​Get

The Kubernetes resource type (= kind) (e.g., pod, service)

The Kubernetes resource apiGroup

The Kubernetes resource apiVersion

The connection parameters to the Kubernetes cluster

If no connection is defined, we try to load the connection from the current context in the following order:

1. System properties
2. Environment variables
3. Kube config file
4. Service account token and a mounted CA certificate.

You can pass a full configuration with all options if needed.

Default container spec applied to all containers in the pod

When set, these container spec fields are merged into all containers including:

• User-defined containers in the spec
• Init and sidecar containers for file transfer (unless fileSidecar.defaultSpec is set)

This provides a convenient way to apply uniform container settings across all containers, which is especially useful in restrictive environments like GovCloud.

Supports any valid Kubernetes container spec fields such as:

• securityContext: Security settings for all containers
• volumeMounts: Volume mounts to add to all containers
• resources: Resource limits/requests for all containers
• env: Environment variables for all containers

Merge behavior:

• For nested objects (like securityContext): deep merge, container-specific values take precedence
• For lists (like volumeMounts, env): concatenated, with defaults added first
• Container-specific values always override defaults

Example configuration:

containerDefaultSpec: 
  securityContext: 
    allowPrivilegeEscalation: false
    capabilities: 
      drop: 
      - ALL
    readOnlyRootFilesystem: true
    seccompProfile: 
      type: RuntimeDefault
  volumeMounts: 
    - name: tmp
      mountPath: /tmp
  resources: 
    limits: 
      memory: "256Mi"

The configuration of the file sidecar container that handles the download and upload of files

The files to create on the local filesystem – it can be a map or a JSON object.

The files will be available inside the kestra/working-dir directory of the container. You can use the special variable {{workingDir}} in your command to refer to it.

The namespace where the operation will be done

The Kubernetes namespace in which to execute the operation. Defaults to 'default' if not specified.

The files from the container filesystem to send to Kestra's internal storage

Only files created inside the kestra/working-dir directory of the container can be retrieved. Must be a list of glob expressions relative to the current working directory, some examples: my-dir/**, my-dir/*/** or my-dir/my-file.txt..

The Kubernetes resources names

The maximum duration to wait for pod completion

Maximum duration allowed for the pod to complete after reaching Running state. If the pod does not complete within this time, the task will fail and the pod will be deleted. Only used by PodCreate task.

The maximum duration to wait until the resource becomes ready

When set to a positive duration, waits for the resource to report Ready=True in its status conditions. Set to PT0S (zero, default) to skip waiting. Supports Pods, StatefulSets, and custom resources that use the Ready condition. Note: Deployments are not supported as they use the Available condition instead of Ready.

The maximum duration to wait until the pod is running

Maximum time to wait for the pod to reach Running state, including scheduler assignment, image pull, and container startup. Only used by PodCreate task.

The metadata for a single resource

Only available when fetchType is set to FETCH_ONE.

The metadata for multiple resources

Only available when fetchType is set to FETCH.

The count of the fetched or stored resources

The status for a single resource

Only available when fetchType is set to FETCH_ONE.

The status for multiple resources

Only available when fetchType is set to FETCH.

The output files URI in Kestra's internal storage

Only available when fetchType is set to STORE.

The number of rows fetch.