Devtron K8s Dashboard
  • Getting Started
    • Overview of Dashboard
    • Prerequisites
    • Install Modern Kubernetes Dashboard
  • User Guide
    • Explore Kubernetes Resources
      • Overview Page
      • Discover and Manage Resources
      • Nodes and Operations
      • Pod Management and Debugging
      • Cluster Terminal
      • Add Monitoring Dashboards/Graphs
      • Run Kubectl Commands Locally
    • Use Resource Watcher
    • Manage Helm Apps
    • Manage Argo CD Apps
    • Manage Flux CD Apps
    • Chart Store
      • Examples
        • Deploying MySQL Helm Chart
        • Deploying MongoDB Helm Chart
  • Operator Guide
    • Projects
    • Clusters
    • OCI Registry
    • Chart Repositories
    • Manage Authorization (RBAC)
      • SSO Login Services
        • Google
        • GitHub
        • GitLab
        • Microsoft
        • LDAP
        • OIDC
          • Keycloak
          • Okta
        • OpenShift
      • User Permissions
      • Permission Groups
      • API Tokens
    • External Links
    • Catalog Framework
    • Charts and Chart Store
    • Show/Hide Argo CD App Listing
    • Show/Hide Flux CD App Listing
    • Configure GUI Schema for Manifests
    • Configure Lock Schema for Manifests
  • Resources
    • Glossary
    • FAQ
Powered by GitBook
On this page
  • Introduction
  • Editing Lock Schema
  • Create your own Lock Schema
Export as PDF
  1. Operator Guide

Configure Lock Schema for Manifests

PreviousConfigure GUI Schema for ManifestsNextGlossary

Last updated 6 months ago

Introduction

In Devtron, you can create for defining lock schema. Your lock schema will be used to determine the fields (in the resource manifest) that cannot be added/updated/deleted by non-superadmins. This is especially useful for preventing unwanted edits to the manifests of pod, deployment, configmap, and many more.

Editing Lock Schema

  1. Go to Resource Browser and select your cluster.

  2. Use the searchbox labelled 'Jump to Kind' and search for LockSchema.

    Figure 1: Searching Lock Schema

  3. Click the Lock Schema you wish to edit. In case no Lock Schema exists, you may for your resource kind.

    Figure 2: Click Lock Schema

  4. Click Edit Live Manifest to modify the YAML.

    Figure 3: Edit Live Manifest

  5. Locate the lockedPaths list and specify the fields/paths you wish to lock from unwanted edits by non-superadmins in the manifest.

    Figure 4: Modifying Schema

  6. Click Apply Changes.

Create your own Lock Schema

  1. Go to Resource Browser and select your cluster.

  2. Click Create Resource at the top.

  3. Use the following template and specify the fields/paths you wish to lock in the lockedPaths list, also specify the resource kinds in applyTo. Once done, click Apply.

    Lock Schema for ConfigMap
    apiVersion: crd.devtron.ai/alpha1
kind: LockSchema
name: devtron-cm-lock-schema
spec:
applyTo:
    - group: ""
    kind: ConfigMap
    version: v1
lockedPaths:
    - data.ENABLE_CI_JOB
create a Lock Schema
CRDs