helm-external-secrets/config/crds/bases/generators.external-secrets.io_mfas.yaml

apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.19.0
  labels:
    external-secrets.io/component: controller
  name: mfas.generators.external-secrets.io
spec:
  group: generators.external-secrets.io
  names:
    categories:
    - external-secrets
    - external-secrets-generators
    kind: MFA
    listKind: MFAList
    plural: mfas
    singular: mfa
  scope: Namespaced
  versions:
  - name: v1alpha1
    schema:
      openAPIV3Schema:
        description: MFA generates a new TOTP token that is compliant with RFC 6238.
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
            type: string
          metadata:
            type: object
          spec:
            description: MFASpec controls the behavior of the mfa generator.
            properties:
              algorithm:
                description: Algorithm to use for encoding. Defaults to SHA1 as per
                  the RFC.
                type: string
              length:
                description: Length defines the token length. Defaults to 6 characters.
                type: integer
              secret:
                description: Secret is a secret selector to a secret containing the
                  seed secret to generate the TOTP value from.
                properties:
                  key:
                    description: |-
                      A key in the referenced Secret.
                      Some instances of this field may be defaulted, in others it may be required.
                    maxLength: 253
                    minLength: 1
                    pattern: ^[-._a-zA-Z0-9]+$
                    type: string
                  name:
                    description: The name of the Secret resource being referred to.
                    maxLength: 253
                    minLength: 1
                    pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
                    type: string
                  namespace:
                    description: |-
                      The namespace of the Secret resource being referred to.
                      Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
                    maxLength: 63
                    minLength: 1
                    pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
                    type: string
                type: object
              timePeriod:
                description: TimePeriod defines how long the token can be active.
                  Defaults to 30 seconds.
                type: integer
              when:
                description: When defines a time parameter that can be used to pin
                  the origin time of the generated token.
                format: date-time
                type: string
            required:
            - secret
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}