RolloutPolicy CRD Reference
Complete field reference for the RolloutPolicy custom resource (API version kubestead.io/v1alpha1).
Full schema example
rolloutpolicy-full.yaml
action: rollback
Steps
| Field | Type | Required | Description |
|---|---|---|---|
trafficPercent | integer | yes | Percentage of traffic routed to canary pods at this step (0-100). |
soakMinutes | integer | no | Minutes to wait after reaching target traffic before evaluating the gate. Default: 5. |
gate.query | string | no | PromQL, Datadog query string, or NRQL query evaluated against the current metric source. |
gate.threshold | float | no (if query set) | Numeric threshold. If the query result exceeds this (or falls below, depending on comparison), the step fails. |
gate.comparison | enum | no | lessThan (default) or greaterThan. |
Metric sources
Configure exactly one metric source per policy. Available sources:
| Source | Key | Plans |
|---|---|---|
| Prometheus | metricSource.prometheus | All |
| Datadog | metricSource.datadog | All |
| Grafana Mimir | metricSource.mimir | Team, Platform |
| VictoriaMetrics | metricSource.victoria | Team, Platform |
| New Relic | metricSource.newrelic | Team, Platform |
| InfluxDB | metricSource.influx | Team, Platform |
Notifications
Both onFailure.notify and onSuccess.notify accept the same configuration block:
| Field | Description |
|---|---|
slack | Channel name (e.g. #deploys-alerts). Requires Slack app configured in workspace settings. |
pagerduty.integrationKey | PagerDuty Events API v2 routing key. Use {{ secrets.KEY_NAME }} to reference Kubestead secrets store. |
opsgenie.apiKey | OpsGenie REST API key. |
webhook.url | Generic HTTPS webhook URL. Payload is JSON with event, deployment, rolloutPolicy, and metrics fields. |
RBAC (Platform plan)
Platform plan teams can restrict who can create, update, or delete RolloutPolicy objects. See the security page for an overview of the RBAC model.