deploy: 78d046b7120cd4d97dd474b81b6edb05ace18db3

api-clustersecretstore/index.html

@@ -955,7 +955,17 @@
       <span class="nt">version</span><span class="p">:</span> <span class="s">&quot;v2&quot;</span>
       <span class="c1"># vault enterprise namespace: https://www.vaultproject.io/docs/enterprise/namespaces</span>
       <span class="nt">namespace</span><span class="p">:</span> <span class="s">&quot;a-team&quot;</span>
+      <span class="c1"># base64 encoded string of certificate</span>
       <span class="nt">caBundle</span><span class="p">:</span> <span class="s">&quot;...&quot;</span>
+      <span class="c1"># Instead of caBundle you can also specify a caProvider</span>
+      <span class="c1"># this will retrieve the cert from a Secret or ConfigMap</span>
+      <span class="nt">caProvider</span><span class="p">:</span>
+        <span class="c1"># Can be Secret or ConfigMap</span>
+        <span class="nt">type</span><span class="p">:</span> <span class="s">&quot;Secret&quot;</span>
+        <span class="c1"># This is mandatory for ClusterSecretStore and not relevant for SecretStore</span>
+        <span class="nt">namespace</span><span class="p">:</span> <span class="s">&quot;my-cert-secret-namespace&quot;</span>
+        <span class="nt">name</span><span class="p">:</span> <span class="s">&quot;my-cert-secret&quot;</span>
+        <span class="nt">key</span><span class="p">:</span> <span class="s">&quot;cert-key&quot;</span>
       <span class="nt">auth</span><span class="p">:</span>
         <span class="c1"># static token: https://www.vaultproject.io/docs/auth/token</span>
         <span class="nt">tokenSecretRef</span><span class="p">:</span>

api-secretstore/index.html

@@ -971,8 +971,6 @@ The SecretStore maps to exactly one instance of an external API.</p>
       <span class="nt">caProvider</span><span class="p">:</span>
         <span class="c1"># Can be Secret or ConfigMap</span>
         <span class="nt">type</span><span class="p">:</span> <span class="s">&quot;Secret&quot;</span>
-        <span class="c1"># This is optional, if not specified will be &#39;Default&#39;</span>
-        <span class="nt">namespace</span><span class="p">:</span> <span class="s">&quot;my-cert-secret-namespace&quot;</span>
         <span class="nt">name</span><span class="p">:</span> <span class="s">&quot;my-cert-secret&quot;</span>
         <span class="nt">key</span><span class="p">:</span> <span class="s">&quot;cert-key&quot;</span>
 

snippets/full-cluster-secret-store.yaml

@@ -42,7 +42,17 @@ spec:
       version: "v2"
       # vault enterprise namespace: https://www.vaultproject.io/docs/enterprise/namespaces
       namespace: "a-team"
+      # base64 encoded string of certificate
       caBundle: "..."
+      # Instead of caBundle you can also specify a caProvider
+      # this will retrieve the cert from a Secret or ConfigMap
+      caProvider:
+        # Can be Secret or ConfigMap
+        type: "Secret"
+        # This is mandatory for ClusterSecretStore and not relevant for SecretStore
+        namespace: "my-cert-secret-namespace"
+        name: "my-cert-secret"
+        key: "cert-key"
       auth:
         # static token: https://www.vaultproject.io/docs/auth/token
         tokenSecretRef:

snippets/full-secret-store.yaml

@@ -58,8 +58,6 @@ spec:
       caProvider:
         # Can be Secret or ConfigMap
         type: "Secret"
-        # This is optional, if not specified will be 'Default'
-        namespace: "my-cert-secret-namespace"
         name: "my-cert-secret"
         key: "cert-key"
 

spec/index.html

@@ -1601,6 +1601,7 @@ string
 </em>
 </td>
 <td>
+<em>(Optional)</em>
 <p>The namespace the Provider type is in.</p>
 </td>
 </tr>