"debug":
  "description": "Collect debug data"
"cis-benchmark":
  "description": |
    Run the CIS Kubernetes Benchmark against snap-based components.
  "params":
    "apply":
      "type": "string"
      "default": "none"
      "description": |
        Apply remediations to address benchmark failures. The default, 'none',
        will not attempt to fix any reported failures. Set to 'conservative'
        to resolve simple failures. Set to 'dangerous' to attempt to resolve
        all failures.

        Note: Applying any remediation may result in an unusable cluster.
    "config":
      "type": "string"
      "default": "https://github.com/charmed-kubernetes/kube-bench-config/archive/cis-1.5.zip#sha1=811f21dbf6c841bafdbfbd8a21f912ad67582f46"
      "description": |
        Archive containing configuration files to use when running kube-bench.
        The default value is known to be compatible with snap components. When
        using a custom URL, append '#<hash_type>=<checksum>' to verify the
        archive integrity when downloaded.
    "release":
      "type": "string"
      "default": "https://github.com/aquasecurity/kube-bench/releases/download/v0.3.1/kube-bench_0.3.1_linux_amd64.tar.gz#sha256=6616f1373987259285e2f676a225d4a3885cd62b7e7a116102ff2fb445724281"
      "description": |
        Archive containing the 'kube-bench' binary to run. The default value
        points to a stable upstream release. When using a custom URL, append
        '#<hash_type>=<checksum>' to verify the archive integrity when
        downloaded.

        This may also be set to the special keyword 'upstream'. In this case,
        the action will compile and use a local kube-bench binary built from
        the master branch of the upstream repository:
          https://github.com/aquasecurity/kube-bench

"pause":
  "description": |
    Mark the node as unschedulable to prevent new pods from arriving, and
    evict existing pods.
  "params":
    "delete-local-data":
      "type": "boolean"
      "description": |
        Continue even if there are pods using emptyDir (local data that will
        be deleted when the node is drained).
      "default": !!bool "false"
    "force":
      "type": "boolean"
      "description": |
        Continue even if there are pods not managed by a
        ReplicationController, ReplicaSet, Job, DaemonSet or StatefulSet.
      "default": !!bool "false"
"resume":
  "description": |
    Mark node as schedulable.
"microbot":
  "description": "Launch microbot containers"
  "params":
    "delete":
      "type": "boolean"
      "default": !!bool "false"
      "description": "Remove a microbots deployment, service, and ingress if True."
    "registry":
      "type": "string"
      "default": "rocks.canonical.com:443/cdk"
      "description": "Registry to use for the microbot image."
    "replicas":
      "type": "integer"
      "default": !!int "3"
      "description": "Number of microbots to launch in Kubernetes."
"upgrade":
  "description": "Upgrade the kubernetes snaps"