SHA-512 Authentication, respectively.
                            `plain` type uses SASL PLAIN Authentication. `oauth`
                            type uses SASL OAUTHBEARER Authentication. The `tls`
                            type uses TLS Client Authentication. The `tls` type
                            is supported only over TLS connections.
                        username:
                          type: string
                          description: Username used for the authentication.
                      required:
                        - type
                      description: >-
                        Authentication configuration for connecting to the
                        cluster.
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The MirrorMaker producer config. Properties with the
                        following prefixes cannot be set: ssl.,
                        bootstrap.servers, sasl., security., interceptor.classes
                        (with the exception of:
                        ssl.endpoint.identification.algorithm,
                        ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols).
                    tls:
                      type: object
                      properties:
                        trustedCertificates:
                          type: array
                          items:
                            type: object
                            properties:
                              certificate:
                                type: string
                                description: >-
                                  The name of the file certificate in the
                                  Secret.
                              secretName:
                                type: string
                                description: >-
                                  The name of the Secret containing the
                                  certificate.
                            required:
                              - certificate
                              - secretName
                          description: Trusted certificates for TLS connection.
                      description: >-
                        TLS configuration for connecting MirrorMaker to the
                        cluster.
                  required:
                    - bootstrapServers
                  description: Configuration of target cluster.
                resources:
                  type: object
                  properties:
                    claims:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                    limits:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                    requests:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                  description: CPU and memory resources to reserve.
                whitelist:
                  type: string
                  description: >-
                    List of topics which are included for mirroring. This option
                    allows any regular expression using Java-style regular
                    expressions. Mirroring two topics named A and B is achieved
                    by using the expression `A\|B`. Or, as a special case, you
                    can mirror all topics using the regular expression `*`. You
                    can also specify multiple regular expressions separated by
                    commas.
                include:
                  type: string
                  description: >-
                    List of topics which are included for mirroring. This option
                    allows any regular expression using Java-style regular
                    expressions. Mirroring two topics named A and B is achieved
                    by using the expression `A\|B`. Or, as a special case, you
                    can mirror all topics using the regular expression `*`. You
                    can also specify multiple regular expressions separated by
                    commas.
                jvmOptions:
                  type: object
                  properties:
                    '-XX':
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A map of -XX options to the JVM.
                    '-Xms':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xms option to to the JVM.'
                    '-Xmx':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xmx option to to the JVM.'
                    gcLoggingEnabled:
                      type: boolean
                      description: >-
                        Specifies whether the Garbage Collection logging is
                        enabled. The default is false.
                    javaSystemProperties:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            description: The system property name.
                          value:
                            type: string
                            description: The system property value.
                      description: >-
                        A map of additional system properties which will be
                        passed using the `-D` option to the JVM.
                  description: JVM Options for pods.
                logging:
                  type: object
                  properties:
                    loggers:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A Map from logger name to logger level.
                    type:
                      type: string
                      enum:
                        - inline
                        - external
                      description: 'Logging type, must be either ''inline'' or ''external''.'
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        `ConfigMap` entry where the logging configuration is
                        stored. 
                  required:
                    - type
                  description: Logging configuration for MirrorMaker.
                metricsConfig:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jmxPrometheusExporter
                      description: >-
                        Metrics type. Only 'jmxPrometheusExporter' supported
                        currently.
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        ConfigMap entry where the Prometheus JMX Exporter
                        configuration is stored. For details of the structure of
                        this configuration, see the {JMXExporter}.
                  required:
                    - type
                    - valueFrom
                  description: Metrics configuration.
                tracing:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jaeger
                        - opentelemetry
                      description: >-
                        Type of the tracing used. Currently the only supported
                        types are `jaeger` for OpenTracing (Jaeger) tracing and
                        `opentelemetry` for OpenTelemetry tracing. The
                        OpenTracing (Jaeger) tracing is deprecated.
                  required:
                    - type
                  description: The configuration of tracing in Kafka MirrorMaker.
                template:
                  type: object
                  properties:
                    deployment:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        deploymentStrategy:
                          type: string
                          enum:
                            - RollingUpdate
                            - Recreate
                          description: >-
                            Pod replacement strategy for deployment
                            configuration changes. Valid values are
                            `RollingUpdate` and `Recreate`. Defaults to
                            `RollingUpdate`.
                      description: Template for Kafka MirrorMaker `Deployment`.
                    pod:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        imagePullSecrets:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                          description: >-
                            List of references to secrets in the same namespace
                            to use for pulling any of the images used by this
                            Pod. When the `STRIMZI_IMAGE_PULL_SECRETS`
                            environment variable in Cluster Operator and the
                            `imagePullSecrets` option are specified, only the
                            `imagePullSecrets` variable is used and the
                            `STRIMZI_IMAGE_PULL_SECRETS` variable is ignored.
                        securityContext:
                          type: object
                          properties:
                            fsGroup:
                              type: integer
                            fsGroupChangePolicy:
                              type: string
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            supplementalGroups:
                              type: array
                              items:
                                type: integer
                            sysctls:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                  value:
                                    type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: >-
                            Configures pod-level security attributes and common
                            container settings.
                        terminationGracePeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The grace period is the duration in seconds after
                            the processes running in the pod are sent a
                            termination signal, and the time when the processes
                            are forcibly halted with a kill signal. Set this
                            value to longer than the expected cleanup time for
                            your process. Value must be a non-negative integer.
                            A zero value indicates delete immediately. You might
                            need to increase the grace period for very large
                            Kafka clusters, so that the Kafka brokers have
                            enough time to transfer their work to another broker
                            before they are terminated. Defaults to 30 seconds.
                        affinity:
                          type: object
                          properties:
                            nodeAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      preference:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: object
                                  properties:
                                    nodeSelectorTerms:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                            podAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                            podAntiAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                          description: The pod's affinity rules.
                        tolerations:
                          type: array
                          items:
                            type: object
                            properties:
                              effect:
                                type: string
                              key:
                                type: string
                              operator:
                                type: string
                              tolerationSeconds:
                                type: integer
                              value:
                                type: string
                          description: The pod's tolerations.
                        priorityClassName:
                          type: string
                          description: >-
                            The name of the priority class used to assign
                            priority to the pods. For more information about
                            priority classes, see {K8sPriorityClass}.
                        schedulerName:
                          type: string
                          description: >-
                            The name of the scheduler used to dispatch this
                            `Pod`. If not specified, the default scheduler will
                            be used.
                        hostAliases:
                          type: array
                          items:
                            type: object
                            properties:
                              hostnames:
                                type: array
                                items:
                                  type: string
                              ip:
                                type: string
                          description: >-
                            The pod's HostAliases. HostAliases is an optional
                            list of hosts and IPs that will be injected into the
                            Pod's hosts file if specified.
                        tmpDirSizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            Defines the total amount (for example `1Gi`) of
                            local storage required for temporary EmptyDir volume
                            (`/tmp`). Default value is `5Mi`.
                        enableServiceLinks:
                          type: boolean
                          description: >-
                            Indicates whether information about services should
                            be injected into Pod's environment variables.
                        topologySpreadConstraints:
                          type: array
                          items:
                            type: object
                            properties:
                              labelSelector:
                                type: object
                                properties:
                                  matchExpressions:
                                    type: array
                                    items:
                                      type: object
                                      properties:
                                        key:
                                          type: string
                                        operator:
                                          type: string
                                        values:
                                          type: array
                                          items:
                                            type: string
                                  matchLabels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                              matchLabelKeys:
                                type: array
                                items:
                                  type: string
                              maxSkew:
                                type: integer
                              minDomains:
                                type: integer
                              nodeAffinityPolicy:
                                type: string
                              nodeTaintsPolicy:
                                type: string
                              topologyKey:
                                type: string
                              whenUnsatisfiable:
                                type: string
                          description: The pod's topology spread constraints.
                      description: Template for Kafka MirrorMaker `Pods`.
                    podDisruptionBudget:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: >-
                            Metadata to apply to the
                            `PodDisruptionBudgetTemplate` resource.
                        maxUnavailable:
                          type: integer
                          minimum: 0
                          description: >-
                            Maximum number of unavailable pods to allow
                            automatic Pod eviction. A Pod eviction is allowed
                            when the `maxUnavailable` number of pods or fewer
                            are unavailable after the eviction. Setting this
                            value to 0 prevents all voluntary evictions, so the
                            pods must be evicted manually. Defaults to 1.
                      description: Template for Kafka MirrorMaker `PodDisruptionBudget`.
                    mirrorMakerContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for Kafka MirrorMaker container.
                    serviceAccount:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka MirrorMaker service account.
                  description: >-
                    Template to specify how Kafka MirrorMaker resources,
                    `Deployments` and `Pods`, are generated.
                livenessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod liveness checking.
                readinessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod readiness checking.
              oneOf:
                - properties:
                    include: {}
                  required:
                    - include
                - properties:
                    whitelist: {}
                  required:
                    - whitelist
              required:
                - replicas
                - consumer
                - producer
              description: The specification of Kafka MirrorMaker.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                labelSelector:
                  type: string
                  description: Label selector for pods providing this resource.
                replicas:
                  type: integer
                  description: >-
                    The current number of pods being used to provide this
                    resource.
              description: The status of Kafka MirrorMaker.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: strimzi-cluster-operator-watched
  labels:
    app: strimzi
  namespace: kafka
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-cluster-operator-watched
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkausers.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaUser
    listKind: KafkaUserList
    singular: kafkauser
    plural: kafkausers
    shortNames:
      - ku
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this user belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Authentication
          description: How the user is authenticated
          jsonPath: .spec.authentication.type
          type: string
        - name: Authorization
          description: How the user is authorised
          jsonPath: .spec.authorization.type
          type: string
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                authentication:
                  type: object
                  properties:
                    password:
                      type: object
                      properties:
                        valueFrom:
                          type: object
                          properties:
                            secretKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Selects a key of a Secret in the resource's
                                namespace.
                          description: Secret from which the password should be read.
                      required:
                        - valueFrom
                      description: >-
                        Specify the password for the user. If not set, a new
                        password is generated by the User Operator.
                    type:
                      type: string
                      enum:
                        - tls
                        - tls-external
                        - scram-sha-512
                      description: Authentication type.
                  required:
                    - type
                  description: >-
                    Authentication mechanism enabled for this Kafka user. The
                    supported authentication mechanisms are `scram-sha-512`,
                    `tls`, and `tls-external`. 


                    * `scram-sha-512` generates a secret with SASL SCRAM-SHA-512
                    credentials.

                    * `tls` generates a secret with user certificate for mutual
                    TLS authentication.

                    * `tls-external` does not generate a user certificate.   But
                    prepares the user for using mutual TLS authentication using
                    a user certificate generated outside the User Operator.
                      ACLs and quotas set for this user are configured in the `CN=<username>` format.

                    Authentication is optional. If authentication is not
                    configured, no credentials are generated. ACLs and quotas
                    set for the user are configured in the `<username>` format
                    suitable for SASL authentication.
                authorization:
                  type: object
                  properties:
                    acls:
                      type: array
                      items:
                        type: object
                        properties:
                          host:
                            type: string
                            description: >-
                              The host from which the action described in the
                              ACL rule is allowed or denied.
                          operation:
                            type: string
                            enum:
                              - Read
                              - Write
                              - Create
                              - Delete
                              - Alter
                              - Describe
                              - ClusterAction
                              - AlterConfigs
                              - DescribeConfigs
                              - IdempotentWrite
                              - All
                            description: >-
                              Operation which will be allowed or denied.
                              Supported operations are: Read, Write, Create,
                              Delete, Alter, Describe, ClusterAction,
                              AlterConfigs, DescribeConfigs, IdempotentWrite and
                              All.
                          operations:
                            type: array
                            items:
                              type: string
                              enum:
                                - Read
                                - Write
                                - Create
                                - Delete
                                - Alter
                                - Describe
                                - ClusterAction
                                - AlterConfigs
                                - DescribeConfigs
                                - IdempotentWrite
                                - All
                            description: >-
                              List of operations which will be allowed or
                              denied. Supported operations are: Read, Write,
                              Create, Delete, Alter, Describe, ClusterAction,
                              AlterConfigs, DescribeConfigs, IdempotentWrite and
                              All.
                          resource:
                            type: object
                            properties:
                              name:
                                type: string
                                description: >-
                                  Name of resource for which given ACL rule
                                  applies. Can be combined with `patternType`
                                  field to use prefix pattern.
                              patternType:
                                type: string
                                enum:
                                  - literal
                                  - prefix
                                description: >-
                                  Describes the pattern used in the resource
                                  field. The supported types are `literal` and
                                  `prefix`. With `literal` pattern type, the
                                  resource field will be used as a definition of
                                  a full name. With `prefix` pattern type, the
                                  resource name will be used only as a prefix.
                                  Default value is `literal`.
                              type:
                                type: string
                                enum:
                                  - topic
                                  - group
                                  - cluster
                                  - transactionalId
                                description: >-
                                  Resource type. The available resource types
                                  are `topic`, `group`, `cluster`, and
                                  `transactionalId`.
                            required:
                              - type
                            description: >-
                              Indicates the resource for which given ACL rule
                              applies.
                          type:
                            type: string
                            enum:
                              - allow
                              - deny
                            description: >-
                              The type of the rule. Currently the only supported
                              type is `allow`. ACL rules with type `allow` are
                              used to allow user to execute the specified
                              operations. Default value is `allow`.
                        required:
                          - resource
                      description: List of ACL rules which should be applied to this user.
                    type:
                      type: string
                      enum:
                        - simple
                      description: >-
                        Authorization type. Currently the only supported type is
                        `simple`. `simple` authorization type uses Kafka's
                        `kafka.security.authorizer.AclAuthorizer` class for
                        authorization.
                  required:
                    - acls
                    - type
                  description: Authorization rules for this Kafka user.
                quotas:
                  type: object
                  properties:
                    consumerByteRate:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum bytes per-second that each client
                        group can fetch from a broker before the clients in the
                        group are throttled. Defined on a per-broker basis.
                    controllerMutationRate:
                      type: number
                      minimum: 0
                      description: >-
                        A quota on the rate at which mutations are accepted for
                        the create topics request, the create partitions request
                        and the delete topics request. The rate is accumulated
                        by the number of partitions created or deleted.
                    producerByteRate:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum bytes per-second that each client
                        group can publish to a broker before the clients in the
                        group are throttled. Defined on a per-broker basis.
                    requestPercentage:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum CPU utilization of each client
                        group as a percentage of network and I/O threads.
                  description: >-
                    Quotas on requests to control the broker resources used by
                    clients. Network bandwidth and request rate quotas can be
                    enforced.Kafka documentation for Kafka User quotas can be
                    found at
                    http://kafka.apache.org/documentation/#design_quotas.
                template:
                  type: object
                  properties:
                    secret:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: >-
                        Template for KafkaUser resources. The template allows
                        users to specify how the `Secret` with password or TLS
                        certificates is generated.
                  description: Template to specify how Kafka User `Secrets` are generated.
              description: The specification of the user.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                username:
                  type: string
                  description: Username.
                secret:
                  type: string
                  description: The name of `Secret` where the credentials are stored.
              description: The status of the Kafka User.
    - name: v1beta1
      served: true
      storage: false
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this user belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Authentication
          description: How the user is authenticated
          jsonPath: .spec.authentication.type
          type: string
        - name: Authorization
          description: How the user is authorised
          jsonPath: .spec.authorization.type
          type: string
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                authentication:
                  type: object
                  properties:
                    password:
                      type: object
                      properties:
                        valueFrom:
                          type: object
                          properties:
                            secretKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Selects a key of a Secret in the resource's
                                namespace.
                          description: Secret from which the password should be read.
                      required:
                        - valueFrom
                      description: >-
                        Specify the password for the user. If not set, a new
                        password is generated by the User Operator.
                    type:
                      type: string
                      enum:
                        - tls
                        - tls-external
                        - scram-sha-512
                      description: Authentication type.
                  required:
                    - type
                  description: >-
                    Authentication mechanism enabled for this Kafka user. The
                    supported authentication mechanisms are `scram-sha-512`,
                    `tls`, and `tls-external`. 


                    * `scram-sha-512` generates a secret with SASL SCRAM-SHA-512
                    credentials.

                    * `tls` generates a secret with user certificate for mutual
                    TLS authentication.

                    * `tls-external` does not generate a user certificate.   But
                    prepares the user for using mutual TLS authentication using
                    a user certificate generated outside the User Operator.
                      ACLs and quotas set for this user are configured in the `CN=<username>` format.

                    Authentication is optional. If authentication is not
                    configured, no credentials are generated. ACLs and quotas
                    set for the user are configured in the `<username>` format
                    suitable for SASL authentication.
                authorization:
                  type: object
                  properties:
                    acls:
                      type: array
                      items:
                        type: object
                        properties:
                          host:
                            type: string
                            description: >-
                              The host from which the action described in the
                              ACL rule is allowed or denied.
                          operation:
                            type: string
                            enum:
                              - Read
                              - Write
                              - Create
                              - Delete
                              - Alter
                              - Describe
                              - ClusterAction
                              - AlterConfigs
                              - DescribeConfigs
                              - IdempotentWrite
                              - All
                            description: >-
                              Operation which will be allowed or denied.
                              Supported operations are: Read, Write, Create,
                              Delete, Alter, Describe, ClusterAction,
                              AlterConfigs, DescribeConfigs, IdempotentWrite and
                              All.
                          operations:
                            type: array
                            items:
                              type: string
                              enum:
                                - Read
                                - Write
                                - Create
                                - Delete
                                - Alter
                                - Describe
                                - ClusterAction
                                - AlterConfigs
                                - DescribeConfigs
                                - IdempotentWrite
                                - All
                            description: >-
                              List of operations which will be allowed or
                              denied. Supported operations are: Read, Write,
                              Create, Delete, Alter, Describe, ClusterAction,
                              AlterConfigs, DescribeConfigs, IdempotentWrite and
                              All.
                          resource:
                            type: object
                            properties:
                              name:
                                type: string
                                description: >-
                                  Name of resource for which given ACL rule
                                  applies. Can be combined with `patternType`
                                  field to use prefix pattern.
                              patternType:
                                type: string
                                enum:
                                  - literal
                                  - prefix
                                description: >-
                                  Describes the pattern used in the resource
                                  field. The supported types are `literal` and
                                  `prefix`. With `literal` pattern type, the
                                  resource field will be used as a definition of
                                  a full name. With `prefix` pattern type, the
                                  resource name will be used only as a prefix.
                                  Default value is `literal`.
                              type:
                                type: string
                                enum:
                                  - topic
                                  - group
                                  - cluster
                                  - transactionalId
                                description: >-
                                  Resource type. The available resource types
                                  are `topic`, `group`, `cluster`, and
                                  `transactionalId`.
                            required:
                              - type
                            description: >-
                              Indicates the resource for which given ACL rule
                              applies.
                          type:
                            type: string
                            enum:
                              - allow
                              - deny
                            description: >-
                              The type of the rule. Currently the only supported
                              type is `allow`. ACL rules with type `allow` are
                              used to allow user to execute the specified
                              operations. Default value is `allow`.
                        required:
                          - resource
                      description: List of ACL rules which should be applied to this user.
                    type:
                      type: string
                      enum:
                        - simple
                      description: >-
                        Authorization type. Currently the only supported type is
                        `simple`. `simple` authorization type uses Kafka's
                        `kafka.security.authorizer.AclAuthorizer` class for
                        authorization.
                  required:
                    - acls
                    - type
                  description: Authorization rules for this Kafka user.
                quotas:
                  type: object
                  properties:
                    consumerByteRate:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum bytes per-second that each client
                        group can fetch from a broker before the clients in the
                        group are throttled. Defined on a per-broker basis.
                    controllerMutationRate:
                      type: number
                      minimum: 0
                      description: >-
                        A quota on the rate at which mutations are accepted for
                        the create topics request, the create partitions request
                        and the delete topics request. The rate is accumulated
                        by the number of partitions created or deleted.
                    producerByteRate:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum bytes per-second that each client
                        group can publish to a broker before the clients in the
                        group are throttled. Defined on a per-broker basis.
                    requestPercentage:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum CPU utilization of each client
                        group as a percentage of network and I/O threads.
                  description: >-
                    Quotas on requests to control the broker resources used by
                    clients. Network bandwidth and request rate quotas can be
                    enforced.Kafka documentation for Kafka User quotas can be
                    found at
                    http://kafka.apache.org/documentation/#design_quotas.
                template:
                  type: object
                  properties:
                    secret:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: >-
                        Template for KafkaUser resources. The template allows
                        users to specify how the `Secret` with password or TLS
                        certificates is generated.
                  description: Template to specify how Kafka User `Secrets` are generated.
              description: The specification of the user.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                username:
                  type: string
                  description: Username.
                secret:
                  type: string
                  description: The name of `Secret` where the credentials are stored.
              description: The status of the Kafka User.
    - name: v1alpha1
      served: true
      storage: false
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Cluster
          description: The name of the Kafka cluster this user belongs to
          jsonPath: .metadata.labels.strimzi\.io/cluster
          type: string
        - name: Authentication
          description: How the user is authenticated
          jsonPath: .spec.authentication.type
          type: string
        - name: Authorization
          description: How the user is authorised
          jsonPath: .spec.authorization.type
          type: string
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                authentication:
                  type: object
                  properties:
                    password:
                      type: object
                      properties:
                        valueFrom:
                          type: object
                          properties:
                            secretKeyRef:
                              type: object
                              properties:
                                key:
                                  type: string
                                name:
                                  type: string
                                optional:
                                  type: boolean
                              description: >-
                                Selects a key of a Secret in the resource's
                                namespace.
                          description: Secret from which the password should be read.
                      required:
                        - valueFrom
                      description: >-
                        Specify the password for the user. If not set, a new
                        password is generated by the User Operator.
                    type:
                      type: string
                      enum:
                        - tls
                        - tls-external
                        - scram-sha-512
                      description: Authentication type.
                  required:
                    - type
                  description: >-
                    Authentication mechanism enabled for this Kafka user. The
                    supported authentication mechanisms are `scram-sha-512`,
                    `tls`, and `tls-external`. 


                    * `scram-sha-512` generates a secret with SASL SCRAM-SHA-512
                    credentials.

                    * `tls` generates a secret with user certificate for mutual
                    TLS authentication.

                    * `tls-external` does not generate a user certificate.   But
                    prepares the user for using mutual TLS authentication using
                    a user certificate generated outside the User Operator.
                      ACLs and quotas set for this user are configured in the `CN=<username>` format.

                    Authentication is optional. If authentication is not
                    configured, no credentials are generated. ACLs and quotas
                    set for the user are configured in the `<username>` format
                    suitable for SASL authentication.
                authorization:
                  type: object
                  properties:
                    acls:
                      type: array
                      items:
                        type: object
                        properties:
                          host:
                            type: string
                            description: >-
                              The host from which the action described in the
                              ACL rule is allowed or denied.
                          operation:
                            type: string
                            enum:
                              - Read
                              - Write
                              - Create
                              - Delete
                              - Alter
                              - Describe
                              - ClusterAction
                              - AlterConfigs
                              - DescribeConfigs
                              - IdempotentWrite
                              - All
                            description: >-
                              Operation which will be allowed or denied.
                              Supported operations are: Read, Write, Create,
                              Delete, Alter, Describe, ClusterAction,
                              AlterConfigs, DescribeConfigs, IdempotentWrite and
                              All.
                          operations:
                            type: array
                            items:
                              type: string
                              enum:
                                - Read
                                - Write
                                - Create
                                - Delete
                                - Alter
                                - Describe
                                - ClusterAction
                                - AlterConfigs
                                - DescribeConfigs
                                - IdempotentWrite
                                - All
                            description: >-
                              List of operations which will be allowed or
                              denied. Supported operations are: Read, Write,
                              Create, Delete, Alter, Describe, ClusterAction,
                              AlterConfigs, DescribeConfigs, IdempotentWrite and
                              All.
                          resource:
                            type: object
                            properties:
                              name:
                                type: string
                                description: >-
                                  Name of resource for which given ACL rule
                                  applies. Can be combined with `patternType`
                                  field to use prefix pattern.
                              patternType:
                                type: string
                                enum:
                                  - literal
                                  - prefix
                                description: >-
                                  Describes the pattern used in the resource
                                  field. The supported types are `literal` and
                                  `prefix`. With `literal` pattern type, the
                                  resource field will be used as a definition of
                                  a full name. With `prefix` pattern type, the
                                  resource name will be used only as a prefix.
                                  Default value is `literal`.
                              type:
                                type: string
                                enum:
                                  - topic
                                  - group
                                  - cluster
                                  - transactionalId
                                description: >-
                                  Resource type. The available resource types
                                  are `topic`, `group`, `cluster`, and
                                  `transactionalId`.
                            required:
                              - type
                            description: >-
                              Indicates the resource for which given ACL rule
                              applies.
                          type:
                            type: string
                            enum:
                              - allow
                              - deny
                            description: >-
                              The type of the rule. Currently the only supported
                              type is `allow`. ACL rules with type `allow` are
                              used to allow user to execute the specified
                              operations. Default value is `allow`.
                        required:
                          - resource
                      description: List of ACL rules which should be applied to this user.
                    type:
                      type: string
                      enum:
                        - simple
                      description: >-
                        Authorization type. Currently the only supported type is
                        `simple`. `simple` authorization type uses Kafka's
                        `kafka.security.authorizer.AclAuthorizer` class for
                        authorization.
                  required:
                    - acls
                    - type
                  description: Authorization rules for this Kafka user.
                quotas:
                  type: object
                  properties:
                    consumerByteRate:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum bytes per-second that each client
                        group can fetch from a broker before the clients in the
                        group are throttled. Defined on a per-broker basis.
                    controllerMutationRate:
                      type: number
                      minimum: 0
                      description: >-
                        A quota on the rate at which mutations are accepted for
                        the create topics request, the create partitions request
                        and the delete topics request. The rate is accumulated
                        by the number of partitions created or deleted.
                    producerByteRate:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum bytes per-second that each client
                        group can publish to a broker before the clients in the
                        group are throttled. Defined on a per-broker basis.
                    requestPercentage:
                      type: integer
                      minimum: 0
                      description: >-
                        A quota on the maximum CPU utilization of each client
                        group as a percentage of network and I/O threads.
                  description: >-
                    Quotas on requests to control the broker resources used by
                    clients. Network bandwidth and request rate quotas can be
                    enforced.Kafka documentation for Kafka User quotas can be
                    found at
                    http://kafka.apache.org/documentation/#design_quotas.
                template:
                  type: object
                  properties:
                    secret:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: >-
                        Template for KafkaUser resources. The template allows
                        users to specify how the `Secret` with password or TLS
                        certificates is generated.
                  description: Template to specify how Kafka User `Secrets` are generated.
              description: The specification of the user.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                username:
                  type: string
                  description: Username.
                secret:
                  type: string
                  description: The name of `Secret` where the credentials are stored.
              description: The status of the Kafka User.

---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: strimzi-cluster-operator-kafka-broker-delegation
  labels:
    app: strimzi
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-kafka-broker
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: strimzi-cluster-operator
  labels:
    app: strimzi
  namespace: kafka
subjects:
  - kind: ServiceAccount
    name: strimzi-cluster-operator
    namespace: kafka
roleRef:
  kind: ClusterRole
  name: strimzi-cluster-operator-namespaced
  apiGroup: rbac.authorization.k8s.io

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: kafkabridges.kafka.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: kafka.strimzi.io
  names:
    kind: KafkaBridge
    listKind: KafkaBridgeList
    singular: kafkabridge
    plural: kafkabridges
    shortNames:
      - kb
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
        scale:
          specReplicasPath: .spec.replicas
          statusReplicasPath: .status.replicas
          labelSelectorPath: .status.labelSelector
      additionalPrinterColumns:
        - name: Desired replicas
          description: The desired number of Kafka Bridge replicas
          jsonPath: .spec.replicas
          type: integer
        - name: Bootstrap Servers
          description: The boostrap servers
          jsonPath: .spec.bootstrapServers
          type: string
          priority: 1
        - name: Ready
          description: The state of the custom resource
          jsonPath: '.status.conditions[?(@.type=="Ready")].status'
          type: string
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                replicas:
                  type: integer
                  minimum: 0
                  description: The number of pods in the `Deployment`.  Defaults to `1`.
                image:
                  type: string
                  description: The docker image for the pods.
                bootstrapServers:
                  type: string
                  description: >-
                    A list of host:port pairs for establishing the initial
                    connection to the Kafka cluster.
                tls:
                  type: object
                  properties:
                    trustedCertificates:
                      type: array
                      items:
                        type: object
                        properties:
                          certificate:
                            type: string
                            description: The name of the file certificate in the Secret.
                          secretName:
                            type: string
                            description: The name of the Secret containing the certificate.
                        required:
                          - certificate
                          - secretName
                      description: Trusted certificates for TLS connection.
                  description: >-
                    TLS configuration for connecting Kafka Bridge to the
                    cluster.
                authentication:
                  type: object
                  properties:
                    accessToken:
                      type: object
                      properties:
                        key:
                          type: string
                          description: >-
                            The key under which the secret value is stored in
                            the Kubernetes Secret.
                        secretName:
                          type: string
                          description: >-
                            The name of the Kubernetes Secret containing the
                            secret value.
                      required:
                        - key
                        - secretName
                      description: >-
                        Link to Kubernetes Secret containing the access token
                        which was obtained from the authorization server.
                    accessTokenIsJwt:
                      type: boolean
                      description: >-
                        Configure whether access token should be treated as JWT.
                        This should be set to `false` if the authorization
                        server returns opaque tokens. Defaults to `true`.
                    audience:
                      type: string
                      description: >-
                        OAuth audience to use when authenticating against the
                        authorization server. Some authorization servers require
                        the audience to be explicitly set. The possible values
                        depend on how the authorization server is configured. By
                        default, `audience` is not specified when performing the
                        token endpoint request.
                    certificateAndKey:
                      type: object
                      properties:
                        certificate:
                          type: string
                          description: The name of the file certificate in the Secret.
                        key:
                          type: string
                          description: The name of the private key in the Secret.
                        secretName:
                          type: string
                          description: The name of the Secret containing the certificate.
                      required:
                        - certificate
                        - key
                        - secretName
                      description: >-
                        Reference to the `Secret` which holds the certificate
                        and private key pair.
                    clientId:
                      type: string
                      description: >-
                        OAuth Client ID which the Kafka client can use to
                        authenticate against the OAuth server and use the token
                        endpoint URI.
                    clientSecret:
                      type: object
                      properties:
                        key:
                          type: string
                          description: >-
                            The key under which the secret value is stored in
                            the Kubernetes Secret.
                        secretName:
                          type: string
                          description: >-
                            The name of the Kubernetes Secret containing the
                            secret value.
                      required:
                        - key
                        - secretName
                      description: >-
                        Link to Kubernetes Secret containing the OAuth client
                        secret which the Kafka client can use to authenticate
                        against the OAuth server and use the token endpoint URI.
                    connectTimeoutSeconds:
                      type: integer
                      description: >-
                        The connect timeout in seconds when connecting to
                        authorization server. If not set, the effective connect
                        timeout is 60 seconds.
                    disableTlsHostnameVerification:
                      type: boolean
                      description: >-
                        Enable or disable TLS hostname verification. Default
                        value is `false`.
                    enableMetrics:
                      type: boolean
                      description: >-
                        Enable or disable OAuth metrics. Default value is
                        `false`.
                    httpRetries:
                      type: integer
                      description: >-
                        The maximum number of retries to attempt if an initial
                        HTTP request fails. If not set, the default is to not
                        attempt any retries.
                    httpRetryPauseMs:
                      type: integer
                      description: >-
                        The pause to take before retrying a failed HTTP request.
                        If not set, the default is to not pause at all but to
                        immediately repeat a request.
                    maxTokenExpirySeconds:
                      type: integer
                      description: >-
                        Set or limit time-to-live of the access tokens to the
                        specified number of seconds. This should be set if the
                        authorization server returns opaque tokens.
                    passwordSecret:
                      type: object
                      properties:
                        password:
                          type: string
                          description: >-
                            The name of the key in the Secret under which the
                            password is stored.
                        secretName:
                          type: string
                          description: The name of the Secret containing the password.
                      required:
                        - password
                        - secretName
                      description: Reference to the `Secret` which holds the password.
                    readTimeoutSeconds:
                      type: integer
                      description: >-
                        The read timeout in seconds when connecting to
                        authorization server. If not set, the effective read
                        timeout is 60 seconds.
                    refreshToken:
                      type: object
                      properties:
                        key:
                          type: string
                          description: >-
                            The key under which the secret value is stored in
                            the Kubernetes Secret.
                        secretName:
                          type: string
                          description: >-
                            The name of the Kubernetes Secret containing the
                            secret value.
                      required:
                        - key
                        - secretName
                      description: >-
                        Link to Kubernetes Secret containing the refresh token
                        which can be used to obtain access token from the
                        authorization server.
                    scope:
                      type: string
                      description: >-
                        OAuth scope to use when authenticating against the
                        authorization server. Some authorization servers require
                        this to be set. The possible values depend on how
                        authorization server is configured. By default `scope`
                        is not specified when doing the token endpoint request.
                    tlsTrustedCertificates:
                      type: array
                      items:
                        type: object
                        properties:
                          certificate:
                            type: string
                            description: The name of the file certificate in the Secret.
                          secretName:
                            type: string
                            description: The name of the Secret containing the certificate.
                        required:
                          - certificate
                          - secretName
                      description: >-
                        Trusted certificates for TLS connection to the OAuth
                        server.
                    tokenEndpointUri:
                      type: string
                      description: Authorization server token endpoint URI.
                    type:
                      type: string
                      enum:
                        - tls
                        - scram-sha-256
                        - scram-sha-512
                        - plain
                        - oauth
                      description: >-
                        Authentication type. Currently the supported types are
                        `tls`, `scram-sha-256`, `scram-sha-512`, `plain`, and
                        'oauth'. `scram-sha-256` and `scram-sha-512` types use
                        SASL SCRAM-SHA-256 and SASL SCRAM-SHA-512
                        Authentication, respectively. `plain` type uses SASL
                        PLAIN Authentication. `oauth` type uses SASL OAUTHBEARER
                        Authentication. The `tls` type uses TLS Client
                        Authentication. The `tls` type is supported only over
                        TLS connections.
                    username:
                      type: string
                      description: Username used for the authentication.
                  required:
                    - type
                  description: Authentication configuration for connecting to the cluster.
                http:
                  type: object
                  properties:
                    port:
                      type: integer
                      minimum: 1023
                      description: The port which is the server listening on.
                    cors:
                      type: object
                      properties:
                        allowedOrigins:
                          type: array
                          items:
                            type: string
                          description: >-
                            List of allowed origins. Java regular expressions
                            can be used.
                        allowedMethods:
                          type: array
                          items:
                            type: string
                          description: List of allowed HTTP methods.
                      required:
                        - allowedOrigins
                        - allowedMethods
                      description: CORS configuration for the HTTP Bridge.
                  description: The HTTP related configuration.
                adminClient:
                  type: object
                  properties:
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The Kafka AdminClient configuration used for AdminClient
                        instances created by the bridge.
                  description: Kafka AdminClient related configuration.
                consumer:
                  type: object
                  properties:
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The Kafka consumer configuration used for consumer
                        instances created by the bridge. Properties with the
                        following prefixes cannot be set: ssl.,
                        bootstrap.servers, group.id, sasl., security. (with the
                        exception of: ssl.endpoint.identification.algorithm,
                        ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols).
                  description: Kafka consumer related configuration.
                producer:
                  type: object
                  properties:
                    config:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: >-
                        The Kafka producer configuration used for producer
                        instances created by the bridge. Properties with the
                        following prefixes cannot be set: ssl.,
                        bootstrap.servers, sasl., security. (with the exception
                        of: ssl.endpoint.identification.algorithm,
                        ssl.cipher.suites, ssl.protocol, ssl.enabled.protocols).
                  description: Kafka producer related configuration.
                resources:
                  type: object
                  properties:
                    claims:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                    limits:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                    requests:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                  description: CPU and memory resources to reserve.
                jvmOptions:
                  type: object
                  properties:
                    '-XX':
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A map of -XX options to the JVM.
                    '-Xms':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xms option to to the JVM.'
                    '-Xmx':
                      type: string
                      pattern: '^[0-9]+[mMgG]?$'
                      description: '-Xmx option to to the JVM.'
                    gcLoggingEnabled:
                      type: boolean
                      description: >-
                        Specifies whether the Garbage Collection logging is
                        enabled. The default is false.
                    javaSystemProperties:
                      type: array
                      items:
                        type: object
                        properties:
                          name:
                            type: string
                            description: The system property name.
                          value:
                            type: string
                            description: The system property value.
                      description: >-
                        A map of additional system properties which will be
                        passed using the `-D` option to the JVM.
                  description: '**Currently not supported** JVM Options for pods.'
                logging:
                  type: object
                  properties:
                    loggers:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                      description: A Map from logger name to logger level.
                    type:
                      type: string
                      enum:
                        - inline
                        - external
                      description: 'Logging type, must be either ''inline'' or ''external''.'
                    valueFrom:
                      type: object
                      properties:
                        configMapKeyRef:
                          type: object
                          properties:
                            key:
                              type: string
                            name:
                              type: string
                            optional:
                              type: boolean
                          description: >-
                            Reference to the key in the ConfigMap containing the
                            configuration.
                      description: >-
                        `ConfigMap` entry where the logging configuration is
                        stored. 
                  required:
                    - type
                  description: Logging configuration for Kafka Bridge.
                clientRackInitImage:
                  type: string
                  description: >-
                    The image of the init container used for initializing the
                    `client.rack`.
                rack:
                  type: object
                  properties:
                    topologyKey:
                      type: string
                      example: topology.kubernetes.io/zone
                      description: >-
                        A key that matches labels assigned to the Kubernetes
                        cluster nodes. The value of the label is used to set a
                        broker's `broker.rack` config, and the `client.rack`
                        config for Kafka Connect or MirrorMaker 2.
                  required:
                    - topologyKey
                  description: >-
                    Configuration of the node label which will be used as the
                    client.rack consumer configuration.
                enableMetrics:
                  type: boolean
                  description: Enable the metrics for the Kafka Bridge. Default is false.
                livenessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod liveness checking.
                readinessProbe:
                  type: object
                  properties:
                    failureThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive failures for the probe to be
                        considered failed after having succeeded. Defaults to 3.
                        Minimum value is 1.
                    initialDelaySeconds:
                      type: integer
                      minimum: 0
                      description: >-
                        The initial delay before first the health is first
                        checked. Default to 15 seconds. Minimum value is 0.
                    periodSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        How often (in seconds) to perform the probe. Default to
                        10 seconds. Minimum value is 1.
                    successThreshold:
                      type: integer
                      minimum: 1
                      description: >-
                        Minimum consecutive successes for the probe to be
                        considered successful after having failed. Defaults to
                        1. Must be 1 for liveness. Minimum value is 1.
                    timeoutSeconds:
                      type: integer
                      minimum: 1
                      description: >-
                        The timeout for each attempted health check. Default to
                        5 seconds. Minimum value is 1.
                  description: Pod readiness checking.
                template:
                  type: object
                  properties:
                    deployment:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        deploymentStrategy:
                          type: string
                          enum:
                            - RollingUpdate
                            - Recreate
                          description: >-
                            Pod replacement strategy for deployment
                            configuration changes. Valid values are
                            `RollingUpdate` and `Recreate`. Defaults to
                            `RollingUpdate`.
                      description: Template for Kafka Bridge `Deployment`.
                    pod:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        imagePullSecrets:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                          description: >-
                            List of references to secrets in the same namespace
                            to use for pulling any of the images used by this
                            Pod. When the `STRIMZI_IMAGE_PULL_SECRETS`
                            environment variable in Cluster Operator and the
                            `imagePullSecrets` option are specified, only the
                            `imagePullSecrets` variable is used and the
                            `STRIMZI_IMAGE_PULL_SECRETS` variable is ignored.
                        securityContext:
                          type: object
                          properties:
                            fsGroup:
                              type: integer
                            fsGroupChangePolicy:
                              type: string
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            supplementalGroups:
                              type: array
                              items:
                                type: integer
                            sysctls:
                              type: array
                              items:
                                type: object
                                properties:
                                  name:
                                    type: string
                                  value:
                                    type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: >-
                            Configures pod-level security attributes and common
                            container settings.
                        terminationGracePeriodSeconds:
                          type: integer
                          minimum: 0
                          description: >-
                            The grace period is the duration in seconds after
                            the processes running in the pod are sent a
                            termination signal, and the time when the processes
                            are forcibly halted with a kill signal. Set this
                            value to longer than the expected cleanup time for
                            your process. Value must be a non-negative integer.
                            A zero value indicates delete immediately. You might
                            need to increase the grace period for very large
                            Kafka clusters, so that the Kafka brokers have
                            enough time to transfer their work to another broker
                            before they are terminated. Defaults to 30 seconds.
                        affinity:
                          type: object
                          properties:
                            nodeAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      preference:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: object
                                  properties:
                                    nodeSelectorTerms:
                                      type: array
                                      items:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchFields:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                            podAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                            podAntiAffinity:
                              type: object
                              properties:
                                preferredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      podAffinityTerm:
                                        type: object
                                        properties:
                                          labelSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaceSelector:
                                            type: object
                                            properties:
                                              matchExpressions:
                                                type: array
                                                items:
                                                  type: object
                                                  properties:
                                                    key:
                                                      type: string
                                                    operator:
                                                      type: string
                                                    values:
                                                      type: array
                                                      items:
                                                        type: string
                                              matchLabels:
                                                x-kubernetes-preserve-unknown-fields: true
                                                type: object
                                          namespaces:
                                            type: array
                                            items:
                                              type: string
                                          topologyKey:
                                            type: string
                                      weight:
                                        type: integer
                                requiredDuringSchedulingIgnoredDuringExecution:
                                  type: array
                                  items:
                                    type: object
                                    properties:
                                      labelSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaceSelector:
                                        type: object
                                        properties:
                                          matchExpressions:
                                            type: array
                                            items:
                                              type: object
                                              properties:
                                                key:
                                                  type: string
                                                operator:
                                                  type: string
                                                values:
                                                  type: array
                                                  items:
                                                    type: string
                                          matchLabels:
                                            x-kubernetes-preserve-unknown-fields: true
                                            type: object
                                      namespaces:
                                        type: array
                                        items:
                                          type: string
                                      topologyKey:
                                        type: string
                          description: The pod's affinity rules.
                        tolerations:
                          type: array
                          items:
                            type: object
                            properties:
                              effect:
                                type: string
                              key:
                                type: string
                              operator:
                                type: string
                              tolerationSeconds:
                                type: integer
                              value:
                                type: string
                          description: The pod's tolerations.
                        priorityClassName:
                          type: string
                          description: >-
                            The name of the priority class used to assign
                            priority to the pods. For more information about
                            priority classes, see {K8sPriorityClass}.
                        schedulerName:
                          type: string
                          description: >-
                            The name of the scheduler used to dispatch this
                            `Pod`. If not specified, the default scheduler will
                            be used.
                        hostAliases:
                          type: array
                          items:
                            type: object
                            properties:
                              hostnames:
                                type: array
                                items:
                                  type: string
                              ip:
                                type: string
                          description: >-
                            The pod's HostAliases. HostAliases is an optional
                            list of hosts and IPs that will be injected into the
                            Pod's hosts file if specified.
                        tmpDirSizeLimit:
                          type: string
                          pattern: '^([0-9.]+)([eEinumkKMGTP]*[-+]?[0-9]*)$'
                          description: >-
                            Defines the total amount (for example `1Gi`) of
                            local storage required for temporary EmptyDir volume
                            (`/tmp`). Default value is `5Mi`.
                        enableServiceLinks:
                          type: boolean
                          description: >-
                            Indicates whether information about services should
                            be injected into Pod's environment variables.
                        topologySpreadConstraints:
                          type: array
                          items:
                            type: object
                            properties:
                              labelSelector:
                                type: object
                                properties:
                                  matchExpressions:
                                    type: array
                                    items:
                                      type: object
                                      properties:
                                        key:
                                          type: string
                                        operator:
                                          type: string
                                        values:
                                          type: array
                                          items:
                                            type: string
                                  matchLabels:
                                    x-kubernetes-preserve-unknown-fields: true
                                    type: object
                              matchLabelKeys:
                                type: array
                                items:
                                  type: string
                              maxSkew:
                                type: integer
                              minDomains:
                                type: integer
                              nodeAffinityPolicy:
                                type: string
                              nodeTaintsPolicy:
                                type: string
                              topologyKey:
                                type: string
                              whenUnsatisfiable:
                                type: string
                          description: The pod's topology spread constraints.
                      description: Template for Kafka Bridge `Pods`.
                    apiService:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                        ipFamilyPolicy:
                          type: string
                          enum:
                            - SingleStack
                            - PreferDualStack
                            - RequireDualStack
                          description: >-
                            Specifies the IP Family Policy used by the service.
                            Available options are `SingleStack`,
                            `PreferDualStack` and `RequireDualStack`.
                            `SingleStack` is for a single IP family.
                            `PreferDualStack` is for two IP families on
                            dual-stack configured clusters or a single IP family
                            on single-stack clusters. `RequireDualStack` fails
                            unless there are two IP families on dual-stack
                            configured clusters. If unspecified, Kubernetes will
                            choose the default value based on the service type.
                            Available on Kubernetes 1.20 and newer.
                        ipFamilies:
                          type: array
                          items:
                            type: string
                            enum:
                              - IPv4
                              - IPv6
                          description: >-
                            Specifies the IP Families used by the service.
                            Available options are `IPv4` and `IPv6. If
                            unspecified, Kubernetes will choose the default
                            value based on the `ipFamilyPolicy` setting.
                            Available on Kubernetes 1.20 and newer.
                      description: Template for Kafka Bridge API `Service`.
                    podDisruptionBudget:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: >-
                            Metadata to apply to the
                            `PodDisruptionBudgetTemplate` resource.
                        maxUnavailable:
                          type: integer
                          minimum: 0
                          description: >-
                            Maximum number of unavailable pods to allow
                            automatic Pod eviction. A Pod eviction is allowed
                            when the `maxUnavailable` number of pods or fewer
                            are unavailable after the eviction. Setting this
                            value to 0 prevents all voluntary evictions, so the
                            pods must be evicted manually. Defaults to 1.
                      description: Template for Kafka Bridge `PodDisruptionBudget`.
                    bridgeContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for the Kafka Bridge container.
                    clusterRoleBinding:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Bridge ClusterRoleBinding.
                    serviceAccount:
                      type: object
                      properties:
                        metadata:
                          type: object
                          properties:
                            labels:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Labels added to the Kubernetes resource.
                            annotations:
                              x-kubernetes-preserve-unknown-fields: true
                              type: object
                              description: Annotations added to the Kubernetes resource.
                          description: Metadata applied to the resource.
                      description: Template for the Kafka Bridge service account.
                    initContainer:
                      type: object
                      properties:
                        env:
                          type: array
                          items:
                            type: object
                            properties:
                              name:
                                type: string
                                description: The environment variable key.
                              value:
                                type: string
                                description: The environment variable value.
                          description: >-
                            Environment variables which should be applied to the
                            container.
                        securityContext:
                          type: object
                          properties:
                            allowPrivilegeEscalation:
                              type: boolean
                            capabilities:
                              type: object
                              properties:
                                add:
                                  type: array
                                  items:
                                    type: string
                                drop:
                                  type: array
                                  items:
                                    type: string
                            privileged:
                              type: boolean
                            procMount:
                              type: string
                            readOnlyRootFilesystem:
                              type: boolean
                            runAsGroup:
                              type: integer
                            runAsNonRoot:
                              type: boolean
                            runAsUser:
                              type: integer
                            seLinuxOptions:
                              type: object
                              properties:
                                level:
                                  type: string
                                role:
                                  type: string
                                type:
                                  type: string
                                user:
                                  type: string
                            seccompProfile:
                              type: object
                              properties:
                                localhostProfile:
                                  type: string
                                type:
                                  type: string
                            windowsOptions:
                              type: object
                              properties:
                                gmsaCredentialSpec:
                                  type: string
                                gmsaCredentialSpecName:
                                  type: string
                                hostProcess:
                                  type: boolean
                                runAsUserName:
                                  type: string
                          description: Security context for the container.
                      description: Template for the Kafka Bridge init container.
                  description: >-
                    Template for Kafka Bridge resources. The template allows
                    users to specify how a `Deployment` and `Pod` is generated.
                tracing:
                  type: object
                  properties:
                    type:
                      type: string
                      enum:
                        - jaeger
                        - opentelemetry
                      description: >-
                        Type of the tracing used. Currently the only supported
                        types are `jaeger` for OpenTracing (Jaeger) tracing and
                        `opentelemetry` for OpenTelemetry tracing. The
                        OpenTracing (Jaeger) tracing is deprecated.
                  required:
                    - type
                  description: The configuration of tracing in Kafka Bridge.
              required:
                - bootstrapServers
              description: The specification of the Kafka Bridge.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                url:
                  type: string
                  description: >-
                    The URL at which external client applications can access the
                    Kafka Bridge.
                labelSelector:
                  type: string
                  description: Label selector for pods providing this resource.
                replicas:
                  type: integer
                  description: >-
                    The current number of pods being used to provide this
                    resource.
              description: The status of the Kafka Bridge.

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  name: strimzipodsets.core.strimzi.io
  labels:
    app: strimzi
    strimzi.io/crd-install: 'true'
spec:
  group: core.strimzi.io
  names:
    kind: StrimziPodSet
    listKind: StrimziPodSetList
    singular: strimzipodset
    plural: strimzipodsets
    shortNames:
      - sps
    categories:
      - strimzi
  scope: Namespaced
  conversion:
    strategy: None
  versions:
    - name: v1beta2
      served: true
      storage: true
      subresources:
        status: {}
      additionalPrinterColumns:
        - name: Pods
          description: Number of pods managed by the StrimziPodSet
          jsonPath: .status.pods
          type: integer
        - name: Ready Pods
          description: Number of ready pods managed by the StrimziPodSet
          jsonPath: .status.readyPods
          type: integer
        - name: Current Pods
          description: Number of up-to-date pods managed by the StrimziPodSet
          jsonPath: .status.currentPods
          type: integer
        - name: Age
          description: Age of the StrimziPodSet
          jsonPath: .metadata.creationTimestamp
          type: date
      schema:
        openAPIV3Schema:
          type: object
          properties:
            spec:
              type: object
              properties:
                selector:
                  type: object
                  properties:
                    matchExpressions:
                      type: array
                      items:
                        type: object
                        properties:
                          key:
                            type: string
                          operator:
                            type: string
                          values:
                            type: array
                            items:
                              type: string
                    matchLabels:
                      x-kubernetes-preserve-unknown-fields: true
                      type: object
                  description: >-
                    Selector is a label query which matches all the pods managed
                    by this `StrimziPodSet`. Only `matchLabels` is supported. If
                    `matchExpressions` is set, it will be ignored.
                pods:
                  type: array
                  items:
                    x-kubernetes-preserve-unknown-fields: true
                    type: object
                  description: The Pods managed by this StrimziPodSet.
              required:
                - selector
                - pods
              description: The specification of the StrimziPodSet.
            status:
              type: object
              properties:
                conditions:
                  type: array
                  items:
                    type: object
                    properties:
                      type:
                        type: string
                        description: >-
                          The unique identifier of a condition, used to
                          distinguish between other conditions in the resource.
                      status:
                        type: string
                        description: >-
                          The status of the condition, either True, False or
                          Unknown.
                      lastTransitionTime:
                        type: string
                        description: >-
                          Last time the condition of a type changed from one
                          status to another. The required format is
                          'yyyy-MM-ddTHH:mm:ssZ', in the UTC time zone.
                      reason:
                        type: string
                        description: >-
                          The reason for the condition's last transition (a
                          single word in CamelCase).
                      message:
                        type: string
                        description: >-
                          Human-readable message indicating details about the
                          condition's last transition.
                  description: List of status conditions.
                observedGeneration:
                  type: integer
                  description: >-
                    The generation of the CRD that was last reconciled by the
                    operator.
                pods:
                  type: integer
                  description: Number of pods managed by the StrimziPodSet controller.
                readyPods:
                  type: integer
                  description: >-
                    Number of pods managed by the StrimziPodSet controller that
                    are ready.
                currentPods:
                  type: integer
                  description: >-
                    Number of pods managed by the StrimziPodSet controller that
                    have the current revision.
              description: The status of the StrimziPodSet.