Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: 5cd2ed13e9
Branches Tags
helm-externa...
/
apis
/
meta
/
v1
/
types.go

types.go 2.7 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. /*
    2. 

  2. Copyright © 2025 ESO Maintainer Team
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     https://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package v1
    18. 

  18. 

  19. // SecretKeySelector is a reference to a specific 'key' within a Secret resource.
    20. 

  20. // In some instances, `key` is a required field.
    21. 

  21. type SecretKeySelector struct {
    22. 

  22. 	// The name of the Secret resource being referred to.
    23. 

  23. 	// +kubebuilder:validation:MinLength:=1
    24. 

  24. 	// +kubebuilder:validation:MaxLength:=253
    25. 

  25. 	// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
    26. 

  26. 	Name string `json:"name,omitempty"`
    27. 

  27. 

  28. 	// The namespace of the Secret resource being referred to.
    29. 

  29. 	// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
    30. 

  30. 	// +optional
    31. 

  31. 	// +kubebuilder:validation:MinLength:=1
    32. 

  32. 	// +kubebuilder:validation:MaxLength:=63
    33. 

  33. 	// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
    34. 

  34. 	Namespace *string `json:"namespace,omitempty"`
    35. 

  35. 

  36. 	// A key in the referenced Secret.
    37. 

  37. 	// Some instances of this field may be defaulted, in others it may be required.
    38. 

  38. 	// +optional
    39. 

  39. 	// +kubebuilder:validation:MinLength:=1
    40. 

  40. 	// +kubebuilder:validation:MaxLength:=253
    41. 

  41. 	// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
    42. 

  42. 	Key string `json:"key,omitempty"`
    43. 

  43. }
    44. 

  44. 

  45. // ServiceAccountSelector is a reference to a ServiceAccount resource.
    46. 

  46. type ServiceAccountSelector struct {
    47. 

  47. 	// The name of the ServiceAccount resource being referred to.
    48. 

  48. 	// +kubebuilder:validation:MinLength:=1
    49. 

  49. 	// +kubebuilder:validation:MaxLength:=253
    50. 

  50. 	// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
    51. 

  51. 	Name string `json:"name"`
    52. 

  52. 

  53. 	// Namespace of the resource being referred to.
    54. 

  54. 	// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
    55. 

  55. 	// +optional
    56. 

  56. 	// +kubebuilder:validation:MinLength:=1
    57. 

  57. 	// +kubebuilder:validation:MaxLength:=63
    58. 

  58. 	// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
    59. 

  59. 	Namespace *string `json:"namespace,omitempty"`
    60. 

  60. 

  61. 	// Audience specifies the `aud` claim for the service account token
    62. 

  62. 	// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
    63. 

  63. 	// then this audiences will be appended to the list
    64. 

  64. 	// +optional
    65. 

  65. 	Audiences []string `json:"audiences,omitempty"`
    66. 

  66. }
    67.