| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283 |
- apiVersion: apiextensions.k8s.io/v1
- kind: CustomResourceDefinition
- metadata:
- annotations:
- controller-gen.kubebuilder.io/version: v0.5.0
- creationTimestamp: null
- name: externalsecrets.external-secrets.io
- spec:
- group: external-secrets.io
- names:
- categories:
- - externalsecrets
- kind: ExternalSecret
- listKind: ExternalSecretList
- plural: externalsecrets
- shortNames:
- - es
- singular: externalsecret
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.secretStoreRef.name
- name: Store
- type: string
- - jsonPath: .spec.refreshInterval
- name: Refresh Interval
- type: string
- - jsonPath: .status.conditions[?(@.type=="Ready")].reason
- name: Status
- type: string
- name: v1alpha1
- schema:
- openAPIV3Schema:
- description: ExternalSecret is the Schema for the external-secrets API.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ExternalSecretSpec defines the desired state of ExternalSecret.
- properties:
- data:
- description: Data defines the connection between the Kubernetes Secret
- keys and the Provider data
- items:
- description: ExternalSecretData defines the connection between the
- Kubernetes Secret key (spec.data.<key>) and the Provider data.
- properties:
- remoteRef:
- description: ExternalSecretDataRemoteRef defines Provider data
- location.
- properties:
- key:
- description: Key is the key used in the Provider
- type: string
- matchKey:
- description: Used to select multiple secrets based on a
- pattern
- type: string
- name:
- description: Used to select multiple secrets based on the
- name
- type: string
- property:
- description: Used to select a specific property of the Provider
- value (if a map), if supported
- type: string
- regexp:
- description: Used to select multiple secrets based on a
- regular expression of the name
- type: string
- tags:
- additionalProperties:
- type: string
- description: List of tags used to filter the secrets
- type: object
- version:
- description: Used to select a specific version of the Provider
- value, if supported
- type: string
- type: object
- secretKey:
- type: string
- required:
- - remoteRef
- - secretKey
- type: object
- type: array
- dataFrom:
- description: DataFrom is used to fetch all properties from a specific
- Provider data If multiple entries are specified, the Secret keys
- are merged in the specified order
- items:
- description: ExternalSecretDataRemoteRef defines Provider data location.
- properties:
- key:
- description: Key is the key used in the Provider
- type: string
- matchKey:
- description: Used to select multiple secrets based on a pattern
- type: string
- name:
- description: Used to select multiple secrets based on the name
- type: string
- property:
- description: Used to select a specific property of the Provider
- value (if a map), if supported
- type: string
- regexp:
- description: Used to select multiple secrets based on a regular
- expression of the name
- type: string
- tags:
- additionalProperties:
- type: string
- description: List of tags used to filter the secrets
- type: object
- version:
- description: Used to select a specific version of the Provider
- value, if supported
- type: string
- type: object
- type: array
- refreshInterval:
- default: 1h
- description: RefreshInterval is the amount of time before the values
- are read again from the SecretStore provider Valid time units are
- "ns", "us" (or "µs"), "ms", "s", "m", "h" May be set to zero to
- fetch and create it once. Defaults to 1h.
- type: string
- secretStoreRef:
- description: SecretStoreRef defines which SecretStore to fetch the
- ExternalSecret data.
- properties:
- kind:
- description: Kind of the SecretStore resource (SecretStore or
- ClusterSecretStore) Defaults to `SecretStore`
- type: string
- name:
- description: Name of the SecretStore resource
- type: string
- required:
- - name
- type: object
- target:
- description: ExternalSecretTarget defines the Kubernetes Secret to
- be created There can be only one target per ExternalSecret.
- properties:
- creationPolicy:
- default: Owner
- description: CreationPolicy defines rules on how to create the
- resulting Secret Defaults to 'Owner'
- type: string
- immutable:
- description: Immutable defines if the final secret will be immutable
- type: boolean
- name:
- description: Name defines the name of the Secret resource to be
- managed This field is immutable Defaults to the .metadata.name
- of the ExternalSecret resource
- type: string
- template:
- description: Template defines a blueprint for the created Secret
- resource.
- properties:
- data:
- additionalProperties:
- type: string
- type: object
- metadata:
- description: ExternalSecretTemplateMetadata defines metadata
- fields for the Secret blueprint.
- properties:
- annotations:
- additionalProperties:
- type: string
- type: object
- labels:
- additionalProperties:
- type: string
- type: object
- type: object
- templateFrom:
- items:
- maxProperties: 1
- minProperties: 1
- properties:
- configMap:
- properties:
- items:
- items:
- properties:
- key:
- type: string
- required:
- - key
- type: object
- type: array
- name:
- type: string
- required:
- - items
- - name
- type: object
- secret:
- properties:
- items:
- items:
- properties:
- key:
- type: string
- required:
- - key
- type: object
- type: array
- name:
- type: string
- required:
- - items
- - name
- type: object
- type: object
- type: array
- type:
- type: string
- type: object
- type: object
- required:
- - secretStoreRef
- - target
- type: object
- status:
- properties:
- conditions:
- items:
- properties:
- lastTransitionTime:
- format: date-time
- type: string
- message:
- type: string
- reason:
- type: string
- status:
- type: string
- type:
- type: string
- required:
- - status
- - type
- type: object
- type: array
- refreshTime:
- description: refreshTime is the time and date the external secret
- was fetched and the target secret updated
- format: date-time
- nullable: true
- type: string
- syncedResourceVersion:
- description: SyncedResourceVersion keeps track of the last synced
- version
- type: string
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
- status:
- acceptedNames:
- kind: ""
- plural: ""
- conditions: []
- storedVersions: []
|
