logic855
/
helm-external-secrets
mirror de https://github.com/external-secrets/external-secrets


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321
							apiVersion: generators.external-secrets.io/v1alpha1
kind: ClusterGenerator
metadata: {}
spec:
  generator:
    acrAccessTokenSpec:
      auth:
        managedIdentity:
          identityId: string
        servicePrincipal:
          secretRef:
            clientId:
              key: string
              name: string
              namespace: string
            clientSecret:
              key: string
              name: string
              namespace: string
        workloadIdentity:
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
      environmentType: "PublicCloud"
      registry: string
      scope: string
      tenantId: string
    ecrAuthorizationTokenSpec:
      auth:
        jwt:
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        secretRef:
          accessKeyIDSecretRef:
            key: string
            name: string
            namespace: string
          secretAccessKeySecretRef:
            key: string
            name: string
            namespace: string
          sessionTokenSecretRef:
            key: string
            name: string
            namespace: string
      region: string
      role: string
      scope: string
    fakeSpec:
      controller: string
      data: {}
    gcrAccessTokenSpec:
      auth:
        secretRef:
          secretAccessKeySecretRef:
            key: string
            name: string
            namespace: string
        workloadIdentity:
          clusterLocation: string
          clusterName: string
          clusterProjectID: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        workloadIdentityFederation:
          audience: string
          awsSecurityCredentials:
            awsCredentialsSecretRef:
              name: string
              namespace: string
            region: "ap-south-1"
          credConfig:
            key: string
            name: string
            namespace: string
          externalTokenEndpoint: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
      projectID: string
    githubAccessTokenSpec:
      appID: string
      auth:
        privateKey:
          secretRef:
            key: string
            name: string
            namespace: string
      installID: string
      permissions: {}
      repositories: [] # minItems 0 of type string
      url: string
    grafanaSpec:
      auth:
        basic:
          password:
            key: string
            name: string
          username: string
        token:
          key: string
          name: string
      serviceAccount:
        name: string
        role: string
      url: string
    mfaSpec:
      algorithm: string
      length: 1
      secret:
        key: string
        name: string
        namespace: string
      timePeriod: 1
      when: 2024-10-11T12:48:44Z
    passwordSpec:
      allowRepeat: false
      digits: 1
      length: 24
      noUpper: false
      symbolCharacters: string
      symbols: 1
    quayAccessTokenSpec:
      robotAccount: string
      serviceAccountRef:
        audiences: [] # minItems 0 of type string
        name: string
        namespace: string
      url: string
    sshKeySpec:
      comment: string
      keySize: 256
      keyType: "rsa"
    stsSessionTokenSpec:
      auth:
        jwt:
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        secretRef:
          accessKeyIDSecretRef:
            key: string
            name: string
            namespace: string
          secretAccessKeySecretRef:
            key: string
            name: string
            namespace: string
          sessionTokenSecretRef:
            key: string
            name: string
            namespace: string
      region: string
      requestParameters:
        serialNumber: string
        sessionDuration: 1
        tokenCode: string
      role: string
    uuidSpec: {}
    vaultDynamicSecretSpec:
      allowEmptyResponse: false
      controller: string
      method: string
      parameters: 
      path: string
      provider:
        auth:
          appRole:
            path: "approle"
            roleId: string
            roleRef:
              key: string
              name: string
              namespace: string
            secretRef:
              key: string
              name: string
              namespace: string
          cert:
            clientCert:
              key: string
              name: string
              namespace: string
            secretRef:
              key: string
              name: string
              namespace: string
          iam:
            externalID: string
            jwt:
              serviceAccountRef:
                audiences: [] # minItems 0 of type string
                name: string
                namespace: string
            path: string
            region: string
            role: string
            secretRef:
              accessKeyIDSecretRef:
                key: string
                name: string
                namespace: string
              secretAccessKeySecretRef:
                key: string
                name: string
                namespace: string
              sessionTokenSecretRef:
                key: string
                name: string
                namespace: string
            vaultAwsIamServerID: string
            vaultRole: string
          jwt:
            kubernetesServiceAccountToken:
              audiences: [] # minItems 0 of type string
              expirationSeconds: 1
              serviceAccountRef:
                audiences: [] # minItems 0 of type string
                name: string
                namespace: string
            path: "jwt"
            role: string
            secretRef:
              key: string
              name: string
              namespace: string
          kubernetes:
            mountPath: "kubernetes"
            role: string
            secretRef:
              key: string
              name: string
              namespace: string
            serviceAccountRef:
              audiences: [] # minItems 0 of type string
              name: string
              namespace: string
          ldap:
            path: "ldap"
            secretRef:
              key: string
              name: string
              namespace: string
            username: string
          namespace: string
          tokenSecretRef:
            key: string
            name: string
            namespace: string
          userPass:
            path: "userpass"
            secretRef:
              key: string
              name: string
              namespace: string
            username: string
        caBundle: c3RyaW5n
        caProvider:
          key: string
          name: string
          namespace: string
          type: "Secret" # "Secret", "ConfigMap"
        checkAndSet:
          required: true
        forwardInconsistent: true
        headers: {}
        namespace: string
        path: string
        readYourWrites: true
        server: string
        tls:
          certSecretRef:
            key: string
            name: string
            namespace: string
          keySecretRef:
            key: string
            name: string
            namespace: string
        version: "v2"
      resultType: "Data"
      retrySettings:
        maxRetries: 1
        retryInterval: string
    webhookSpec:
      auth:
        ntlm:
          passwordSecret:
            key: string
            name: string
            namespace: string
          usernameSecret:
            key: string
            name: string
            namespace: string
      body: string
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      headers: {}
      method: string
      result:
        jsonPath: string
      secrets:
      - name: string
        secretRef:
          key: string
          name: string
      timeout: string
      url: string
  kind: "ACRAccessToken" # "ACRAccessToken", "ECRAuthorizationToken", "Fake", "GCRAccessToken", "GithubAccessToken", "QuayAccessToken", "Password", "SSHKey", "STSSessionToken", "UUID", "VaultDynamicSecret", "Webhook", "Grafana"