helm-external-secrets/config/crds/bases/generators.external-secrets.io_cloudsmithaccesstokens.yaml

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.19.0
  labels:
    external-secrets.io/component: controller
  name: cloudsmithaccesstokens.generators.external-secrets.io
spec:
  group: generators.external-secrets.io
  names:
    categories:
    - external-secrets
    - external-secrets-generators
    kind: CloudsmithAccessToken
    listKind: CloudsmithAccessTokenList
    plural: cloudsmithaccesstokens
    singular: cloudsmithaccesstoken
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        description: CloudsmithAccessToken generates Cloudsmith access token using
          OIDC authentication
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: CloudsmithAccessTokenSpec defines the configuration for generating
              a Cloudsmith access token using OIDC authentication.
            properties:
              apiUrl:
                description: APIURL configures the Cloudsmith API URL. Defaults to
                  https://api.cloudsmith.io.
                type: string
              orgSlug:
                description: OrgSlug is the organization slug in Cloudsmith
                type: string
              serviceAccountRef:
                description: Name of the service account you are federating with
                properties:
                  audiences:
                    description: |-
                      Audience specifies the `aud` claim for the service account token
                      If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
                      then this audiences will be appended to the list
                    items:
                      type: string
                    type: array
                  name:
                    description: The name of the ServiceAccount resource being referred
                      to.
                    maxLength: 253
                    minLength: 1
                    pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                    type: string
                  namespace:
                    description: |-
                      Namespace of the resource being referred to.
                      Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
                    maxLength: 63
                    minLength: 1
                    pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
                    type: string
                required:
                - name
                type: object
              serviceSlug:
                description: ServiceSlug is the service slug in Cloudsmith for OIDC
                  authentication
                type: string
            required:
            - orgSlug
            - serviceAccountRef
            - serviceSlug
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}