v1alpha1

type AlertmanagerConfig struct {
	// TypeMeta defines the versioned schema of this representation of an object.
	metav1.TypeMeta `json:",inline"`
	// metadata defines ObjectMeta as the metadata that all persisted resources.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// spec defines the specification of AlertmanagerConfigSpec
	// +required
	Spec AlertmanagerConfigSpec `json:"spec"`
}

type AlertmanagerConfigList struct {
	// TypeMeta defines the versioned schema of this representation of an object.
	metav1.TypeMeta `json:",inline"`
	// metadata defines ListMeta as metadata for collection responses.
	metav1.ListMeta `json:"metadata,omitempty"`
	// List of AlertmanagerConfig
	Items []AlertmanagerConfig `json:"items"`
}

type AlertmanagerConfigSpec struct {
	// route defines the Alertmanager route definition for alerts matching the resource's
	// namespace. If present, it will be added to the generated Alertmanager
	// configuration as a first-level route.
	// +optional
	Route *Route `json:"route"`
	// receivers defines the list of receivers.
	// +optional
	Receivers []Receiver `json:"receivers"`
	// inhibitRules defines the list of inhibition rules. The rules will only apply to alerts matching
	// the resource's namespace.
	// +optional
	InhibitRules []InhibitRule `json:"inhibitRules,omitempty"`
	// muteTimeIntervals defines the list of MuteTimeInterval specifying when the routes should be muted.
	// +optional
	MuteTimeIntervals []MuteTimeInterval `json:"muteTimeIntervals,omitempty"`
}

type AttachMetadata struct {
	// node attaches node metadata to discovered targets.
	// When set to true, Prometheus must have the `get` permission on the
	// `Nodes` objects.
	// Only valid for Pod, Endpoint and Endpointslice roles.
	//
	// +optional
	Node *bool `json:"node,omitempty"`
}

type AuthenticationMethodType string

type AzureSDConfig struct {
	// environment defines the Azure environment.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Environment *string `json:"environment,omitempty"`
	// authenticationMethod defines the authentication method, either `OAuth` or `ManagedIdentity` or `SDK`.
	// See https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview
	// SDK authentication method uses environment variables by default.
	// See https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication
	// +optional
	AuthenticationMethod *AuthenticationMethodType `json:"authenticationMethod,omitempty"`
	// subscriptionID defines subscription ID. Always required.
	// +kubebuilder:validation:MinLength=1
	// +required
	SubscriptionID string `json:"subscriptionID"`
	// tenantID defines tenant ID. Only required with the OAuth authentication method.
	// +kubebuilder:validation:MinLength=1
	// +optional
	TenantID *string `json:"tenantID,omitempty"`
	// clientID defines client ID. Only required with the OAuth authentication method.
	// +kubebuilder:validation:MinLength=1
	// +optional
	ClientID *string `json:"clientID,omitempty"`
	// clientSecret defines client secret. Only required with the OAuth authentication method.
	// +optional
	ClientSecret *corev1.SecretKeySelector `json:"clientSecret,omitempty"`
	// resourceGroup defines resource group name. Limits discovery to this resource group.
	// Requires  Prometheus v2.35.0 and above
	// +kubebuilder:validation:MinLength=1
	// +optional
	ResourceGroup *string `json:"resourceGroup,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// instead be specified in the relabeling rule.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// basicAuth defines the information to authenticate against the target HTTP endpoint.
	// More info: https://prometheus.io/docs/operating/configuration/#endpoints
	// Cannot be set at the same time as `authorization`, or `oAuth2`.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the authorization header configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `oAuth2`, or `basicAuth`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// tlsConfig defies the TLS configuration applying to the target HTTP endpoint.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
}

type ConsulSDConfig struct {
	// server defines the consul server address. A valid string consisting of a hostname or IP followed by an optional port number.
	// +kubebuilder:validation:MinLength=1
	// +required
	Server string `json:"server"`
	// pathPrefix defines the prefix for URIs for when consul is behind an API gateway (reverse proxy).
	//
	// It requires Prometheus >= 2.45.0.
	// +kubebuilder:validation:MinLength=1
	// +optional
	PathPrefix *string `json:"pathPrefix,omitempty"`
	// tokenRef defines the consul ACL TokenRef, if not provided it will use the ACL from the local Consul Agent.
	// +optional
	TokenRef *corev1.SecretKeySelector `json:"tokenRef,omitempty"`
	// datacenter defines the consul Datacenter name, if not provided it will use the local Consul Agent Datacenter.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Datacenter *string `json:"datacenter,omitempty"`
	// namespace are only supported in Consul Enterprise.
	//
	// It requires Prometheus >= 2.28.0.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Namespace *string `json:"namespace,omitempty"`
	// partition defines the admin Partitions are only supported in Consul Enterprise.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Partition *string `json:"partition,omitempty"`
	// scheme defines the HTTP Scheme default "http"
	// +kubebuilder:validation:Enum=HTTP;HTTPS
	// +optional
	Scheme *string `json:"scheme,omitempty"`
	// services defines a list of services for which targets are retrieved. If omitted, all services are scraped.
	// +listType:=set
	// +optional
	Services []string `json:"services,omitempty"`
	// tags defines an optional list of tags used to filter nodes for a given service. Services must contain all tags in the list.
	// Starting with Consul 1.14, it is recommended to use `filter` with the `ServiceTags` selector instead.
	// +listType:=set
	// +optional
	Tags []string `json:"tags,omitempty"`
	// tagSeparator defines the string by which Consul tags are joined into the tag label.
	// If unset, Prometheus uses its default value.
	// +kubebuilder:validation:MinLength=1
	// +optional
	TagSeparator *string `json:"tagSeparator,omitempty"`
	// nodeMeta defines the node metadata key/value pairs to filter nodes for a given service.
	// Starting with Consul 1.14, it is recommended to use `filter` with the `NodeMeta` selector instead.
	// +mapType:=atomic
	// +optional
	NodeMeta map[string]string `json:"nodeMeta,omitempty"`
	// filter defines the filter expression used to filter the catalog results.
	// See https://www.consul.io/api-docs/catalog#list-services
	// It requires Prometheus >= 3.0.0.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Filter *string `json:"filter,omitempty"`
	// allowStale Consul results (see https://www.consul.io/api/features/consistency.html). Will reduce load on Consul.
	// If unset, Prometheus uses its default value.
	// +optional
	AllowStale *bool `json:"allowStale,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// basicAuth defines the information to authenticate against the Consul Server.
	// More info: https://prometheus.io/docs/operating/configuration/#endpoints
	// Cannot be set at the same time as `authorization`, or `oauth2`.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the header configuration to authenticate against the Consul Server.
	// Cannot be set at the same time as `basicAuth`, or `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHttp2 *bool `json:"enableHTTP2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
}

type DNSRecordType string

type DNSSDConfig struct {
	// names defines a list of DNS domain names to be queried.
	// +kubebuilder:validation:MinItems:=1
	// +kubebuilder:validation:items:MinLength=1
	// +required
	Names []string `json:"names"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// type defines the type of DNS query to perform. One of SRV, A, AAAA, MX or NS.
	// If not set, Prometheus uses its default value.
	//
	// When set to NS, it requires Prometheus >= v2.49.0.
	// When set to MX, it requires Prometheus >= v2.38.0
	//
	// +optional
	Type *DNSRecordType `json:"type,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// Ignored for SRV records
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
}

type DayOfMonthRange struct {
	// start of the inclusive range
	// +kubebuilder:validation:Minimum=-31
	// +kubebuilder:validation:Maximum=31
	// +optional
	Start int `json:"start,omitempty"`
	// end of the inclusive range
	// +kubebuilder:validation:Minimum=-31
	// +kubebuilder:validation:Maximum=31
	// +optional
	End int `json:"end,omitempty"`
}

type DigitalOceanSDConfig struct {
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
}

type DiscordConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiURL defines the secret's key that contains the Discord webhook URL.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +required
	APIURL v1.SecretKeySelector `json:"apiURL"`
	// title defines the template of the message's title.
	// +optional
	Title *string `json:"title,omitempty"`
	// message defines the template of the message's body.
	// +optional
	Message *string `json:"message,omitempty"`
	// content defines the template of the content's body.
	// +optional
	// +kubebuilder:validation:MinLength=1
	Content *string `json:"content,omitempty"`
	// username defines the username of the message sender.
	// +optional
	// +kubebuilder:validation:MinLength=1
	Username *string `json:"username,omitempty"`
	// avatarURL defines the avatar url of the message sender.
	// +optional
	AvatarURL *URL `json:"avatarURL,omitempty"`
	// httpConfig defines the HTTP client configuration.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type DockerSDConfig struct {
	// host defines the address of the docker daemon
	// +kubebuilder:validation:MinLength=1
	// +required
	Host string `json:"host"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optionals
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// hostNetworkingHost defines the host to use if the container is in host networking mode.
	// +kubebuilder:validation:MinLength=1
	// +optional
	HostNetworkingHost *string `json:"hostNetworkingHost,omitempty"`
	// matchFirstNetwork defines whether to match the first network if the container has multiple networks defined.
	// If unset, Prometheus uses true by default.
	// It requires Prometheus >= v2.54.1.
	//
	// +optional
	MatchFirstNetwork *bool `json:"matchFirstNetwork,omitempty"`
	// filters defines filters to limit the discovery process to a subset of the available resources.
	// +optional
	Filters Filters `json:"filters,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type DockerSwarmSDConfig struct {
	// host defines the address of the Docker daemon
	// +kubebuilder:validation:Pattern="^[a-zA-Z][a-zA-Z0-9+.-]*://.+$"
	// +required
	Host string `json:"host"`
	// role of the targets to retrieve. Must be `Services`, `Tasks`, or `Nodes`.
	// +kubebuilder:validation:Enum=Services;Tasks;Nodes
	// +required
	Role string `json:"role"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// tasks and services that don't have published ports.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// filters defines the filters to limit the discovery process to a subset of available
	// resources.
	// The available filters are listed in the upstream documentation:
	// Services: https://docs.docker.com/engine/api/v1.40/#operation/ServiceList
	// Tasks: https://docs.docker.com/engine/api/v1.40/#operation/TaskList
	// Nodes: https://docs.docker.com/engine/api/v1.40/#operation/NodeList
	// +optional
	Filters Filters `json:"filters,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type EC2SDConfig struct {
	// region defines the AWS region.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Region *string `json:"region,omitempty"`
	// accessKey defines the AWS API key.
	// +optional
	AccessKey *corev1.SecretKeySelector `json:"accessKey,omitempty"`
	// secretKey defines the AWS API secret.
	// +optional
	SecretKey *corev1.SecretKeySelector `json:"secretKey,omitempty"`
	// roleARN defines an alternative to using AWS API keys.
	// +kubebuilder:validation:MinLength=1
	// +optional
	RoleARN *string `json:"roleARN,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// instead be specified in the relabeling rule.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// filters can be used optionally to filter the instance list by other criteria.
	// Available filter criteria can be found here:
	// https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html
	// Filter API documentation: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Filter.html
	// It requires Prometheus >= v2.3.0
	// +optional
	Filters        Filters `json:"filters,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// It requires Prometheus >= v2.41.0
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// It requires Prometheus >= v2.41.0
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// It requires Prometheus >= v2.41.0
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type EmailConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// to defines the email address to send notifications to.
	// This is the recipient address for alert notifications.
	// +optional
	To string `json:"to,omitempty"`
	// from defines the sender address for email notifications.
	// This appears as the "From" field in the email header.
	// +optional
	From string `json:"from,omitempty"`
	// hello defines the hostname to identify to the SMTP server.
	// This is used in the SMTP HELO/EHLO command during the connection handshake.
	// +optional
	Hello string `json:"hello,omitempty"`
	// smarthost defines the SMTP host and port through which emails are sent.
	// Format should be "hostname:port", e.g. "smtp.example.com:587".
	// +optional
	Smarthost string `json:"smarthost,omitempty"`
	// authUsername defines the username to use for SMTP authentication.
	// This is used for SMTP AUTH when the server requires authentication.
	// +optional
	AuthUsername string `json:"authUsername,omitempty"`
	// authPassword defines the secret's key that contains the password to use for authentication.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	AuthPassword *v1.SecretKeySelector `json:"authPassword,omitempty"`
	// authSecret defines the secret's key that contains the CRAM-MD5 secret.
	// This is used for CRAM-MD5 authentication mechanism.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	AuthSecret *v1.SecretKeySelector `json:"authSecret,omitempty"`
	// authIdentity defines the identity to use for SMTP authentication.
	// This is typically used with PLAIN authentication mechanism.
	// +optional
	AuthIdentity string `json:"authIdentity,omitempty"`
	// headers defines additional email header key/value pairs.
	// These override any headers previously set by the notification implementation.
	// +optional
	Headers []KeyValue `json:"headers,omitempty"`
	// html defines the HTML body of the email notification.
	// This allows for rich formatting in the email content.
	// +optional
	HTML *string `json:"html,omitempty"`
	// text defines the plain text body of the email notification.
	// This provides a fallback for email clients that don't support HTML.
	// +optional
	Text *string `json:"text,omitempty"`
	// requireTLS defines the SMTP TLS requirement.
	// Note that Go does not support unencrypted connections to remote SMTP endpoints.
	// +optional
	RequireTLS *bool `json:"requireTLS,omitempty"`
	// tlsConfig defines the TLS configuration for SMTP connections.
	// This includes settings for certificates, CA validation, and TLS protocol options.
	// +optional
	TLSConfig *monitoringv1.SafeTLSConfig `json:"tlsConfig,omitempty"`
}

type EurekaSDConfig struct {
	// server defines the URL to connect to the Eureka server.
	// +kubebuilder:validation:Pattern:="^http(s)?://.+$"
	// +kubebuilder:validation:MinLength=1
	// +required
	Server string `json:"server"`
	// basicAuth defines the BasicAuth information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
}

type FileSDConfig struct {
	// files defines the list of files to be used for file discovery. Recommendation: use absolute paths. While relative paths work, the
	// prometheus-operator project makes no guarantees about the working directory where the configuration file is
	// stored.
	// Files must be mounted using Prometheus.ConfigMaps or Prometheus.Secrets.
	// +kubebuilder:validation:MinItems:=1
	// +listType=set
	// +required
	Files []SDFile `json:"files"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
}

type Filter struct {
	// name of the Filter.
	// +kubebuilder:vaidation:MinLength=1
	// +required
	Name string `json:"name"`
	// values defines values to filter on.
	//
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:items:MinLength=1
	// +listType=set
	// +required
	Values []string `json:"values"`
}

type Filters []Filter

type GCESDConfig struct {
	// project defines the Google Cloud Project ID
	// +kubebuilder:validation:MinLength:=1
	// +required
	Project string `json:"project"`
	// zone defines the zone of the scrape targets. If you need multiple zones use multiple GCESDConfigs.
	// +kubebuilder:validation:MinLength:=1
	// +required
	Zone string `json:"zone"`
	// filter defines the filter that can be used optionally to filter the instance list by other criteria
	// Syntax of this filter is described in the filter query parameter section:
	// https://cloud.google.com/compute/docs/reference/latest/instances/list
	// +kubebuilder:validation:MinLength:=1
	// +optional
	Filter *string `json:"filter,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// instead be specified in the relabeling rule.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// tagSeparator defines the tag separator is used to separate the tags on concatenation
	// +kubebuilder:validation:MinLength:=1
	// +optional
	TagSeparator *string `json:"tagSeparator,omitempty"`
}

type HTTPConfig struct {
	// authorization defines the authorization header configuration for the client.
	// This is mutually exclusive with BasicAuth and is only available starting from Alertmanager v0.22+.
	// +optional
	Authorization *monitoringv1.SafeAuthorization `json:"authorization,omitempty"`
	// basicAuth defines the basic authentication credentials for the client.
	// This is mutually exclusive with Authorization. If both are defined, BasicAuth takes precedence.
	// +optional
	BasicAuth *monitoringv1.BasicAuth `json:"basicAuth,omitempty"`
	// oauth2 defines the OAuth2 client credentials used to fetch a token for the targets.
	// This enables OAuth2 authentication flow for HTTP requests.
	// +optional
	OAuth2 *monitoringv1.OAuth2 `json:"oauth2,omitempty"`
	// bearerTokenSecret defines the secret's key that contains the bearer token to be used by the client
	// for authentication.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	BearerTokenSecret *v1.SecretKeySelector `json:"bearerTokenSecret,omitempty"`
	// tlsConfig defines the TLS configuration for the client.
	// This includes settings for certificates, CA validation, and TLS protocol options.
	// +optional
	TLSConfig *monitoringv1.SafeTLSConfig `json:"tlsConfig,omitempty"`

	// proxyURL defines an optional proxy URL for HTTP requests.
	// If defined, this field takes precedence over `proxyUrl`.
	//
	// +optional
	ProxyURLOriginal *string `json:"proxyURL,omitempty"`

	monitoringv1.ProxyConfig `json:",inline"`

	// followRedirects specifies whether the client should follow HTTP 3xx redirects.
	// When true, the client will automatically follow redirect responses.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`

	// enableHttp2 can be used to disable HTTP2.
	//
	// +optional
	EnableHTTP2 *bool `json:"enableHttp2,omitempty"`
}

type HTTPSDConfig struct {
	// url defines the URL from which the targets are fetched.
	// +kubebuilder:validation:MinLength:=1
	// +kubebuilder:validation:Pattern:="^http(s)?://.+$"
	// +required
	URL string `json:"url"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// More info: https://prometheus.io/docs/operating/configuration/#endpoints
	// Cannot be set at the same time as `authorization`, or `oAuth2`.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the authorization header configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `oAuth2`, or `basicAuth`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration applying to the target HTTP endpoint.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type HetznerSDConfig struct {
	// role defines the Hetzner role of entities that should be discovered.
	// +kubebuilder:validation:Enum=hcloud;Hcloud;robot;Robot
	// +required
	Role string `json:"role"`
	// basicAuth defines information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// labelSelector defines the label selector used to filter the servers when fetching them from the API.
	// It requires Prometheus >= v3.5.0.
	// +kubebuilder:validation:MinLength=1
	// +optional
	LabelSelector *string `json:"labelSelector,omitempty"`
}

type InhibitRule struct {
	// targetMatch defines matchers that have to be fulfilled in the alerts to be muted.
	// The operator enforces that the alert matches the resource's namespace.
	// When these conditions are met, matching alerts will be inhibited (silenced).
	// +optional
	TargetMatch []Matcher `json:"targetMatch,omitempty"`
	// sourceMatch defines matchers for which one or more alerts have to exist for the inhibition
	// to take effect. The operator enforces that the alert matches the resource's namespace.
	// These are the "trigger" alerts that cause other alerts to be inhibited.
	// +optional
	SourceMatch []Matcher `json:"sourceMatch,omitempty"`
	// equal defines labels that must have an equal value in the source and target alert
	// for the inhibition to take effect. This ensures related alerts are properly grouped.
	// +optional
	Equal []string `json:"equal,omitempty"`
}

type IonosSDConfig struct {
	// datacenterID defines the unique ID of the IONOS data center.
	// +kubebuilder:validation:MinLength=1
	// +required
	DataCenterID string `json:"datacenterID"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// authorization defines the  header configuration to authenticate against the IONOS.
	// Cannot be set at the same time as `oauth2`.
	// +required
	Authorization  v1.SafeAuthorization `json:"authorization"`
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
}

type K8SSelectorConfig struct {
	// role defines the type of Kubernetes resource to limit the service discovery to.
	// Accepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress.
	// +required
	Role KubernetesRole `json:"role"`
	// label defines an optional label selector to limit the service discovery to resources with specific labels and label values.
	// e.g: `node.kubernetes.io/instance-type=master`
	// +kubebuilder:validation:MinLength=1
	// +optional
	Label *string `json:"label,omitempty"`
	// field defines an optional field selector to limit the service discovery to resources which have fields with specific values.
	// e.g: `metadata.name=foobar`
	// +kubebuilder:validation:MinLength=1
	// +optional
	Field *string `json:"field,omitempty"`
}

type KeyValue struct {
	// key defines the key of the tuple.
	// This is the identifier or name part of the key-value pair.
	// +kubebuilder:validation:MinLength=1
	// +required
	Key string `json:"key"`
	// value defines the value of the tuple.
	// This is the data or content associated with the key.
	// +required
	Value string `json:"value"`
}

type KubernetesRole string

type KubernetesSDConfig struct {
	// apiServer defines the API server address consisting of a hostname or IP address followed
	// by an optional port number.
	// If left empty, Prometheus is assumed to run inside
	// of the cluster. It will discover API servers automatically and use the pod's
	// CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/.
	// +kubebuilder:validation:MinLength=1
	// +optional
	APIServer *string `json:"apiServer,omitempty"`
	// role defines the Kubernetes role of the entities that should be discovered.
	// Role `Endpointslice` requires Prometheus >= v2.21.0
	// +required
	Role KubernetesRole `json:"role"`
	// namespaces defines the namespace discovery. If omitted, Prometheus discovers targets across all namespaces.
	// +optional
	Namespaces *NamespaceDiscovery `json:"namespaces,omitempty"`
	// attachMetadata defines the metadata to attach to discovered targets.
	// It requires Prometheus >= v2.35.0 when using the `Pod` role and
	// Prometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles.
	// +optional
	AttachMetadata *AttachMetadata `json:"attachMetadata,omitempty"`
	// selectors defines the selector to select objects.
	// It requires Prometheus >= v2.17.0
	// +optional
	// +listType=map
	// +listMapKey=role
	Selectors []K8SSelectorConfig `json:"selectors,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// Cannot be set at the same time as `authorization`, or `oauth2`.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the authorization header to use on every scrape request.
	// Cannot be set at the same time as `basicAuth`, or `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Kubernetes API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
}

type KumaSDConfig struct {
	// server defines the address of the Kuma Control Plane's MADS xDS server.
	// +required
	Server URL `json:"server"`
	// clientID is used by Kuma Control Plane to compute Monitoring Assignment for specific Prometheus backend.
	// It requires Prometheus >= v2.50.0.
	// +kubebuilder:validation:MinLength=1
	// +optional
	ClientID *string `json:"clientID,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// fetchTimeout defines the time after which the monitoring assignments are refreshed.
	// +optional
	FetchTimeout *v1.Duration `json:"fetchTimeout,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type LightSailSDConfig struct {
	// region defines the AWS region.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Region *string `json:"region,omitempty"`
	// accessKey defines the AWS API key.
	// +optional
	AccessKey *corev1.SecretKeySelector `json:"accessKey,omitempty"`
	// secretKey defines the AWS API secret.
	// +optional
	SecretKey *corev1.SecretKeySelector `json:"secretKey,omitempty"`
	// roleARN defines the AWS Role ARN, an alternative to using AWS API keys.
	// +optional
	RoleARN *string `json:"roleARN,omitempty"`
	// endpoint defines the custom endpoint to be used.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Endpoint *string `json:"endpoint,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// Cannot be set at the same time as `authorization`, or `oauth2`.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type LinodeSDConfig struct {
	// region defines the region to filter on.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Region *string `json:"region,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// tagSeparator defines the string by which Linode Instance tags are joined into the tag label.el.
	// +kubebuilder:validation:MinLength=1
	// +optional
	TagSeparator *string `json:"tagSeparator,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type MSTeamsConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// webhookUrl defines the MSTeams webhook URL for sending notifications.
	// This is the incoming webhook URL configured in your Teams channel.
	// +required
	WebhookURL v1.SecretKeySelector `json:"webhookUrl"`
	// title defines the message title template for Teams notifications.
	// This appears as the main heading of the Teams message card.
	// +optional
	Title *string `json:"title,omitempty"`
	// summary defines the message summary template for Teams notifications.
	// This provides a brief overview that appears in Teams notification previews.
	// It requires Alertmanager >= 0.27.0.
	// +optional
	Summary *string `json:"summary,omitempty"`
	// text defines the message body template for Teams notifications.
	// This contains the detailed content of the Teams message.
	// +optional
	Text *string `json:"text,omitempty"`
	// httpConfig defines the HTTP client configuration for Teams webhook requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type MSTeamsV2Config struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// webhookURL defines the MSTeams incoming webhook URL for adaptive card notifications.
	// This webhook must support the newer adaptive cards format required by Teams flows.
	// +optional
	WebhookURL *v1.SecretKeySelector `json:"webhookURL,omitempty"`
	// title defines the message title template for adaptive card notifications.
	// This appears as the main heading in the Teams adaptive card.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Title *string `json:"title,omitempty"`
	// text defines the message body template for adaptive card notifications.
	// This contains the detailed content displayed in the Teams adaptive card format.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Text *string `json:"text,omitempty"`
	// httpConfig defines the HTTP client configuration for Teams webhook requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type MatchType string

type Matcher struct {
	// name defines the label to match.
	// This specifies which alert label should be evaluated.
	// +kubebuilder:validation:MinLength=1
	// +required
	Name string `json:"name"`
	// value defines the label value to match.
	// This is the expected value for the specified label.
	// +optional
	Value string `json:"value"`
	// matchType defines the match operation available with AlertManager >= v0.22.0.
	// Takes precedence over Regex (deprecated) if non-empty.
	// Valid values: "=" (equality), "!=" (inequality), "=~" (regex match), "!~" (regex non-match).
	// +kubebuilder:validation:Enum=!=;=;=~;!~
	// +optional
	MatchType MatchType `json:"matchType,omitempty"`
	// regex defines whether to match on equality (false) or regular-expression (true).
	// Deprecated: for AlertManager >= v0.22.0, `matchType` should be used instead.
	// +optional
	Regex bool `json:"regex,omitempty"`
}

type Month string

type MonthRange string

type MuteTimeInterval struct {
	// name of the time interval
	// +required
	Name string `json:"name,omitempty"`
	// timeIntervals defines a list of TimeInterval
	// +optional
	TimeIntervals []TimeInterval `json:"timeIntervals,omitempty"`
}

type NamespaceDiscovery struct {
	// ownNamespace includes the namespace in which the Prometheus pod runs to the list of watched namespaces.
	// +optional
	IncludeOwnNamespace *bool `json:"ownNamespace,omitempty"`
	// names defines a list of namespaces where to watch for resources.
	// If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces.
	// +listType=set
	// +optional
	Names []string `json:"names,omitempty"`
}

type NomadSDConfig struct {
	// allowStale defines the information to access the Nomad API. It is to be defined
	// as the Nomad documentation requires.
	// +optional
	AllowStale *bool `json:"allowStale,omitempty"`
	// namespace defines the Nomad namespace to query for service discovery.
	// When specified, only resources within this namespace will be discovered.
	// +optional
	Namespace *string `json:"namespace,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// region defines the Nomad region to query for service discovery.
	// When specified, only resources within this region will be discovered.
	// +optional
	Region *string `json:"region,omitempty"`
	// server defines the Nomad server address to connect to for service discovery.
	// This should be the full URL including protocol (e.g., "https://nomad.example.com:4646").
	// +kubebuilder:validation:MinLength=1
	// +required
	Server string `json:"server"`
	// tagSeparator defines the separator used to join multiple tags.
	// This determines how Nomad service tags are concatenated into Prometheus labels.
	// +optional
	TagSeparator *string `json:"tagSeparator,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type OVHCloudSDConfig struct {
	// applicationKey defines the access key to use for OVHCloud API authentication.
	// This is obtained from the OVHCloud API credentials at https://api.ovh.com.
	// +kubebuilder:validation:MinLength=1
	// +required
	ApplicationKey string `json:"applicationKey"`
	// applicationSecret defines the secret key for OVHCloud API authentication.
	// This contains the application secret obtained during OVHCloud API credential creation.
	// +required
	ApplicationSecret corev1.SecretKeySelector `json:"applicationSecret"`
	// consumerKey defines the consumer key for OVHCloud API authentication.
	// This is the third component of OVHCloud's three-key authentication system.
	// +required
	ConsumerKey corev1.SecretKeySelector `json:"consumerKey"`
	// service defines the service type of the targets to retrieve.
	// Must be either `VPS` or `DedicatedServer` to specify which OVHCloud resources to discover.
	// +required
	Service OVHService `json:"service"`
	// endpoint defines a custom API endpoint to be used.
	// When not specified, defaults to the standard OVHCloud API endpoint for the region.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Endpoint *string `json:"endpoint,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
}

type OVHService string

type OpenStackRole string

type OpenStackSDConfig struct {
	// role defines the OpenStack role of entities that should be discovered.
	//
	// Note: The `LoadBalancer` role requires Prometheus >= v3.2.0.
	//
	// +required
	Role OpenStackRole `json:"role"`
	// region defines the OpenStack Region.
	// +kubebuilder:validation:MinLength:=1
	// +required
	Region string `json:"region"`
	// identityEndpoint defines the HTTP endpoint that is required to work with
	// the Identity API of the appropriate version.
	// +kubebuilder:validation:Pattern:=`^http(s)?:\/\/.+$`
	// +optional
	IdentityEndpoint *string `json:"identityEndpoint,omitempty"`
	// username defines the username required if using Identity V2 API. Consult with your provider's
	// control panel to discover your account's username.
	// In Identity V3, either userid or a combination of username
	// and domainId or domainName are needed
	// +kubebuilder:validation:MinLength:=1
	// +optional
	Username *string `json:"username,omitempty"`
	// userid defines the OpenStack userid.
	// +kubebuilder:validation:MinLength:=1
	// +optional
	UserID *string `json:"userid,omitempty"`
	// password defines the password for the Identity V2 and V3 APIs. Consult with your provider's
	// control panel to discover your account's preferred method of authentication.
	// +optional
	Password *corev1.SecretKeySelector `json:"password,omitempty"`
	// domainName defines at most one of domainId and domainName that must be provided if using username
	// with Identity V3. Otherwise, either are optional.
	// +kubebuilder:validation:MinLength:=1
	// +optional
	DomainName *string `json:"domainName,omitempty"`
	// domainID defines The OpenStack domainID.
	// +kubebuilder:validation:MinLength:=1
	// +optional
	DomainID *string `json:"domainID,omitempty"`
	// projectName defines an optional field for the Identity V2 API.
	// Some providers allow you to specify a ProjectName instead of the ProjectId.
	// Some require both. Your provider's authentication policies will determine
	// how these fields influence authentication.
	// +kubebuilder:validation:MinLength:=1
	// +optional
	ProjectName *string `json:"projectName,omitempty"`
	// projectID defines the OpenStack projectID.
	// +kubebuilder:validation:MinLength:=1
	// +optional
	ProjectID *string `json:"projectID,omitempty"`
	// applicationCredentialName defines the ApplicationCredentialID or ApplicationCredentialName fields are
	// required if using an application credential to authenticate. Some providers
	// allow you to create an application credential to authenticate rather than a
	// password.
	// +kubebuilder:validation:MinLength:=1
	// +optional
	ApplicationCredentialName *string `json:"applicationCredentialName,omitempty"`
	// applicationCredentialId defines the OpenStack applicationCredentialId.
	// +optional
	ApplicationCredentialID *string `json:"applicationCredentialId,omitempty"`
	// applicationCredentialSecret defines the required field if using an application
	// credential to authenticate.
	// +optional
	ApplicationCredentialSecret *corev1.SecretKeySelector `json:"applicationCredentialSecret,omitempty"`
	// allTenants defines whether the service discovery should list all instances for all projects.
	// It is only relevant for the 'instance' role and usually requires admin permissions.
	// +optional
	AllTenants *bool `json:"allTenants,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// instead be specified in the relabeling rule.
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// availability defines the availability of the endpoint to connect to.
	// +kubebuilder:validation:Enum=Public;public;Admin;admin;Internal;internal
	// +optional
	Availability *string `json:"availability,omitempty"`
	// tlsConfig defines the TLS configuration applying to the target HTTP endpoint.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
}

type OpsGenieConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiKey defines the secret's key that contains the OpsGenie API key.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	APIKey *v1.SecretKeySelector `json:"apiKey,omitempty"`
	// apiURL defines the URL to send OpsGenie API requests to.
	// When not specified, defaults to the standard OpsGenie API endpoint.
	// +optional
	APIURL string `json:"apiURL,omitempty"`
	// message defines the alert text limited to 130 characters.
	// This appears as the main alert title in OpsGenie.
	// +optional
	Message string `json:"message,omitempty"`
	// description defines the detailed description of the incident.
	// This provides additional context beyond the message field.
	// +optional
	Description string `json:"description,omitempty"`
	// source defines the backlink to the sender of the notification.
	// This helps identify where the alert originated from.
	// +optional
	Source string `json:"source,omitempty"`
	// tags defines a comma separated list of tags attached to the notifications.
	// These help categorize and filter alerts within OpsGenie.
	// +optional
	Tags string `json:"tags,omitempty"`
	// note defines an additional alert note.
	// This provides supplementary information about the alert.
	// +optional
	Note string `json:"note,omitempty"`
	// priority defines the priority level of alert.
	// Possible values are P1, P2, P3, P4, and P5, where P1 is highest priority.
	// +optional
	Priority string `json:"priority,omitempty"`
	// updateAlerts defines Whether to update message and description of the alert in OpsGenie if it already exists
	// By default, the alert is never updated in OpsGenie, the new message only appears in activity log.
	// +optional
	UpdateAlerts *bool `json:"updateAlerts,omitempty"`
	// details defines a set of arbitrary key/value pairs that provide further detail about the incident.
	// These appear as additional fields in the OpsGenie alert.
	// +optional
	Details []KeyValue `json:"details,omitempty"`
	// responders defines the list of responders responsible for notifications.
	// These determine who gets notified when the alert is created.
	// +optional
	Responders []OpsGenieConfigResponder `json:"responders,omitempty"`
	// httpConfig defines the HTTP client configuration for OpsGenie API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
	// entity defines an optional field that can be used to specify which domain alert is related to.
	// This helps group related alerts together in OpsGenie.
	// +optional
	Entity string `json:"entity,omitempty"`
	// actions defines a comma separated list of actions that will be available for the alert.
	// These appear as action buttons in the OpsGenie interface.
	// +optional
	Actions string `json:"actions,omitempty"`
}

type OpsGenieConfigResponder struct {
	// id defines the unique identifier of the responder.
	// This corresponds to the responder's ID within OpsGenie.
	// +optional
	ID string `json:"id,omitempty"`
	// name defines the display name of the responder.
	// This is used when the responder is identified by name rather than ID.
	// +optional
	Name string `json:"name,omitempty"`
	// username defines the username of the responder.
	// This is typically used for user-type responders when identifying by username.
	// +optional
	Username string `json:"username,omitempty"`
	// type defines the type of responder.
	// Valid values include "user", "team", "schedule", and "escalation".
	// This determines how OpsGenie interprets the other identifier fields.
	// +kubebuilder:validation:MinLength=1
	// +kubebuilder:validation:Enum=team;teams;user;escalation;schedule
	// +required
	Type string `json:"type"`
}

type PagerDutyConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// routingKey defines the secret's key that contains the PagerDuty integration key (when using
	// Events API v2). Either this field or `serviceKey` needs to be defined.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	RoutingKey *v1.SecretKeySelector `json:"routingKey,omitempty"`
	// serviceKey defines the secret's key that contains the PagerDuty service key (when using
	// integration type "Prometheus"). Either this field or `routingKey` needs to
	// be defined.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	ServiceKey *v1.SecretKeySelector `json:"serviceKey,omitempty"`
	// url defines the URL to send requests to.
	// +optional
	URL string `json:"url,omitempty"`
	// client defines the client identification.
	// +optional
	Client string `json:"client,omitempty"`
	// clientURL defines the backlink to the sender of notification.
	// +optional
	ClientURL string `json:"clientURL,omitempty"`
	// description of the incident.
	// +optional
	Description string `json:"description,omitempty"`
	// severity of the incident.
	// +optional
	Severity string `json:"severity,omitempty"`
	// class defines the class/type of the event.
	// +optional
	Class string `json:"class,omitempty"`
	// group defines a cluster or grouping of sources.
	// +optional
	Group string `json:"group,omitempty"`
	// component defines the part or component of the affected system that is broken.
	// +optional
	Component string `json:"component,omitempty"`
	// details defines the arbitrary key/value pairs that provide further detail about the incident.
	// +optional
	Details []KeyValue `json:"details,omitempty"`
	// pagerDutyImageConfigs defines a list of image details to attach that provide further detail about an incident.
	// +optional
	PagerDutyImageConfigs []PagerDutyImageConfig `json:"pagerDutyImageConfigs,omitempty"`
	// pagerDutyLinkConfigs defines a list of link details to attach that provide further detail about an incident.
	// +optional
	PagerDutyLinkConfigs []PagerDutyLinkConfig `json:"pagerDutyLinkConfigs,omitempty"`
	// httpConfig defines the HTTP client configuration.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
	// source defines the unique location of the affected system.
	// +optional
	Source *string `yaml:"source,omitempty" json:"source,omitempty"`
}

type PagerDutyImageConfig struct {
	// src of the image being attached to the incident
	// +optional
	Src string `json:"src,omitempty"`
	// href defines the optional URL; makes the image a clickable link.
	// +optional
	Href string `json:"href,omitempty"`
	// alt is the optional alternative text for the image.
	// +optional
	Alt string `json:"alt,omitempty"`
}

type PagerDutyLinkConfig struct {
	// href defines the URL of the link to be attached
	// +optional
	Href string `json:"href,omitempty"`
	// alt defines the text that describes the purpose of the link, and can be used as the link's text.
	// +optional
	Text string `json:"alt,omitempty"`
}

type ParsedRange struct {
	// start defines the beginning of the range
	// +optional
	Start int `json:"start,omitempty"`
	// end defines the end of the range
	// +optional
	End int `json:"end,omitempty"`
}

type PrometheusAgent struct {
	// TypeMeta defines the versioned schema of this representation of an object.
	metav1.TypeMeta `json:",inline"`
	// metadata defines ObjectMeta as the metadata that all persisted resources.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// spec defines the specification of the desired behavior of the Prometheus agent. More info:
	// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
	// +required
	Spec PrometheusAgentSpec `json:"spec"`
	// status defines the most recent observed status of the Prometheus cluster. Read-only.
	// More info:
	// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
	// +optional
	Status monitoringv1.PrometheusStatus `json:"status,omitempty"`
}

type PrometheusAgentList struct {
	// TypeMeta defines the versioned schema of this representation of an object.
	metav1.TypeMeta `json:",inline"`
	// metadata defines ListMeta as metadata for collection responses.
	metav1.ListMeta `json:"metadata,omitempty"`
	// List of Prometheus agents
	Items []PrometheusAgent `json:"items"`
}

type PrometheusAgentMode string

type PrometheusAgentSpec struct {
	// mode defines how the Prometheus operator deploys the PrometheusAgent pod(s).
	//
	// (Alpha) Using this field requires the `PrometheusAgentDaemonSet` feature gate to be enabled.
	//
	// +optional
	Mode *PrometheusAgentMode `json:"mode,omitempty"`

	monitoringv1.CommonPrometheusFields `json:",inline"`
}

type PuppetDBSDConfig struct {
	// url defines the URL of the PuppetDB root query endpoint.
	// +kubebuilder:validation:MinLength:=1
	// +kubebuilder:validation:Pattern:="^http(s)?://.+$"
	// +required
	URL string `json:"url"`
	// query defines the Puppet Query Language (PQL) query. Only resources are supported.
	// https://puppet.com/docs/puppetdb/latest/api/query/v4/pql.html
	// +kubebuilder:validation:MinLength=1
	// +required
	Query string `json:"query"`
	// includeParameters defines whether to include the parameters as meta labels.
	// Note: Enabling this exposes parameters in the Prometheus UI and API. Make sure
	// that you don't have secrets exposed as parameters if you enable this.
	// +optional
	IncludeParameters *bool `json:"includeParameters,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// Cannot be set at the same time as `authorization`, or `oauth2`.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the  header configuration to authenticate against the DigitalOcean API.
	// Cannot be set at the same time as `oauth2`.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the optional OAuth 2.0 configuration to authenticate against the target HTTP endpoint.
	// Cannot be set at the same time as `authorization`, or `basicAuth`.
	// +optional
	OAuth2         *v1.OAuth2 `json:"oauth2,omitempty"`
	v1.ProxyConfig `json:",inline"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
}

type PushoverConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// userKey defines the secret's key that contains the recipient user's user key.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// Either `userKey` or `userKeyFile` is required.
	// +optional
	UserKey *v1.SecretKeySelector `json:"userKey,omitempty"`
	// userKeyFile defines the user key file that contains the recipient user's user key.
	// Either `userKey` or `userKeyFile` is required.
	// It requires Alertmanager >= v0.26.0.
	// +optional
	UserKeyFile *string `json:"userKeyFile,omitempty"`
	// token defines the secret's key that contains the registered application's API token.
	// See https://pushover.net/apps for application registration.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// Either `token` or `tokenFile` is required.
	// +optional
	Token *v1.SecretKeySelector `json:"token,omitempty"`
	// tokenFile defines the token file that contains the registered application's API token.
	// See https://pushover.net/apps for application registration.
	// Either `token` or `tokenFile` is required.
	// It requires Alertmanager >= v0.26.0.
	// +optional
	TokenFile *string `json:"tokenFile,omitempty"`
	// title defines the notification title displayed in the Pushover message.
	// This appears as the bold header text in the notification.
	// +optional
	Title string `json:"title,omitempty"`
	// message defines the notification message content.
	// This is the main body text of the Pushover notification.
	// +optional
	Message string `json:"message,omitempty"`
	// url defines a supplementary URL shown alongside the message.
	// This creates a clickable link within the Pushover notification.
	// +optional
	URL string `json:"url,omitempty"`
	// urlTitle defines a title for the supplementary URL.
	// If not specified, the raw URL is shown instead.
	// +optional
	URLTitle string `json:"urlTitle,omitempty"`
	// ttl defines the time to live for the alert notification.
	// This determines how long the notification remains active before expiring.
	// +optional
	TTL *monitoringv1.Duration `json:"ttl,omitempty"`
	// device defines the name of a specific device to send the notification to.
	// If not specified, the notification is sent to all user's devices.
	// +optional
	Device *string `json:"device,omitempty"`
	// sound defines the name of one of the sounds supported by device clients.
	// This overrides the user's default sound choice for this notification.
	// +optional
	Sound string `json:"sound,omitempty"`
	// priority defines the notification priority level.
	// See https://pushover.net/api#priority for valid values and behavior.
	// +optional
	Priority string `json:"priority,omitempty"`
	// retry defines how often the Pushover servers will send the same notification to the user.
	// Must be at least 30 seconds. Only applies to priority 2 notifications.
	// +kubebuilder:validation:Pattern=`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// +optional
	Retry string `json:"retry,omitempty"`
	// expire defines how long your notification will continue to be retried for,
	// unless the user acknowledges the notification. Only applies to priority 2 notifications.
	// +kubebuilder:validation:Pattern=`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// +optional
	Expire string `json:"expire,omitempty"`
	// html defines whether notification message is HTML or plain text.
	// When true, the message can include HTML formatting tags.
	// +optional
	HTML bool `json:"html,omitempty"`
	// httpConfig defines the HTTP client configuration for Pushover API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type Receiver struct {
	// name defines the name of the receiver. Must be unique across all items from the list.
	// +kubebuilder:validation:MinLength=1
	// +required
	Name string `json:"name"`
	// opsgenieConfigs defines the list of OpsGenie configurations.
	// +optional
	OpsGenieConfigs []OpsGenieConfig `json:"opsgenieConfigs,omitempty"`
	// pagerdutyConfigs defines the List of PagerDuty configurations.
	// +optional
	PagerDutyConfigs []PagerDutyConfig `json:"pagerdutyConfigs,omitempty"`
	// discordConfigs defines the list of Slack configurations.
	// +optional
	DiscordConfigs []DiscordConfig `json:"discordConfigs,omitempty"`
	// slackConfigs defines the list of Slack configurations.
	// +optional
	SlackConfigs []SlackConfig `json:"slackConfigs,omitempty"`
	// webhookConfigs defines the List of webhook configurations.
	// +optional
	WebhookConfigs []WebhookConfig `json:"webhookConfigs,omitempty"`
	// wechatConfigs defines the list of WeChat configurations.
	// +optional
	WeChatConfigs []WeChatConfig `json:"wechatConfigs,omitempty"`
	// emailConfigs defines the list of Email configurations.
	// +optional
	EmailConfigs []EmailConfig `json:"emailConfigs,omitempty"`
	// victoropsConfigs defines the list of VictorOps configurations.
	// +optional
	VictorOpsConfigs []VictorOpsConfig `json:"victoropsConfigs,omitempty"`
	// pushoverConfigs defines the list of Pushover configurations.
	// +optional
	PushoverConfigs []PushoverConfig `json:"pushoverConfigs,omitempty"`
	// snsConfigs defines the list of SNS configurations
	// +optional
	SNSConfigs []SNSConfig `json:"snsConfigs,omitempty"`
	// telegramConfigs defines the list of Telegram configurations.
	// +optional
	TelegramConfigs []TelegramConfig `json:"telegramConfigs,omitempty"`
	// webexConfigs defines the list of Webex configurations.
	// +optional
	WebexConfigs []WebexConfig `json:"webexConfigs,omitempty"`
	// msteamsConfigs defines the list of MSTeams configurations.
	// It requires Alertmanager >= 0.26.0.
	// +optional
	MSTeamsConfigs []MSTeamsConfig `json:"msteamsConfigs,omitempty"`
	// msteamsv2Configs defines the list of MSTeamsV2 configurations.
	// It requires Alertmanager >= 0.28.0.
	// +optional
	MSTeamsV2Configs []MSTeamsV2Config `json:"msteamsv2Configs,omitempty"`
	// rocketchatConfigs defines the list of RocketChat configurations.
	// It requires Alertmanager >= 0.28.0.
	// +optional
	RocketChatConfigs []RocketChatConfig `json:"rocketchatConfigs,omitempty"`
}

type RocketChatActionConfig struct {
	// text defines the button text displayed to users.
	// This is the label that appears on the interactive button.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Text *string `json:"text,omitempty"`
	// url defines the URL the button links to when clicked.
	// This creates a clickable button that opens the specified URL.
	// +optional
	URL *URL `json:"url,omitempty"`
	// msg defines the message to send when the button is clicked.
	// This allows the button to post a predefined message to the channel.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Msg *string `json:"msg,omitempty"`
}

type RocketChatConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiURL defines the API URL for RocketChat.
	// Defaults to https://open.rocket.chat/ if not specified.
	// +optional
	APIURL *URL `json:"apiURL,omitempty"`
	// channel defines the channel to send alerts to.
	// This can be a channel name (e.g., "#alerts") or a direct message recipient.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Channel *string `json:"channel,omitempty"`
	// token defines the sender token for RocketChat authentication.
	// This is the personal access token or bot token used to authenticate API requests.
	// +required
	Token v1.SecretKeySelector `json:"token,omitempty"`
	// tokenID defines the sender token ID for RocketChat authentication.
	// This is the user ID associated with the token used for API requests.
	// +required
	TokenID v1.SecretKeySelector `json:"tokenID,omitempty"`
	// color defines the message color displayed in RocketChat.
	// This appears as a colored bar alongside the message.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Color *string `json:"color,omitempty"`
	// emoji defines the emoji to be displayed as an avatar.
	// If provided, this emoji will be used instead of the default avatar or iconURL.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Emoji *string `json:"emoji,omitempty"`
	// iconURL defines the icon URL for the message avatar.
	// This displays a custom image as the message sender's avatar.
	// +optional
	IconURL *URL `json:"iconURL,omitempty"`
	// text defines the message text to send.
	// This is optional because attachments can be used instead of or alongside text.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Text *string `json:"text,omitempty"`
	// title defines the message title displayed prominently in the message.
	// This appears as bold text at the top of the message attachment.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Title *string `json:"title,omitempty"`
	// titleLink defines the URL that the title will link to when clicked.
	// This makes the message title clickable in the RocketChat interface.
	// +kubebuilder:validation:MinLength=1
	// +optional
	TitleLink *string `json:"titleLink,omitempty"`
	// fields defines additional fields for the message attachment.
	// These appear as structured key-value pairs within the message.
	// +kubebuilder:validation:MinItems=1
	// +optional
	Fields []RocketChatFieldConfig `json:"fields,omitempty"`
	// shortFields defines whether to use short fields in the message layout.
	// When true, fields may be displayed side by side to save space.
	// +optional
	ShortFields *bool `json:"shortFields,omitempty"`
	// imageURL defines the image URL to display within the message.
	// This embeds an image directly in the message attachment.
	// +optional
	ImageURL *URL `json:"imageURL,omitempty"`
	// thumbURL defines the thumbnail URL for the message.
	// This displays a small thumbnail image alongside the message content.
	// +optional
	ThumbURL *URL `json:"thumbURL,omitempty"`
	// linkNames defines whether to enable automatic linking of usernames and channels.
	// When true, @username and #channel references become clickable links.
	// +optional
	LinkNames *bool `json:"linkNames,omitempty"`
	// actions defines interactive actions to include in the message.
	// These appear as buttons that users can click to trigger responses.
	// +kubebuilder:validation:MinItems=1
	// +optional
	Actions []RocketChatActionConfig `json:"actions,omitempty"`
	// httpConfig defines the HTTP client configuration for RocketChat API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type RocketChatFieldConfig struct {
	// title defines the title of this field.
	// This appears as bold text labeling the field content.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Title *string `json:"title,omitempty"`
	// value defines the value of this field, displayed underneath the title.
	// This contains the actual data or content for the field.
	// +kubebuilder:validation:MinLength=1
	// +optional
	Value *string `json:"value,omitempty"`
	// short defines whether this field should be a short field.
	// When true, the field may be displayed inline with other short fields to save space.
	// +optional
	Short *bool `json:"short,omitempty"`
}

type Route struct {
	// receiver defines the name of the receiver for this route. If not empty, it should be listed in
	// the `receivers` field.
	// +optional
	Receiver string `json:"receiver"`
	// groupBy defines the list of labels to group by.
	// Labels must not be repeated (unique list).
	// Special label "..." (aggregate by all possible labels), if provided, must be the only element in the list.
	// +optional
	GroupBy []string `json:"groupBy,omitempty"`
	// groupWait defines how long to wait before sending the initial notification.
	// Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// Example: "30s"
	// +optional
	GroupWait string `json:"groupWait,omitempty"`
	// groupInterval defines how long to wait before sending an updated notification.
	// Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// Example: "5m"
	// +optional
	GroupInterval string `json:"groupInterval,omitempty"`
	// repeatInterval defines how long to wait before repeating the last notification.
	// Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$`
	// Example: "4h"
	// +optional
	RepeatInterval string `json:"repeatInterval,omitempty"`
	// matchers defines the list of matchers that the alert's labels should match. For the first
	// level route, the operator removes any existing equality and regexp
	// matcher on the `namespace` label and adds a `namespace: <object
	// namespace>` matcher.
	// +optional
	Matchers []Matcher `json:"matchers,omitempty"`
	// continue defines the boolean indicating whether an alert should continue matching subsequent
	// sibling nodes. It will always be overridden to true for the first-level
	// route by the Prometheus operator.
	// +optional
	Continue bool `json:"continue,omitempty"`
	// routes defines the child routes.
	// +optional
	Routes []apiextensionsv1.JSON `json:"routes,omitempty"`

	// muteTimeIntervals is a list of MuteTimeInterval names that will mute this route when matched,
	// +optional
	MuteTimeIntervals []string `json:"muteTimeIntervals,omitempty"`
	// activeTimeIntervals is a list of MuteTimeInterval names when this route should be active.
	// +optional
	ActiveTimeIntervals []string `json:"activeTimeIntervals,omitempty"`
}

type SDFile string

type SNSConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiURL defines the SNS API URL, e.g. https://sns.us-east-2.amazonaws.com.
	// If not specified, the SNS API URL from the SNS SDK will be used.
	// +optional
	ApiURL string `json:"apiURL,omitempty"`
	// sigv4 configures AWS's Signature Verification 4 signing process to sign requests.
	// This includes AWS credentials and region configuration for authentication.
	// +optional
	Sigv4 *monitoringv1.Sigv4 `json:"sigv4,omitempty"`
	// topicARN defines the SNS topic ARN, e.g. arn:aws:sns:us-east-2:698519295917:My-Topic.
	// If you don't specify this value, you must specify a value for the PhoneNumber or TargetARN.
	// +optional
	TopicARN string `json:"topicARN,omitempty"`
	// subject defines the subject line when the message is delivered to email endpoints.
	// This field is only used when sending to email subscribers of an SNS topic.
	// +optional
	Subject string `json:"subject,omitempty"`
	// phoneNumber defines the phone number if message is delivered via SMS in E.164 format.
	// If you don't specify this value, you must specify a value for the TopicARN or TargetARN.
	// +optional
	PhoneNumber string `json:"phoneNumber,omitempty"`
	// targetARN defines the mobile platform endpoint ARN if message is delivered via mobile notifications.
	// If you don't specify this value, you must specify a value for the TopicARN or PhoneNumber.
	// +optional
	TargetARN string `json:"targetARN,omitempty"`
	// message defines the message content of the SNS notification.
	// This is the actual notification text that will be sent to subscribers.
	// +optional
	Message string `json:"message,omitempty"`
	// attributes defines SNS message attributes as key-value pairs.
	// These provide additional metadata that can be used for message filtering and routing.
	// +optional
	Attributes map[string]string `json:"attributes,omitempty"`
	// httpConfig defines the HTTP client configuration for SNS API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type ScalewayRole string

type ScalewaySDConfig struct {
	// accessKey defines the access key to use. https://console.scaleway.com/project/credentials
	// +kubebuilder:validation:MinLength=1
	// +required
	AccessKey string `json:"accessKey"`
	// secretKey defines the secret key to use when listing targets.
	// +required
	SecretKey corev1.SecretKeySelector `json:"secretKey"`
	// projectID defines the Project ID of the targets.
	// +kubebuilder:validation:MinLength=1
	// +required
	ProjectID string `json:"projectID"`
	// role defines the service of the targets to retrieve. Must be `Instance` or `Baremetal`.
	// +required
	Role ScalewayRole `json:"role"`
	// port defines the port to scrape metrics from. If using the public IP address, this must
	// +kubebuilder:validation:Minimum=0
	// +kubebuilder:validation:Maximum=65535
	// +optional
	Port *int32 `json:"port,omitempty"`
	// apiURL defines the API URL to use when doing the server listing requests.
	// +kubebuilder:validation:Pattern:="^http(s)?://.+$"
	// +optional
	ApiURL *string `json:"apiURL,omitempty"`
	// zone defines the availability zone of your targets (e.g. fr-par-1).
	// +kubebuilder:validation:MinLength=1
	// +optional
	Zone *string `json:"zone,omitempty"`
	// nameFilter defines a name filter (works as a LIKE) to apply on the server listing request.
	// +kubebuilder:validation:MinLength=1
	// +optional
	NameFilter *string `json:"nameFilter,omitempty"`
	// tagsFilter defines a tag filter (a server needs to have all defined tags to be listed) to apply on the server listing request.
	// +kubebuilder:validation:MinItems=1
	// +kubebuilder:validation:items:MinLength=1
	// +listType=set
	// +optional
	TagsFilter []string `json:"tagsFilter,omitempty"`
	// refreshInterval defines the time after which the provided names are refreshed.
	// If not set, Prometheus uses its default value.
	// +optional
	RefreshInterval *v1.Duration `json:"refreshInterval,omitempty"`
	// +optional
	v1.ProxyConfig `json:",inline"`
	// followRedirects defines whether HTTP requests follow HTTP 3xx redirects.
	// +optional
	FollowRedirects *bool `json:"followRedirects,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// tlsConfig defines the TLS configuration to connect to the Consul API.
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
}

type ScrapeConfig struct {
	// TypeMeta defines the versioned schema of this representation of an object.
	metav1.TypeMeta `json:",inline"`
	// metadata defines ObjectMeta as the metadata that all persisted resources.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// spec defines the specification of ScrapeConfigSpec.
	// +required
	Spec ScrapeConfigSpec `json:"spec"`
	// status defines the status subresource. It is under active development and is updated only when the
	// "StatusForConfigurationResources" feature gate is enabled.
	//
	// Most recent observed status of the ScrapeConfig. Read-only.
	// More info:
	// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
	// +optional
	Status v1.ConfigResourceStatus `json:"status,omitempty,omitzero"`
}

type ScrapeConfigList struct {
	// TypeMeta defines the versioned schema of this representation of an object.
	metav1.TypeMeta `json:",inline"`
	// metadata defines ListMeta as metadata for collection responses.
	// +optional
	metav1.ListMeta `json:"metadata,omitempty"`
	// List of ScrapeConfigs
	// +required
	Items []ScrapeConfig `json:"items"`
}

type ScrapeConfigSpec struct {
	// jobName defines the value of the `job` label assigned to the scraped metrics by default.
	//
	// The `job_name` field in the rendered scrape configuration is always controlled by the
	// operator to prevent duplicate job names, which Prometheus does not allow. Instead the
	// `job` label is set by means of relabeling configs.
	//
	// +kubebuilder:validation:MinLength=1
	// +optional
	JobName *string `json:"jobName,omitempty"`
	// staticConfigs defines a list of static targets with a common label set.
	// +optional
	StaticConfigs []StaticConfig `json:"staticConfigs,omitempty"`
	// fileSDConfigs defines a list of file service discovery configurations.
	// +optional
	FileSDConfigs []FileSDConfig `json:"fileSDConfigs,omitempty"`
	// httpSDConfigs defines a list of HTTP service discovery configurations.
	// +optional
	HTTPSDConfigs []HTTPSDConfig `json:"httpSDConfigs,omitempty"`
	// kubernetesSDConfigs defines a list of Kubernetes service discovery configurations.
	// +optional
	KubernetesSDConfigs []KubernetesSDConfig `json:"kubernetesSDConfigs,omitempty"`
	// consulSDConfigs defines a list of Consul service discovery configurations.
	// +optional
	ConsulSDConfigs []ConsulSDConfig `json:"consulSDConfigs,omitempty"`
	// dnsSDConfigs defines a list of DNS service discovery configurations.
	// +optional
	DNSSDConfigs []DNSSDConfig `json:"dnsSDConfigs,omitempty"`
	// ec2SDConfigs defines a list of EC2 service discovery configurations.
	// +optional
	EC2SDConfigs []EC2SDConfig `json:"ec2SDConfigs,omitempty"`
	// azureSDConfigs defines a list of Azure service discovery configurations.
	// +optional
	AzureSDConfigs []AzureSDConfig `json:"azureSDConfigs,omitempty"`
	// gceSDConfigs defines a list of GCE service discovery configurations.
	// +optional
	GCESDConfigs []GCESDConfig `json:"gceSDConfigs,omitempty"`
	// openstackSDConfigs defines a list of OpenStack service discovery configurations.
	// +optional
	OpenStackSDConfigs []OpenStackSDConfig `json:"openstackSDConfigs,omitempty"`
	// digitalOceanSDConfigs defines a list of DigitalOcean service discovery configurations.
	// +optional
	DigitalOceanSDConfigs []DigitalOceanSDConfig `json:"digitalOceanSDConfigs,omitempty"`
	// kumaSDConfigs defines a list of Kuma service discovery configurations.
	// +optional
	KumaSDConfigs []KumaSDConfig `json:"kumaSDConfigs,omitempty"`
	// eurekaSDConfigs defines a list of Eureka service discovery configurations.
	// +optional
	EurekaSDConfigs []EurekaSDConfig `json:"eurekaSDConfigs,omitempty"`
	// dockerSDConfigs defines a list of Docker service discovery configurations.
	// +optional
	DockerSDConfigs []DockerSDConfig `json:"dockerSDConfigs,omitempty"`
	// linodeSDConfigs defines a list of Linode service discovery configurations.
	// +optional
	LinodeSDConfigs []LinodeSDConfig `json:"linodeSDConfigs,omitempty"`
	// hetznerSDConfigs defines a list of Hetzner service discovery configurations.
	// +optional
	HetznerSDConfigs []HetznerSDConfig `json:"hetznerSDConfigs,omitempty"`
	// nomadSDConfigs defines a list of Nomad service discovery configurations.
	// +optional
	NomadSDConfigs []NomadSDConfig `json:"nomadSDConfigs,omitempty"`
	// dockerSwarmSDConfigs defines a list of Dockerswarm service discovery configurations.
	// +optional
	DockerSwarmSDConfigs []DockerSwarmSDConfig `json:"dockerSwarmSDConfigs,omitempty"`
	// puppetDBSDConfigs defines a list of PuppetDB service discovery configurations.
	// +optional
	PuppetDBSDConfigs []PuppetDBSDConfig `json:"puppetDBSDConfigs,omitempty"`
	// lightSailSDConfigs defines a list of Lightsail service discovery configurations.
	// +optional
	LightSailSDConfigs []LightSailSDConfig `json:"lightSailSDConfigs,omitempty"`
	// ovhcloudSDConfigs defines a list of OVHcloud service discovery configurations.
	// +optional
	OVHCloudSDConfigs []OVHCloudSDConfig `json:"ovhcloudSDConfigs,omitempty"`
	// scalewaySDConfigs defines a list of Scaleway instances and baremetal service discovery configurations.
	// +optional
	ScalewaySDConfigs []ScalewaySDConfig `json:"scalewaySDConfigs,omitempty"`
	// ionosSDConfigs defines a list of IONOS service discovery configurations.
	// +optional
	IonosSDConfigs []IonosSDConfig `json:"ionosSDConfigs,omitempty"`
	// relabelings defines how to rewrite the target's labels before scraping.
	// Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields.
	// The original scrape job's name is available via the `__tmp_prometheus_job_name` label.
	// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config
	// +kubebuilder:validation:MinItems:=1
	// +optional
	RelabelConfigs []v1.RelabelConfig `json:"relabelings,omitempty"`
	// metricsPath defines the HTTP path to scrape for metrics. If empty, Prometheus uses the default value (e.g. /metrics).
	// +kubebuilder:validation:MinLength:=1
	// +optional
	MetricsPath *string `json:"metricsPath,omitempty"`
	// scrapeInterval defines the interval between consecutive scrapes.
	// +optional
	ScrapeInterval *v1.Duration `json:"scrapeInterval,omitempty"`
	// scrapeTimeout defines the number of seconds to wait until a scrape request times out.
	// The value cannot be greater than the scrape interval otherwise the operator will reject the resource.
	// +optional
	ScrapeTimeout *v1.Duration `json:"scrapeTimeout,omitempty"`
	// scrapeProtocols defines the protocols to negotiate during a scrape. It tells clients the
	// protocols supported by Prometheus in order of preference (from most to least preferred).
	//
	// If unset, Prometheus uses its default value.
	//
	// It requires Prometheus >= v2.49.0.
	//
	// +listType=set
	// +kubebuilder:validation:MinItems:=1
	// +optional
	ScrapeProtocols []v1.ScrapeProtocol `json:"scrapeProtocols,omitempty"`
	// fallbackScrapeProtocol defines the protocol to use if a scrape returns blank, unparseable, or otherwise invalid Content-Type.
	//
	// It requires Prometheus >= v3.0.0.
	// +optional
	FallbackScrapeProtocol *v1.ScrapeProtocol `json:"fallbackScrapeProtocol,omitempty"`
	// honorTimestamps defines whether Prometheus preserves the timestamps
	// when exposed by the target.
	// +optional
	HonorTimestamps *bool `json:"honorTimestamps,omitempty"`
	// trackTimestampsStaleness defines whether Prometheus tracks staleness of
	// the metrics that have an explicit timestamp present in scraped data.
	// Has no effect if `honorTimestamps` is false.
	// It requires Prometheus >= v2.48.0.
	//
	// +optional
	TrackTimestampsStaleness *bool `json:"trackTimestampsStaleness,omitempty"`
	// honorLabels defines when true the metric's labels when they collide
	// with the target's labels.
	// +optional
	HonorLabels *bool `json:"honorLabels,omitempty"`
	// params defines optional HTTP URL parameters
	// +mapType:=atomic
	// +optional
	Params map[string][]string `json:"params,omitempty"`
	// scheme defines the protocol scheme used for requests.
	// If empty, Prometheus uses HTTP by default.
	// +kubebuilder:validation:Enum=HTTP;HTTPS
	// +optional
	Scheme *string `json:"scheme,omitempty"`
	// enableCompression when false, Prometheus will request uncompressed response from the scraped target.
	//
	// It requires Prometheus >= v2.49.0.
	//
	// If unset, Prometheus uses true by default.
	// +optional
	EnableCompression *bool `json:"enableCompression,omitempty"`
	// enableHTTP2 defines whether to enable HTTP2.
	// +optional
	EnableHTTP2 *bool `json:"enableHTTP2,omitempty"`
	// basicAuth defines information to use on every scrape request.
	// +optional
	BasicAuth *v1.BasicAuth `json:"basicAuth,omitempty"`
	// authorization defines the header to use on every scrape request.
	// +optional
	Authorization *v1.SafeAuthorization `json:"authorization,omitempty"`
	// oauth2 defines the configuration to use on every scrape request.
	// +optional
	OAuth2 *v1.OAuth2 `json:"oauth2,omitempty"`
	// tlsConfig defines the TLS configuration to use on every scrape request
	// +optional
	TLSConfig *v1.SafeTLSConfig `json:"tlsConfig,omitempty"`
	// sampleLimit defines per-scrape limit on number of scraped samples that will be accepted.
	// +optional
	SampleLimit *uint64 `json:"sampleLimit,omitempty"`
	// targetLimit defines a limit on the number of scraped targets that will be accepted.
	// +optional
	TargetLimit *uint64 `json:"targetLimit,omitempty"`
	// labelLimit defines the per-scrape limit on number of labels that will be accepted for a sample.
	// Only valid in Prometheus versions 2.27.0 and newer.
	// +optional
	LabelLimit *uint64 `json:"labelLimit,omitempty"`
	// labelNameLengthLimit defines the per-scrape limit on length of labels name that will be accepted for a sample.
	// Only valid in Prometheus versions 2.27.0 and newer.
	// +optional
	LabelNameLengthLimit *uint64 `json:"labelNameLengthLimit,omitempty"`
	// labelValueLengthLimit defines the per-scrape limit on length of labels value that will be accepted for a sample.
	// Only valid in Prometheus versions 2.27.0 and newer.
	// +optional
	LabelValueLengthLimit *uint64 `json:"labelValueLengthLimit,omitempty"`

	v1.NativeHistogramConfig `json:",inline"`
	// keepDroppedTargets defines the per-scrape limit on the number of targets dropped by relabeling
	// that will be kept in memory. 0 means no limit.
	//
	// It requires Prometheus >= v2.47.0.
	//
	// +optional
	KeepDroppedTargets *uint64 `json:"keepDroppedTargets,omitempty"`
	// metricRelabelings defines the metricRelabelings to apply to samples before ingestion.
	// +kubebuilder:validation:MinItems:=1
	// +optional
	MetricRelabelConfigs []v1.RelabelConfig `json:"metricRelabelings,omitempty"`
	// ProxyConfig allows customizing the proxy behaviour for this scrape config.
	// +optional
	v1.ProxyConfig `json:",inline"`
	// nameValidationScheme defines the validation scheme for metric and label names.
	//
	// It requires Prometheus >= v3.0.0.
	//
	// +optional
	NameValidationScheme *v1.NameValidationSchemeOptions `json:"nameValidationScheme,omitempty"`
	// nameEscapingScheme defines the metric name escaping mode to request through content negotiation.
	//
	// It requires Prometheus >= v3.4.0.
	//
	// +optional
	NameEscapingScheme *v1.NameEscapingSchemeOptions `json:"nameEscapingScheme,omitempty"`
	// scrapeClass defines the scrape class to apply.
	// +kubebuilder:validation:MinLength=1
	// +optional
	ScrapeClassName *string `json:"scrapeClass,omitempty"`
}

type SlackAction struct {
	// type defines the type of interactive component.
	// Common values include "button" for clickable buttons and "select" for dropdown menus.
	// +kubebuilder:validation:MinLength=1
	// +required
	Type string `json:"type"`
	// text defines the user-visible label displayed on the action element.
	// For buttons, this is the button text. For select menus, this is the placeholder text.
	// +kubebuilder:validation:MinLength=1
	// +required
	Text string `json:"text"`
	// url defines the URL to open when the action is triggered.
	// Only applicable for button-type actions. When set, clicking the button opens this URL.
	// +optional
	URL string `json:"url,omitempty"`
	// style defines the visual appearance of the action element.
	// Valid values include "default", "primary" (green), and "danger" (red).
	// +optional
	Style string `json:"style,omitempty"`
	// name defines a unique identifier for the action within the message.
	// This value is sent back to your application when the action is triggered.
	// +optional
	Name string `json:"name,omitempty"`
	// value defines the payload sent when the action is triggered.
	// This data is included in the callback sent to your application.
	// +optional
	Value string `json:"value,omitempty"`
	// confirm defines an optional confirmation dialog that appears before the action is executed.
	// When set, users must confirm their intent before the action proceeds.
	// +optional
	ConfirmField *SlackConfirmationField `json:"confirm,omitempty"`
}

type SlackConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiURL defines the secret's key that contains the Slack webhook URL.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	APIURL *v1.SecretKeySelector `json:"apiURL,omitempty"`
	// channel defines the channel or user to send notifications to.
	// +optional
	Channel string `json:"channel,omitempty"`
	// username defines the slack bot user name.
	// +optional
	Username string `json:"username,omitempty"`
	// color defines the color of the left border of the Slack message attachment.
	// Can be a hex color code (e.g., "#ff0000") or a predefined color name.
	// +optional
	Color string `json:"color,omitempty"`
	// title defines the title text displayed in the Slack message attachment.
	// +optional
	Title string `json:"title,omitempty"`
	// titleLink defines the URL that the title will link to when clicked.
	// +optional
	TitleLink string `json:"titleLink,omitempty"`
	// pretext defines optional text that appears above the message attachment block.
	// +optional
	Pretext string `json:"pretext,omitempty"`
	// text defines the main text content of the Slack message attachment.
	// +optional
	Text string `json:"text,omitempty"`
	// fields defines a list of Slack fields that are sent with each notification.
	// +optional
	Fields []SlackField `json:"fields,omitempty"`
	// shortFields determines whether fields are displayed in a compact format.
	// When true, fields are shown side by side when possible.
	// +optional
	ShortFields bool `json:"shortFields,omitempty"`
	// footer defines small text displayed at the bottom of the message attachment.
	// +optional
	Footer string `json:"footer,omitempty"`
	// fallback defines a plain-text summary of the attachment for clients that don't support attachments.
	// +optional
	Fallback string `json:"fallback,omitempty"`
	// callbackId defines an identifier for the message used in interactive components.
	// +optional
	CallbackID string `json:"callbackId,omitempty"`
	// iconEmoji defines the emoji to use as the bot's avatar (e.g., ":ghost:").
	// +optional
	IconEmoji string `json:"iconEmoji,omitempty"`
	// iconURL defines the URL to an image to use as the bot's avatar.
	// +optional
	IconURL string `json:"iconURL,omitempty"`
	// imageURL defines the URL to an image file that will be displayed inside the message attachment.
	// +optional
	ImageURL string `json:"imageURL,omitempty"`
	// thumbURL defines the URL to an image file that will be displayed as a thumbnail
	// on the right side of the message attachment.
	// +optional
	ThumbURL string `json:"thumbURL,omitempty"`
	// linkNames enables automatic linking of channel names and usernames in the message.
	// When true, @channel and @username will be converted to clickable links.
	// +optional
	LinkNames bool `json:"linkNames,omitempty"`
	// mrkdwnIn defines which fields should be parsed as Slack markdown.
	// Valid values include "pretext", "text", and "fields".
	// +optional
	MrkdwnIn []string `json:"mrkdwnIn,omitempty"`
	// actions defines a list of Slack actions that are sent with each notification.
	// +optional
	Actions []SlackAction `json:"actions,omitempty"`
	// httpConfig defines the HTTP client configuration.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type SlackConfirmationField struct {
	// text defines the main message displayed in the confirmation dialog.
	// This should be a clear question or statement asking the user to confirm their action.
	// +kubebuilder:validation:MinLength=1
	// +required
	Text string `json:"text"`
	// title defines the title text displayed at the top of the confirmation dialog.
	// When not specified, a default title will be used.
	// +optional
	Title string `json:"title,omitempty"`
	// okText defines the label for the confirmation button in the dialog.
	// When not specified, defaults to "Okay". This button proceeds with the action.
	// +optional
	OkText string `json:"okText,omitempty"`
	// dismissText defines the label for the cancel button in the dialog.
	// When not specified, defaults to "Cancel". This button cancels the action.
	// +optional
	DismissText string `json:"dismissText,omitempty"`
}

type SlackField struct {
	// title defines the label or header text displayed for this field.
	// This appears as bold text above the field value in the Slack message.
	// +kubebuilder:validation:MinLength=1
	// +required
	Title string `json:"title"`
	// value defines the content or data displayed for this field.
	// This appears below the title and can contain plain text or Slack markdown.
	// +kubebuilder:validation:MinLength=1
	// +required
	Value string `json:"value"`
	// short determines whether this field can be displayed alongside other short fields.
	// When true, Slack may display this field side by side with other short fields.
	// When false or not specified, the field takes the full width of the message.
	// +optional
	Short *bool `json:"short,omitempty"`
}

type StaticConfig struct {
	// targets defines the list of targets for this static configuration.
	// +kubebuilder:validation:MinItems:=1
	// +listType=set
	// +required
	Targets []Target `json:"targets"`
	// labels defines labels assigned to all metrics scraped from the targets.
	// +mapType:=atomic
	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

type Target string

type TelegramConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiURL defines the Telegram API URL, e.g. https://api.telegram.org.
	// If not specified, the default Telegram API URL will be used.
	// +optional
	APIURL string `json:"apiURL,omitempty"`
	// botToken defines the Telegram bot token. It is mutually exclusive with `botTokenFile`.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// Either `botToken` or `botTokenFile` is required.
	// +optional
	BotToken *v1.SecretKeySelector `json:"botToken,omitempty"`
	// botTokenFile defines the file to read the Telegram bot token from.
	// It is mutually exclusive with `botToken`.
	// Either `botToken` or `botTokenFile` is required.
	// It requires Alertmanager >= v0.26.0.
	// +optional
	BotTokenFile *string `json:"botTokenFile,omitempty"`
	// chatID defines the Telegram chat ID where messages will be sent.
	// This can be a user ID, group ID, or channel ID (with @ prefix for public channels).
	// +required
	ChatID int64 `json:"chatID,omitempty"`
	// messageThreadID defines the Telegram Group Topic ID for threaded messages.
	// This allows sending messages to specific topics within Telegram groups.
	// It requires Alertmanager >= 0.26.0.
	// +optional
	MessageThreadID *int64 `json:"messageThreadID,omitempty"`
	// message defines the message template for the Telegram notification.
	// This is the content that will be sent to the specified chat.
	// +optional
	Message string `json:"message,omitempty"`
	// disableNotifications controls whether Telegram notifications are sent silently.
	// When true, users will receive the message without notification sounds.
	// +optional
	DisableNotifications *bool `json:"disableNotifications,omitempty"`
	// parseMode defines the parse mode for telegram message formatting.
	// Valid values are "MarkdownV2", "Markdown", and "HTML".
	// This determines how text formatting is interpreted in the message.
	//+kubebuilder:validation:Enum=MarkdownV2;Markdown;HTML
	// +optional
	ParseMode string `json:"parseMode,omitempty"`
	// httpConfig defines the HTTP client configuration for Telegram API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type Time string

type TimeInterval struct {
	// times defines a list of TimeRange
	// +optional
	Times []TimeRange `json:"times,omitempty"`
	// weekdays defines a list of WeekdayRange
	// +optional
	Weekdays []WeekdayRange `json:"weekdays,omitempty"`
	// daysOfMonth defines a list of DayOfMonthRange
	// +optional
	DaysOfMonth []DayOfMonthRange `json:"daysOfMonth,omitempty"`
	// months defines a list of MonthRange
	// +optional
	Months []MonthRange `json:"months,omitempty"`
	// years defines a list of YearRange
	// +optional
	Years []YearRange `json:"years,omitempty"`
}

type TimeRange struct {
	// startTime defines the start time in 24hr format.
	// +optional
	StartTime Time `json:"startTime,omitempty"`
	// endTime defines the end time in 24hr format.
	// +optional
	EndTime Time `json:"endTime,omitempty"`
}

type URL string

type VictorOpsConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiKey defines the secret's key that contains the API key to use when talking to the VictorOps API.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	APIKey *v1.SecretKeySelector `json:"apiKey,omitempty"`
	// apiUrl defines the VictorOps API URL.
	// When not specified, defaults to the standard VictorOps API endpoint.
	// +optional
	APIURL string `json:"apiUrl,omitempty"`
	// routingKey defines a key used to map the alert to a team.
	// This determines which VictorOps team will receive the alert notification.
	// +optional
	RoutingKey string `json:"routingKey"`
	// messageType describes the behavior of the alert.
	// Valid values are "CRITICAL", "WARNING", and "INFO".
	// +optional
	MessageType string `json:"messageType,omitempty"`
	// entityDisplayName contains a summary of the alerted problem.
	// This appears as the main title or identifier for the incident.
	// +optional
	EntityDisplayName string `json:"entityDisplayName,omitempty"`
	// stateMessage contains a long explanation of the alerted problem.
	// This provides detailed context about the incident.
	// +optional
	StateMessage string `json:"stateMessage,omitempty"`
	// monitoringTool defines the monitoring tool the state message is from.
	// This helps identify the source system that generated the alert.
	// +optional
	MonitoringTool string `json:"monitoringTool,omitempty"`
	// customFields defines additional custom fields for notification.
	// These provide extra metadata that will be included with the VictorOps incident.
	// +optional
	CustomFields []KeyValue `json:"customFields,omitempty"`
	// httpConfig defines the HTTP client's configuration for VictorOps API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type WeChatConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// apiSecret defines the secret's key that contains the WeChat API key.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	APISecret *v1.SecretKeySelector `json:"apiSecret,omitempty"`
	// apiURL defines the WeChat API URL.
	// When not specified, defaults to the standard WeChat Work API endpoint.
	// +optional
	APIURL string `json:"apiURL,omitempty"`
	// corpID defines the corp id for authentication.
	// This is the unique identifier for your WeChat Work organization.
	// +optional
	CorpID string `json:"corpID,omitempty"`
	// agentID defines the application agent ID within WeChat Work.
	// This identifies which WeChat Work application will send the notifications.
	// +optional
	AgentID string `json:"agentID,omitempty"`
	// toUser defines the target user(s) to receive the notification.
	// Can be a single user ID or multiple user IDs separated by '|'.
	// +optional
	ToUser string `json:"toUser,omitempty"`
	// toParty defines the target department(s) to receive the notification.
	// Can be a single department ID or multiple department IDs separated by '|'.
	// +optional
	ToParty string `json:"toParty,omitempty"`
	// toTag defines the target tag(s) to receive the notification.
	// Can be a single tag ID or multiple tag IDs separated by '|'.
	// +optional
	ToTag string `json:"toTag,omitempty"`
	// message defines the API request data as defined by the WeChat API.
	// This contains the actual notification content to be sent.
	// +optional
	Message string `json:"message,omitempty"`
	// messageType defines the type of message to send.
	// Valid values include "text", "markdown", and other WeChat Work supported message types.
	// +optional
	MessageType string `json:"messageType,omitempty"`
	// httpConfig defines the HTTP client configuration for WeChat API requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
}

type WebexConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`

	// apiURL defines the Webex Teams API URL i.e. https://webexapis.com/v1/messages
	// +optional
	APIURL *URL `json:"apiURL,omitempty"`

	// httpConfig defines the HTTP client's configuration.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`

	// message defines the message template
	// +optional
	Message *string `json:"message,omitempty"`

	// roomID defines the ID of the Webex Teams room where to send the messages.
	// +kubebuilder:validation:MinLength=1
	// +required
	RoomID string `json:"roomID"`
}

type WebhookConfig struct {
	// sendResolved defines whether or not to notify about resolved alerts.
	// +optional
	SendResolved *bool `json:"sendResolved,omitempty"`
	// url defines the URL to send HTTP POST requests to.
	// urlSecret takes precedence over url. One of urlSecret and url should be defined.
	// +optional
	URL *string `json:"url,omitempty"`
	// urlSecret defines the secret's key that contains the webhook URL to send HTTP requests to.
	// urlSecret takes precedence over url. One of urlSecret and url should be defined.
	// The secret needs to be in the same namespace as the AlertmanagerConfig
	// object and accessible by the Prometheus Operator.
	// +optional
	URLSecret *v1.SecretKeySelector `json:"urlSecret,omitempty"`
	// httpConfig defines the HTTP client configuration for webhook requests.
	// +optional
	HTTPConfig *HTTPConfig `json:"httpConfig,omitempty"`
	// maxAlerts defines the maximum number of alerts to be sent per webhook message.
	// When 0, all alerts are included in the webhook payload.
	// +optional
	// +kubebuilder:validation:Minimum=0
	MaxAlerts int32 `json:"maxAlerts,omitempty"`
	// timeout defines the maximum time to wait for a webhook request to complete,
	// before failing the request and allowing it to be retried.
	// It requires Alertmanager >= v0.28.0.
	// +optional
	Timeout *monitoringv1.Duration `json:"timeout,omitempty"`
}

type Weekday string

type WeekdayRange string

type YearRange string