apiVersion: generators.external-secrets.io/v1alpha1 kind: ClusterGenerator metadata: {} spec: generator: acrAccessTokenSpec: auth: managedIdentity: identityId: string servicePrincipal: secretRef: clientId: key: string name: string namespace: string clientSecret: key: string name: string namespace: string workloadIdentity: serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string environmentType: "PublicCloud" registry: string scope: string tenantId: string cloudsmithAccessTokenSpec: apiUrl: string orgSlug: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string serviceSlug: string ecrAuthorizationTokenSpec: auth: jwt: serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string secretRef: accessKeyIDSecretRef: key: string name: string namespace: string secretAccessKeySecretRef: key: string name: string namespace: string sessionTokenSecretRef: key: string name: string namespace: string region: string role: string scope: string fakeSpec: controller: string data: {} gcrAccessTokenSpec: auth: secretRef: secretAccessKeySecretRef: key: string name: string namespace: string workloadIdentity: clusterLocation: string clusterName: string clusterProjectID: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string workloadIdentityFederation: audience: string awsSecurityCredentials: awsCredentialsSecretRef: name: string namespace: string region: "ap-south-1" credConfig: key: string name: string namespace: string externalTokenEndpoint: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string projectID: string githubAccessTokenSpec: appID: string auth: privateKey: secretRef: key: string name: string namespace: string installID: string permissions: {} repositories: [] # minItems 0 of type string url: string grafanaSpec: auth: basic: password: key: string name: string username: string token: key: string name: string serviceAccount: name: string role: string url: string mfaSpec: algorithm: string length: 1 secret: key: string name: string namespace: string timePeriod: 1 when: 2024-10-11T12:48:44Z passwordSpec: allowRepeat: false digits: 1 encoding: "raw" length: 24 noUpper: false secretKeys: [string] # minItems 1 of type string symbolCharacters: string symbols: 1 quayAccessTokenSpec: robotAccount: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string url: string sshKeySpec: comment: string keySize: 256 keyType: "rsa" stsSessionTokenSpec: auth: jwt: serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string secretRef: accessKeyIDSecretRef: key: string name: string namespace: string secretAccessKeySecretRef: key: string name: string namespace: string sessionTokenSecretRef: key: string name: string namespace: string region: string requestParameters: serialNumber: string sessionDuration: 1 tokenCode: string role: string uuidSpec: {} vaultDynamicSecretSpec: allowEmptyResponse: false controller: string method: string parameters: path: string provider: auth: appRole: path: "approle" roleId: string roleRef: key: string name: string namespace: string secretRef: key: string name: string namespace: string cert: clientCert: key: string name: string namespace: string path: "cert" secretRef: key: string name: string namespace: string vaultRole: string gcp: location: string path: "gcp" projectID: string role: string secretRef: secretAccessKeySecretRef: key: string name: string namespace: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string workloadIdentity: clusterLocation: string clusterName: string clusterProjectID: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string iam: externalID: string jwt: serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string path: string region: string role: string secretRef: accessKeyIDSecretRef: key: string name: string namespace: string secretAccessKeySecretRef: key: string name: string namespace: string sessionTokenSecretRef: key: string name: string namespace: string vaultAwsIamServerID: string vaultRole: string jwt: kubernetesServiceAccountToken: audiences: [] # minItems 0 of type string expirationSeconds: 1 serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string path: "jwt" role: string secretRef: key: string name: string namespace: string kubernetes: mountPath: "kubernetes" role: string secretRef: key: string name: string namespace: string serviceAccountRef: audiences: [] # minItems 0 of type string name: string namespace: string ldap: path: "ldap" secretRef: key: string name: string namespace: string username: string namespace: string tokenSecretRef: key: string name: string namespace: string userPass: path: "userpass" secretRef: key: string name: string namespace: string username: string caBundle: c3RyaW5n caProvider: key: string name: string namespace: string type: "Secret" # "Secret", "ConfigMap" checkAndSet: required: true forwardInconsistent: true headers: {} namespace: string path: string readYourWrites: true server: string tls: certSecretRef: key: string name: string namespace: string keySecretRef: key: string name: string namespace: string version: "v2" resultType: "Data" retrySettings: maxRetries: 1 retryInterval: string webhookSpec: auth: ntlm: passwordSecret: key: string name: string namespace: string usernameSecret: key: string name: string namespace: string body: string caBundle: c3RyaW5n caProvider: key: string name: string namespace: string type: "Secret" # "Secret", "ConfigMap" headers: {} method: string result: jsonPath: string secrets: - name: string secretRef: key: string name: string timeout: string url: string kind: "ACRAccessToken" # "ACRAccessToken", "CloudsmithAccessToken", "ECRAuthorizationToken", "Fake", "GCRAccessToken", "GithubAccessToken", "QuayAccessToken", "Password", "SSHKey", "STSSessionToken", "UUID", "VaultDynamicSecret", "Webhook", "Grafana"