helm-external-secrets/tests/__snapshot__/secretstore-v1.yaml

apiVersion: external-secrets.io/v1
kind: SecretStore
metadata: {}
spec:
  conditions:
  - namespaceRegexes: [] # minItems 0 of type string
    namespaceSelector:
      matchExpressions:
      - key: string
        operator: string
        values: [] # minItems 0 of type string
      matchLabels: {}
    namespaces: [] # minItems 0 of type string
  controller: string
  provider:
    akeyless:
      akeylessGWApiURL: string
      authSecretRef:
        kubernetesAuth:
          accessID: string
          k8sConfName: string
          secretRef:
            key: string
            name: string
            namespace: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        secretRef:
          accessID:
            key: string
            name: string
            namespace: string
          accessType:
            key: string
            name: string
            namespace: string
          accessTypeParam:
            key: string
            name: string
            namespace: string
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
    alibaba:
      auth:
        rrsa:
          oidcProviderArn: string
          oidcTokenFilePath: string
          roleArn: string
          sessionName: string
        secretRef:
          accessKeyIDSecretRef:
            key: string
            name: string
            namespace: string
          accessKeySecretSecretRef:
            key: string
            name: string
            namespace: string
      regionID: string
    aws:
      additionalRoles: [] # minItems 0 of type string
      auth:
        jwt:
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        secretRef:
          accessKeyIDSecretRef:
            key: string
            name: string
            namespace: string
          secretAccessKeySecretRef:
            key: string
            name: string
            namespace: string
          sessionTokenSecretRef:
            key: string
            name: string
            namespace: string
      externalID: string
      prefix: string
      region: string
      role: string
      secretsManager:
        forceDeleteWithoutRecovery: true
        recoveryWindowInDays: 1
      service: "SecretsManager" # "SecretsManager", "ParameterStore"
      sessionTags:
      - key: string
        value: string
      transitiveTagKeys: [] # minItems 0 of type string
    azurekv:
      authSecretRef:
        clientCertificate:
          key: string
          name: string
          namespace: string
        clientId:
          key: string
          name: string
          namespace: string
        clientSecret:
          key: string
          name: string
          namespace: string
        tenantId:
          key: string
          name: string
          namespace: string
      authType: "ServicePrincipal"
      customCloudConfig:
        activeDirectoryEndpoint: string
        keyVaultDNSSuffix: string
        keyVaultEndpoint: string
        resourceManagerEndpoint: string
      environmentType: "PublicCloud"
      identityId: string
      serviceAccountRef:
        audiences: [] # minItems 0 of type string
        name: string
        namespace: string
      tenantId: string
      useAzureSDK: false
      vaultUrl: string
    barbican:
      auth:
        password:
          secretRef:
            key: string
            name: string
            namespace: string
        username:
          secretRef:
            key: string
            name: string
            namespace: string
          value: string
      authURL: string
      domainName: string
      region: string
      tenantName: string
    beyondtrust:
      auth:
        apiKey:
          secretRef:
            key: string
            name: string
            namespace: string
          value: string
        certificate:
          secretRef:
            key: string
            name: string
            namespace: string
          value: string
        certificateKey:
          secretRef:
            key: string
            name: string
            namespace: string
          value: string
        clientId:
          secretRef:
            key: string
            name: string
            namespace: string
          value: string
        clientSecret:
          secretRef:
            key: string
            name: string
            namespace: string
          value: string
      server:
        apiUrl: string
        apiVersion: external-secrets.io/v1
        clientTimeOutSeconds: 1
        decrypt: true
        retrievalType: string
        separator: string
        verifyCA: true
    bitwardensecretsmanager:
      apiURL: string
      auth:
        secretRef:
          credentials:
            key: string
            name: string
            namespace: string
      bitwardenServerSDKURL: string
      caBundle: string
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      identityURL: string
      organizationID: string
      projectID: string
    chef:
      auth:
        secretRef:
          privateKeySecretRef:
            key: string
            name: string
            namespace: string
      serverUrl: string
      username: string
    cloudrusm:
      auth:
        secretRef:
          accessKeyIDSecretRef:
            key: string
            name: string
            namespace: string
          accessKeySecretSecretRef:
            key: string
            name: string
            namespace: string
      projectID: string
    conjur:
      auth:
        apikey:
          account: string
          apiKeyRef:
            key: string
            name: string
            namespace: string
          userRef:
            key: string
            name: string
            namespace: string
        jwt:
          account: string
          hostId: string
          secretRef:
            key: string
            name: string
            namespace: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
          serviceID: string
      caBundle: string
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      url: string
    delinea:
      clientId:
        secretRef:
          key: string
          name: string
          namespace: string
        value: string
      clientSecret:
        secretRef:
          key: string
          name: string
          namespace: string
        value: string
      tenant: string
      tld: string
      urlTemplate: string
    device42:
      auth:
        secretRef:
          credentials:
            key: string
            name: string
            namespace: string
      host: string
    doppler:
      auth:
        oidcConfig:
          expirationSeconds: 600
          identity: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        secretRef:
          dopplerToken:
            key: string
            name: string
            namespace: string
      config: string
      format: "json" # "json", "dotnet-json", "env", "yaml", "docker"
      nameTransformer: "upper-camel" # "upper-camel", "camel", "lower-snake", "tf-var", "dotnet-env", "lower-kebab"
      project: string
    dvls:
      auth:
        secretRef:
          appId:
            key: string
            name: string
            namespace: string
          appSecret:
            key: string
            name: string
            namespace: string
      insecure: true
      serverUrl: string
    fake:
      data:
      - key: string
        value: string
        version: string
      validationResult: 1
    fortanix:
      apiKey:
        secretRef:
          key: string
          name: string
          namespace: string
      apiUrl: string
    gcpsm:
      auth:
        secretRef:
          secretAccessKeySecretRef:
            key: string
            name: string
            namespace: string
        workloadIdentity:
          clusterLocation: string
          clusterName: string
          clusterProjectID: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        workloadIdentityFederation:
          audience: string
          awsSecurityCredentials:
            awsCredentialsSecretRef:
              name: string
              namespace: string
            region: "ap-south-1"
          credConfig:
            key: string
            name: string
            namespace: string
          externalTokenEndpoint: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
      location: string
      projectID: string
      secretVersionSelectionPolicy: "LatestOrFail"
    github:
      appID: 1
      auth:
        privateKey:
          key: string
          name: string
          namespace: string
      environment: string
      installationID: 1
      organization: string
      repository: string
      uploadURL: string
      url: "https://github.com/"
    gitlab:
      auth:
        SecretRef:
          accessToken:
            key: string
            name: string
            namespace: string
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      environment: string
      groupIDs: [] # minItems 0 of type string
      inheritFromGroups: true
      projectID: string
      url: string
    ibm:
      auth:
        containerAuth:
          iamEndpoint: string
          profile: string
          tokenLocation: string
        secretRef:
          iamEndpoint: string
          secretApiKeySecretRef:
            key: string
            name: string
            namespace: string
      serviceUrl: string
    infisical:
      auth:
        awsAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
        azureAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
          resource:
            key: string
            name: string
            namespace: string
        gcpIamAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
          serviceAccountKeyFilePath:
            key: string
            name: string
            namespace: string
        gcpIdTokenAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
        jwtAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
          jwt:
            key: string
            name: string
            namespace: string
        kubernetesAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
          serviceAccountTokenPath:
            key: string
            name: string
            namespace: string
        ldapAuthCredentials:
          identityId:
            key: string
            name: string
            namespace: string
          ldapPassword:
            key: string
            name: string
            namespace: string
          ldapUsername:
            key: string
            name: string
            namespace: string
        ociAuthCredentials:
          fingerprint:
            key: string
            name: string
            namespace: string
          identityId:
            key: string
            name: string
            namespace: string
          privateKey:
            key: string
            name: string
            namespace: string
          privateKeyPassphrase:
            key: string
            name: string
            namespace: string
          region:
            key: string
            name: string
            namespace: string
          tenancyId:
            key: string
            name: string
            namespace: string
          userId:
            key: string
            name: string
            namespace: string
        tokenAuthCredentials:
          accessToken:
            key: string
            name: string
            namespace: string
        universalAuthCredentials:
          clientId:
            key: string
            name: string
            namespace: string
          clientSecret:
            key: string
            name: string
            namespace: string
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      hostAPI: "https://app.infisical.com/api"
      secretsScope:
        environmentSlug: string
        expandSecretReferences: true
        projectSlug: string
        recursive: false
        secretsPath: "/"
    keepersecurity:
      authRef:
        key: string
        name: string
        namespace: string
      folderID: string
    kubernetes:
      auth:
        cert:
          clientCert:
            key: string
            name: string
            namespace: string
          clientKey:
            key: string
            name: string
            namespace: string
        serviceAccount:
          audiences: [] # minItems 0 of type string
          name: string
          namespace: string
        token:
          bearerToken:
            key: string
            name: string
            namespace: string
      authRef:
        key: string
        name: string
        namespace: string
      remoteNamespace: "default"
      server:
        caBundle: c3RyaW5n
        caProvider:
          key: string
          name: string
          namespace: string
          type: "Secret" # "Secret", "ConfigMap"
        url: "kubernetes.default"
    ngrok:
      apiUrl: "https://api.ngrok.com"
      auth:
        apiKey:
          secretRef:
            key: string
            name: string
            namespace: string
      vault:
        name: string
    onboardbase:
      apiHost: "https://public.onboardbase.com/api/v1/"
      auth:
        apiKeyRef:
          key: string
          name: string
          namespace: string
        passcodeRef:
          key: string
          name: string
          namespace: string
      environment: "development"
      project: "development"
    onepassword:
      auth:
        secretRef:
          connectTokenSecretRef:
            key: string
            name: string
            namespace: string
      connectHost: string
      vaults: {}
    onepasswordSDK:
      auth:
        serviceAccountSecretRef:
          key: string
          name: string
          namespace: string
      cache:
        maxSize: 100
        ttl: "5m"
      integrationInfo:
        name: "1Password SDK"
        version: "v1.0.0"
      vault: string
    oracle:
      auth:
        secretRef:
          fingerprint:
            key: string
            name: string
            namespace: string
          privatekey:
            key: string
            name: string
            namespace: string
        tenancy: string
        user: string
      compartment: string
      encryptionKey: string
      principalType: "" # "", "UserPrincipal", "InstancePrincipal", "Workload"
      region: string
      serviceAccountRef:
        audiences: [] # minItems 0 of type string
        name: string
        namespace: string
      vault: string
    passbolt:
      auth:
        passwordSecretRef:
          key: string
          name: string
          namespace: string
        privateKeySecretRef:
          key: string
          name: string
          namespace: string
      host: string
    passworddepot:
      auth:
        secretRef:
          credentials:
            key: string
            name: string
            namespace: string
      database: string
      host: string
    previder:
      auth:
        secretRef:
          accessToken:
            key: string
            name: string
            namespace: string
      baseUri: string
    pulumi:
      accessToken:
        secretRef:
          key: string
          name: string
          namespace: string
      apiUrl: "https://api.pulumi.com/api/esc"
      environment: string
      organization: string
      project: string
    scaleway:
      accessKey:
        secretRef:
          key: string
          name: string
          namespace: string
        value: string
      apiUrl: string
      projectId: string
      region: string
      secretKey:
        secretRef:
          key: string
          name: string
          namespace: string
        value: string
    secretserver:
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      domain: string
      password:
        secretRef:
          key: string
          name: string
          namespace: string
        value: string
      serverURL: string
      username:
        secretRef:
          key: string
          name: string
          namespace: string
        value: string
    senhasegura:
      auth:
        clientId: string
        clientSecretSecretRef:
          key: string
          name: string
          namespace: string
      ignoreSslCertificate: false
      module: string
      url: string
    vault:
      auth:
        appRole:
          path: "approle"
          roleId: string
          roleRef:
            key: string
            name: string
            namespace: string
          secretRef:
            key: string
            name: string
            namespace: string
        cert:
          clientCert:
            key: string
            name: string
            namespace: string
          path: "cert"
          secretRef:
            key: string
            name: string
            namespace: string
        gcp:
          location: string
          path: "gcp"
          projectID: string
          role: string
          secretRef:
            secretAccessKeySecretRef:
              key: string
              name: string
              namespace: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
          workloadIdentity:
            clusterLocation: string
            clusterName: string
            clusterProjectID: string
            serviceAccountRef:
              audiences: [] # minItems 0 of type string
              name: string
              namespace: string
        iam:
          externalID: string
          jwt:
            serviceAccountRef:
              audiences: [] # minItems 0 of type string
              name: string
              namespace: string
          path: string
          region: string
          role: string
          secretRef:
            accessKeyIDSecretRef:
              key: string
              name: string
              namespace: string
            secretAccessKeySecretRef:
              key: string
              name: string
              namespace: string
            sessionTokenSecretRef:
              key: string
              name: string
              namespace: string
          vaultAwsIamServerID: string
          vaultRole: string
        jwt:
          kubernetesServiceAccountToken:
            audiences: [] # minItems 0 of type string
            expirationSeconds: 1
            serviceAccountRef:
              audiences: [] # minItems 0 of type string
              name: string
              namespace: string
          path: "jwt"
          role: string
          secretRef:
            key: string
            name: string
            namespace: string
        kubernetes:
          mountPath: "kubernetes"
          role: string
          secretRef:
            key: string
            name: string
            namespace: string
          serviceAccountRef:
            audiences: [] # minItems 0 of type string
            name: string
            namespace: string
        ldap:
          path: "ldap"
          secretRef:
            key: string
            name: string
            namespace: string
          username: string
        namespace: string
        tokenSecretRef:
          key: string
          name: string
          namespace: string
        userPass:
          path: "userpass"
          secretRef:
            key: string
            name: string
            namespace: string
          username: string
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      checkAndSet:
        required: true
      forwardInconsistent: true
      headers: {}
      namespace: string
      path: string
      readYourWrites: true
      server: string
      tls:
        certSecretRef:
          key: string
          name: string
          namespace: string
        keySecretRef:
          key: string
          name: string
          namespace: string
      version: "v2"
    volcengine:
      auth:
        secretRef:
          accessKeyID:
            key: string
            name: string
            namespace: string
          secretAccessKey:
            key: string
            name: string
            namespace: string
          token:
            key: string
            name: string
            namespace: string
      region: string
    webhook:
      auth:
        ntlm:
          passwordSecret:
            key: string
            name: string
            namespace: string
          usernameSecret:
            key: string
            name: string
            namespace: string
      body: string
      caBundle: c3RyaW5n
      caProvider:
        key: string
        name: string
        namespace: string
        type: "Secret" # "Secret", "ConfigMap"
      headers: {}
      method: string
      result:
        jsonPath: string
      secrets:
      - name: string
        secretRef:
          key: string
          name: string
          namespace: string
      timeout: string
      url: string
    yandexcertificatemanager:
      apiEndpoint: string
      auth:
        authorizedKeySecretRef:
          key: string
          name: string
          namespace: string
      caProvider:
        certSecretRef:
          key: string
          name: string
          namespace: string
      fetching:
        byID: {}
        byName:
          folderID: string
    yandexlockbox:
      apiEndpoint: string
      auth:
        authorizedKeySecretRef:
          key: string
          name: string
          namespace: string
      caProvider:
        certSecretRef:
          key: string
          name: string
          namespace: string
      fetching:
        byID: {}
        byName:
          folderID: string
  refreshInterval: 1
  retrySettings:
    maxRetries: 1
    retryInterval: string
status:
  capabilities: string
  conditions:
  - lastTransitionTime: 2024-10-11T12:48:44Z
    message: string
    reason: string
    status: string
    type: string