helm-external-secrets/config/crds/bases/external-secrets.io_pushsecrets.yaml

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.11.0
  creationTimestamp: null
  name: pushsecrets.external-secrets.io
spec:
  group: external-secrets.io
  names:
    categories:
    - pushsecrets
    kind: PushSecret
    listKind: PushSecretList
    plural: pushsecrets
    singular: pushsecret
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .metadata.creationTimestamp
      name: AGE
      type: date
    - jsonPath: .status.conditions[?(@.type=="Ready")].reason
      name: Status
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: PushSecretSpec configures the behavior of the PushSecret.
            properties:
              data:
                description: Secret Data that should be pushed to providers
                items:
                  properties:
                    match:
                      description: Match a given Secret Key to be pushed to the provider.
                      properties:
                        remoteRef:
                          description: Remote Refs to push to providers.
                          properties:
                            remoteKey:
                              description: Name of the resulting provider secret.
                              type: string
                          required:
                          - remoteKey
                          type: object
                        secretKey:
                          description: Secret Key to be pushed
                          type: string
                      required:
                      - remoteRef
                      - secretKey
                      type: object
                  required:
                  - match
                  type: object
                type: array
              deletionPolicy:
                default: None
                description: 'Deletion Policy to handle Secrets in the provider. Possible
                  Values: "Delete/None". Defaults to "None".'
                type: string
              refreshInterval:
                description: The Interval to which External Secrets will try to push
                  a secret definition
                type: string
              secretStoreRefs:
                items:
                  properties:
                    kind:
                      default: SecretStore
                      description: Kind of the SecretStore resource (SecretStore or
                        ClusterSecretStore) Defaults to `SecretStore`
                      type: string
                    labelSelector:
                      description: Optionally, sync to secret stores with label selector
                      properties:
                        matchExpressions:
                          description: matchExpressions is a list of label selector
                            requirements. The requirements are ANDed.
                          items:
                            description: A label selector requirement is a selector
                              that contains values, a key, and an operator that relates
                              the key and values.
                            properties:
                              key:
                                description: key is the label key that the selector
                                  applies to.
                                type: string
                              operator:
                                description: operator represents a key's relationship
                                  to a set of values. Valid operators are In, NotIn,
                                  Exists and DoesNotExist.
                                type: string
                              values:
                                description: values is an array of string values.
                                  If the operator is In or NotIn, the values array
                                  must be non-empty. If the operator is Exists or
                                  DoesNotExist, the values array must be empty. This
                                  array is replaced during a strategic merge patch.
                                items:
                                  type: string
                                type: array
                            required:
                            - key
                            - operator
                            type: object
                          type: array
                        matchLabels:
                          additionalProperties:
                            type: string
                          description: matchLabels is a map of {key,value} pairs.
                            A single {key,value} in the matchLabels map is equivalent
                            to an element of matchExpressions, whose key field is
                            "key", the operator is "In", and the values array contains
                            only "value". The requirements are ANDed.
                          type: object
                      type: object
                      x-kubernetes-map-type: atomic
                    name:
                      description: Optionally, sync to the SecretStore of the given
                        name
                      type: string
                  type: object
                type: array
              selector:
                description: The Secret Selector (k8s source) for the Push Secret
                properties:
                  secret:
                    description: Select a Secret to Push.
                    properties:
                      name:
                        description: Name of the Secret. The Secret must exist in
                          the same namespace as the PushSecret manifest.
                        type: string
                    required:
                    - name
                    type: object
                required:
                - secret
                type: object
            required:
            - secretStoreRefs
            - selector
            type: object
          status:
            description: PushSecretStatus indicates the history of the status of PushSecret.
            properties:
              conditions:
                items:
                  description: PushSecretStatusCondition indicates the status of the
                    PushSecret.
                  properties:
                    lastTransitionTime:
                      format: date-time
                      type: string
                    message:
                      type: string
                    reason:
                      type: string
                    status:
                      type: string
                    type:
                      description: PushSecretConditionType indicates the condition
                        of the PushSecret.
                      type: string
                  required:
                  - status
                  - type
                  type: object
                type: array
              refreshTime:
                description: refreshTime is the time and date the external secret
                  was fetched and the target secret updated
                format: date-time
                nullable: true
                type: string
              syncedPushSecrets:
                additionalProperties:
                  additionalProperties:
                    properties:
                      match:
                        description: Match a given Secret Key to be pushed to the
                          provider.
                        properties:
                          remoteRef:
                            description: Remote Refs to push to providers.
                            properties:
                              remoteKey:
                                description: Name of the resulting provider secret.
                                type: string
                            required:
                            - remoteKey
                            type: object
                          secretKey:
                            description: Secret Key to be pushed
                            type: string
                        required:
                        - remoteRef
                        - secretKey
                        type: object
                    required:
                    - match
                    type: object
                  type: object
                description: Synced Push Secrets for later deletion. Matches Secret
                  Stores to PushSecretData that was stored to that secretStore.
                type: object
              syncedResourceVersion:
                description: SyncedResourceVersion keeps track of the last synced
                  version.
                type: string
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}