Просмотр исходного кода

Deployed 5a70dfbc1 to main with MkDocs 1.6.1 and mike 1.2.0.dev0

Skarlso 9 месяцев назад
Родитель
Сommit
e8ac616780
3 измененных файлов с 162 добавлено и 4 удалено
  1. 105 3
      main/api/spec/index.html
  2. 57 1
      main/provider/azure-key-vault/index.html
  3. 0 0
      main/search/search_index.json

+ 105 - 3
main/api/spec/index.html

@@ -4848,6 +4848,75 @@ is ServicePrincipal.</p>
 </td>
 </tr></tbody>
 </table>
+<h3 id="external-secrets.io/v1.AzureCustomCloudConfig">AzureCustomCloudConfig
+</h3>
+<p>
+(<em>Appears on:</em>
+<a href="#external-secrets.io/v1.AzureKVProvider">AzureKVProvider</a>)
+</p>
+<p>
+<p>AzureCustomCloudConfig specifies custom cloud configuration for private Azure environments
+IMPORTANT: Custom cloud configuration is ONLY supported when UseAzureSDK is true.
+The legacy go-autorest SDK does not support custom cloud endpoints.</p>
+</p>
+<table>
+<thead>
+<tr>
+<th>Field</th>
+<th>Description</th>
+</tr>
+</thead>
+<tbody>
+<tr>
+<td>
+<code>activeDirectoryEndpoint</code></br>
+<em>
+string
+</em>
+</td>
+<td>
+<p>ActiveDirectoryEndpoint is the AAD endpoint for authentication
+Required when using custom cloud configuration</p>
+</td>
+</tr>
+<tr>
+<td>
+<code>keyVaultEndpoint</code></br>
+<em>
+string
+</em>
+</td>
+<td>
+<em>(Optional)</em>
+<p>KeyVaultEndpoint is the Key Vault service endpoint</p>
+</td>
+</tr>
+<tr>
+<td>
+<code>keyVaultDNSSuffix</code></br>
+<em>
+string
+</em>
+</td>
+<td>
+<em>(Optional)</em>
+<p>KeyVaultDNSSuffix is the DNS suffix for Key Vault URLs</p>
+</td>
+</tr>
+<tr>
+<td>
+<code>resourceManagerEndpoint</code></br>
+<em>
+string
+</em>
+</td>
+<td>
+<em>(Optional)</em>
+<p>ResourceManagerEndpoint is the Azure Resource Manager endpoint</p>
+</td>
+</tr>
+</tbody>
+</table>
 <h3 id="external-secrets.io/v1.AzureEnvironmentType">AzureEnvironmentType
 (<code>string</code> alias)</p></h3>
 <p>
@@ -4858,7 +4927,7 @@ is ServicePrincipal.</p>
 <p>AzureEnvironmentType specifies the Azure cloud environment endpoints to use for
 connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint.
 The following endpoints are available, also see here: <a href="https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152">https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152</a>
-PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud</p>
+PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud, AzureStackCloud</p>
 </p>
 <table>
 <thead>
@@ -4867,7 +4936,9 @@ PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud</p>
 <th>Description</th>
 </tr>
 </thead>
-<tbody><tr><td><p>&#34;ChinaCloud&#34;</p></td>
+<tbody><tr><td><p>&#34;AzureStackCloud&#34;</p></td>
+<td></td>
+</tr><tr><td><p>&#34;ChinaCloud&#34;</p></td>
 <td></td>
 </tr><tr><td><p>&#34;GermanCloud&#34;</p></td>
 <td></td>
@@ -5022,7 +5093,8 @@ AzureEnvironmentType
 <p>EnvironmentType specifies the Azure cloud environment endpoints to use for
 connecting and authenticating with Azure. By default it points to the public cloud AAD endpoint.
 The following endpoints are available, also see here: <a href="https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152">https://github.com/Azure/go-autorest/blob/main/autorest/azure/environments.go#L152</a>
-PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud</p>
+PublicCloud, USGovernmentCloud, ChinaCloud, GermanCloud, AzureStackCloud
+Use AzureStackCloud when you need to configure custom Azure Stack Hub or Azure Stack Edge endpoints.</p>
 </td>
 </tr>
 <tr>
@@ -5066,6 +5138,36 @@ string
 <p>If multiple Managed Identity is assigned to the pod, you can select the one to be used</p>
 </td>
 </tr>
+<tr>
+<td>
+<code>useAzureSDK</code></br>
+<em>
+bool
+</em>
+</td>
+<td>
+<em>(Optional)</em>
+<p>UseAzureSDK enables the use of the new Azure SDK for Go (azcore-based) instead of the legacy go-autorest SDK.
+This is experimental and may have behavioral differences. Defaults to false (legacy SDK).</p>
+</td>
+</tr>
+<tr>
+<td>
+<code>customCloudConfig</code></br>
+<em>
+<a href="#external-secrets.io/v1.AzureCustomCloudConfig">
+AzureCustomCloudConfig
+</a>
+</em>
+</td>
+<td>
+<em>(Optional)</em>
+<p>CustomCloudConfig defines custom Azure Stack Hub or Azure Stack Edge endpoints.
+Required when EnvironmentType is AzureStackCloud.
+IMPORTANT: This feature REQUIRES UseAzureSDK to be set to true. Custom cloud
+configuration is not supported with the legacy go-autorest SDK.</p>
+</td>
+</tr>
 </tbody>
 </table>
 <h3 id="external-secrets.io/v1.BeyondTrustProviderSecretRef">BeyondTrustProviderSecretRef

+ 57 - 1
main/provider/azure-key-vault/index.html

@@ -2564,6 +2564,15 @@
       </ul>
     </nav>
   
+</li>
+        
+          <li class="md-nav__item">
+  <a href="#azure-stack-configuration" class="md-nav__link">
+    <span class="md-ellipsis">
+      Azure Stack Configuration
+    </span>
+  </a>
+  
 </li>
         
           <li class="md-nav__item">
@@ -4146,6 +4155,15 @@
       </ul>
     </nav>
   
+</li>
+        
+          <li class="md-nav__item">
+  <a href="#azure-stack-configuration" class="md-nav__link">
+    <span class="md-ellipsis">
+      Azure Stack Configuration
+    </span>
+  </a>
+  
 </li>
         
           <li class="md-nav__item">
@@ -4249,7 +4267,8 @@
 <h3 id="authentication">Authentication</h3>
 <p>We support authentication with Microsoft Entra identities that can be used as Workload Identity or <a href="https://azure.github.io/aad-pod-identity/docs/">AAD Pod Identity</a> as well as with Service Principal credentials.</p>
 <p>Since the <a href="https://azure.github.io/aad-pod-identity/docs/">AAD Pod Identity</a> is deprecated, it is recommended to use the <a href="https://azure.github.io/azure-workload-identity">Workload Identity</a> authentication.</p>
-<p>We support connecting to different cloud flavours azure supports: <code>PublicCloud</code>, <code>USGovernmentCloud</code>, <code>ChinaCloud</code> and <code>GermanCloud</code>. You have to specify the <code>environmentType</code> and point to the correct cloud flavour. This defaults to <code>PublicCloud</code>.</p>
+<p>We support connecting to different cloud flavours azure supports: <code>PublicCloud</code>, <code>USGovernmentCloud</code>, <code>ChinaCloud</code>, <code>GermanCloud</code> and <code>AzureStackCloud</code> (for Azure Stack Hub/Edge). You have to specify the <code>environmentType</code> and point to the correct cloud flavour. This defaults to <code>PublicCloud</code>.</p>
+<p>For Azure Stack Hub or Azure Stack Edge environments, you must also provide custom cloud configuration. See the <a href="#azure-stack-configuration">Azure Stack Configuration</a> section below.</p>
 <div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1</span>
 <span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
 <span class="nt">metadata</span><span class="p">:</span>
@@ -4380,6 +4399,43 @@ az<span class="w"> </span>keyvault<span class="w"> </span>set-policy<span class=
 <span class="w">          </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">umi-secret</span>
 <span class="w">          </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tenantId</span>
 </code></pre></div>
+<h3 id="azure-stack-configuration">Azure Stack Configuration</h3>
+<p>External Secrets Operator supports Azure Stack Hub and Azure Stack Edge through custom cloud configuration. This feature requires using the new Azure SDK.</p>
+<div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1beta1</span>
+<span class="nt">kind</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SecretStore</span>
+<span class="nt">metadata</span><span class="p">:</span>
+<span class="w">  </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">azure-stack-backend</span>
+<span class="nt">spec</span><span class="p">:</span>
+<span class="w">  </span><span class="nt">provider</span><span class="p">:</span>
+<span class="w">    </span><span class="nt">azurekv</span><span class="p">:</span>
+<span class="w">      </span><span class="nt">vaultUrl</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;https://my-vault.vault.local.azurestack.external/&quot;</span>
+<span class="w">      </span><span class="c1"># REQUIRED: Must be set to AzureStackCloud for custom environments</span>
+<span class="w">      </span><span class="nt">environmentType</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">AzureStackCloud</span>
+<span class="w">      </span><span class="c1"># REQUIRED: Must be true for Azure Stack (legacy SDK doesn&#39;t support custom clouds)</span>
+<span class="w">      </span><span class="nt">useAzureSDK</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">true</span>
+<span class="w">      </span><span class="c1"># REQUIRED: Custom cloud endpoints for your Azure Stack deployment</span>
+<span class="w">      </span><span class="nt">customCloudConfig</span><span class="p">:</span>
+<span class="w">        </span><span class="c1"># Azure Active Directory endpoint for authentication</span>
+<span class="w">        </span><span class="nt">activeDirectoryEndpoint</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;https://login.microsoftonline.com/&quot;</span>
+<span class="w">        </span><span class="c1"># Optional: Key Vault endpoint if different from vaultUrl domain</span>
+<span class="w">        </span><span class="nt">keyVaultEndpoint</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;https://vault.local.azurestack.external/&quot;</span>
+<span class="w">        </span><span class="c1"># Optional: Resource Manager endpoint for resource operations</span>
+<span class="w">        </span><span class="nt">resourceManagerEndpoint</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;https://management.local.azurestack.external/&quot;</span>
+<span class="w">      </span><span class="c1"># ... rest of authentication configuration (Service Principal example)</span>
+<span class="w">      </span><span class="nt">authType</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ServicePrincipal</span>
+<span class="w">      </span><span class="nt">tenantId</span><span class="p">:</span><span class="w"> </span><span class="s">&quot;your-tenant-id&quot;</span>
+<span class="w">      </span><span class="nt">authSecretRef</span><span class="p">:</span>
+<span class="w">        </span><span class="nt">clientId</span><span class="p">:</span>
+<span class="w">          </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">azure-secret</span>
+<span class="w">          </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">client-id</span>
+<span class="w">        </span><span class="nt">clientSecret</span><span class="p">:</span>
+<span class="w">          </span><span class="nt">name</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">azure-secret</span>
+<span class="w">          </span><span class="nt">key</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">client-secret</span>
+</code></pre></div>
+<p><strong>Important Notes:</strong>
+- <code>useAzureSDK: true</code> is mandatory for Azure Stack environments
+- The <code>customCloudConfig</code> is only valid when <code>environmentType: AzureStackCloud</code>
+- Contact your Azure Stack administrator for the correct endpoint URLs</p>
 <h3 id="update-secret-store">Update secret store</h3>
 <p>Be sure the <code>azurekv</code> provider is listed in the <code>Kind=SecretStore</code></p>
 <p><div class="highlight"><pre><span></span><code><span class="nt">apiVersion</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">external-secrets.io/v1</span>

Разница между файлами не показана из-за своего большого размера
+ 0 - 0
main/search/search_index.json


Некоторые файлы не были показаны из-за большого количества измененных файлов