mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity
external-secrets/config/crds/bases/generators.external-secrets.io_gcraccesstokens.yaml

116 lines
4.9 KiB
YAML
Raw Normal View History

Feature: initial generator implementation + Github Actions OIDC/AWS (#1539) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2022-10-29 18:15:50 +00:00
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
:broom: bump dependencies & regenerate CRDs (#1990) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com>
2023-02-07 13:08:01 +00:00
controller-gen.kubebuilder.io/version: v0.11.3
Feature: initial generator implementation + Github Actions OIDC/AWS (#1539) Signed-off-by: Moritz Johner <beller.moritz@googlemail.com> Co-authored-by: Gustavo Fernandes de Carvalho <gusfcarvalho@gmail.com>
2022-10-29 18:15:50 +00:00
creationTimestamp: null
name: gcraccesstokens.generators.external-secrets.io
spec:
group: generators.external-secrets.io
names:
categories:
- gcraccesstoken
kind: GCRAccessToken
listKind: GCRAccessTokenList
plural: gcraccesstokens
shortNames:
- gcraccesstoken
singular: gcraccesstoken
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: GCRAccessToken generates an GCP access token that can be used
to authenticate with GCR.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
auth:
description: Auth defines the means for authenticating with GCP
properties:
secretRef:
properties:
secretAccessKeySecretRef:
description: The SecretAccessKey is used for authentication
properties:
key:
description: The key of the entry in the Secret resource's
`data` field to be used. Some instances of this field
may be defaulted, in others it may be required.
type: string
name:
description: The name of the Secret resource being referred
to.
type: string
namespace:
description: Namespace of the resource being referred
to. Ignored if referent is not cluster-scoped. cluster-scoped
defaults to the namespace of the referent.
type: string
type: object
type: object
workloadIdentity:
properties:
clusterLocation:
type: string
clusterName:
type: string
clusterProjectID:
type: string
serviceAccountRef:
description: A reference to a ServiceAccount resource.
properties:
audiences:
description: Audience specifies the `aud` claim for the
service account token If the service account uses a
well-known annotation for e.g. IRSA or GCP Workload
Identity then this audiences will be appended to the
list
items:
type: string
type: array
name:
description: The name of the ServiceAccount resource being
referred to.
type: string
namespace:
description: Namespace of the resource being referred
to. Ignored if referent is not cluster-scoped. cluster-scoped
defaults to the namespace of the referent.
type: string
required:
- name
type: object
required:
- clusterLocation
- clusterName
- serviceAccountRef
type: object
type: object
projectID:
description: ProjectID defines which project to use to authenticate
with
type: string
required:
- auth
- projectID
type: object
type: object
served: true
storage: true
subresources:
status: {}
Copy permalink