helm-external-secrets/deploy/crds/external-secrets.io_externalsecrets.yaml

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.5.0
  creationTimestamp: null
  name: externalsecrets.external-secrets.io
spec:
  group: external-secrets.io
  names:
    categories:
    - externalsecrets
    kind: ExternalSecret
    listKind: ExternalSecretList
    plural: externalsecrets
    shortNames:
    - es
    singular: externalsecret
  scope: Namespaced
  versions:
  - additionalPrinterColumns:
    - jsonPath: .spec.secretStoreRef.name
      name: Store
      type: string
    - jsonPath: .spec.refreshInterval
      name: Refresh Interval
      type: string
    name: v1alpha1
    schema:
      openAPIV3Schema:
        description: ExternalSecret is the Schema for the external-secrets API.
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            type: object
          spec:
            description: ExternalSecretSpec defines the desired state of ExternalSecret.
            properties:
              data:
                description: Data defines the connection between the Kubernetes Secret
                  keys and the Provider data
                items:
                  description: ExternalSecretData defines the connection between the
                    Kubernetes Secret key (spec.data.<key>) and the Provider data.
                  properties:
                    remoteRef:
                      description: ExternalSecretDataRemoteRef defines Provider data
                        location.
                      properties:
                        key:
                          description: Key is the key used in the Provider, mandatory
                          type: string
                        property:
                          description: Used to select a specific property of the Provider
                            value (if a map), if supported
                          type: string
                        version:
                          description: Used to select a specific version of the Provider
                            value, if supported
                          type: string
                      required:
                      - key
                      type: object
                    secretKey:
                      type: string
                  required:
                  - remoteRef
                  - secretKey
                  type: object
                type: array
              dataFrom:
                description: DataFrom is used to fetch all properties from a specific
                  Provider data If multiple entries are specified, the Secret keys
                  are merged in the specified order
                items:
                  description: ExternalSecretDataRemoteRef defines Provider data location.
                  properties:
                    key:
                      description: Key is the key used in the Provider, mandatory
                      type: string
                    property:
                      description: Used to select a specific property of the Provider
                        value (if a map), if supported
                      type: string
                    version:
                      description: Used to select a specific version of the Provider
                        value, if supported
                      type: string
                  required:
                  - key
                  type: object
                type: array
              refreshInterval:
                default: 1h
                description: RefreshInterval is the amount of time before the values
                  are read again from the SecretStore provider Valid time units are
                  "ns", "us" (or "µs"), "ms", "s", "m", "h" May be set to zero to
                  fetch and create it once. Defaults to 1h.
                type: string
              secretStoreRef:
                description: SecretStoreRef defines which SecretStore to fetch the
                  ExternalSecret data.
                properties:
                  kind:
                    description: Kind of the SecretStore resource (SecretStore or
                      ClusterSecretStore) Defaults to `SecretStore`
                    type: string
                  name:
                    description: Name of the SecretStore resource
                    type: string
                required:
                - name
                type: object
              target:
                description: ExternalSecretTarget defines the Kubernetes Secret to
                  be created There can be only one target per ExternalSecret.
                properties:
                  creationPolicy:
                    default: Owner
                    description: CreationPolicy defines rules on how to create the
                      resulting Secret Defaults to 'Owner'
                    type: string
                  name:
                    description: Name defines the name of the Secret resource to be
                      managed This field is immutable Defaults to the .metadata.name
                      of the ExternalSecret resource
                    type: string
                  template:
                    description: Template defines a blueprint for the created Secret
                      resource.
                    properties:
                      data:
                        additionalProperties:
                          type: string
                        type: object
                      metadata:
                        description: ExternalSecretTemplateMetadata defines metadata
                          fields for the Secret blueprint.
                        properties:
                          annotations:
                            additionalProperties:
                              type: string
                            type: object
                          labels:
                            additionalProperties:
                              type: string
                            type: object
                        type: object
                      templateFrom:
                        items:
                          maxProperties: 1
                          minProperties: 1
                          properties:
                            configMap:
                              properties:
                                items:
                                  items:
                                    properties:
                                      key:
                                        type: string
                                    required:
                                    - key
                                    type: object
                                  type: array
                                name:
                                  type: string
                              required:
                              - items
                              - name
                              type: object
                            secret:
                              properties:
                                items:
                                  items:
                                    properties:
                                      key:
                                        type: string
                                    required:
                                    - key
                                    type: object
                                  type: array
                                name:
                                  type: string
                              required:
                              - items
                              - name
                              type: object
                          type: object
                        type: array
                      type:
                        type: string
                    type: object
                type: object
            required:
            - secretStoreRef
            - target
            type: object
          status:
            properties:
              conditions:
                items:
                  properties:
                    lastTransitionTime:
                      format: date-time
                      type: string
                    message:
                      type: string
                    reason:
                      type: string
                    status:
                      type: string
                    type:
                      type: string
                  required:
                  - status
                  - type
                  type: object
                type: array
              refreshTime:
                description: refreshTime is the time and date the external secret
                  was fetched and the target secret updated
                format: date-time
                nullable: true
                type: string
              syncedResourceVersion:
                description: SyncedResourceVersion keeps track of the last synced
                  version
                type: string
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: ""
    plural: ""
  conditions: []
  storedVersions: []