2022-11-29 19:04:46 +00:00
apiVersion : apiextensions.k8s.io/v1
kind : CustomResourceDefinition
metadata :
annotations :
2023-08-28 09:50:46 +00:00
controller-gen.kubebuilder.io/version : v0.13.0
2022-11-29 19:04:46 +00:00
name : pushsecrets.external-secrets.io
spec :
group : external-secrets.io
names :
categories :
- pushsecrets
kind : PushSecret
listKind : PushSecretList
plural : pushsecrets
singular : pushsecret
scope : Namespaced
versions :
- additionalPrinterColumns :
- jsonPath : .metadata.creationTimestamp
name : AGE
type : date
- jsonPath : .status.conditions[?(@.type=="Ready")].reason
name : Status
type : string
name : v1alpha1
schema :
openAPIV3Schema :
properties :
apiVersion :
description : 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info : https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type : string
kind :
description : 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info : https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type : string
metadata :
type : object
spec :
description : PushSecretSpec configures the behavior of the PushSecret.
properties :
data :
description : Secret Data that should be pushed to providers
items :
properties :
match :
description : Match a given Secret Key to be pushed to the provider.
properties :
remoteRef :
description : Remote Refs to push to providers.
properties :
2023-05-17 22:15:18 +00:00
property :
description : Name of the property in the resulting secret
type : string
2022-11-29 19:04:46 +00:00
remoteKey :
description : Name of the resulting provider secret.
type : string
required :
- remoteKey
type : object
secretKey :
description : Secret Key to be pushed
type : string
required :
- remoteRef
type : object
2023-08-28 21:50:21 +00:00
metadata :
description : Metadata is metadata attached to the secret. The
structure of metadata is provider specific, please look it
up in the provider documentation.
x-kubernetes-preserve-unknown-fields : true
2022-11-29 19:04:46 +00:00
required :
- match
type : object
type : array
deletionPolicy :
default : None
description : 'Deletion Policy to handle Secrets in the provider. Possible
Values : "Delete/None" . Defaults to "None".'
2023-10-30 12:30:04 +00:00
enum :
- Delete
- None
2022-11-29 19:04:46 +00:00
type : string
refreshInterval :
description : The Interval to which External Secrets will try to push
a secret definition
type : string
secretStoreRefs :
items :
properties :
kind :
default : SecretStore
description : Kind of the SecretStore resource (SecretStore or
ClusterSecretStore) Defaults to `SecretStore`
type : string
labelSelector :
description : Optionally, sync to secret stores with label selector
properties :
matchExpressions :
description : matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items :
description : A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties :
key :
description : key is the label key that the selector
applies to.
type : string
operator :
description : operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type : string
values :
description : values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items :
type : string
type : array
required :
- key
- operator
type : object
type : array
matchLabels :
additionalProperties :
type : string
description : matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key" , the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type : object
type : object
x-kubernetes-map-type : atomic
name :
description : Optionally, sync to the SecretStore of the given
name
type : string
type : object
type : array
selector :
description : The Secret Selector (k8s source) for the Push Secret
properties :
secret :
description : Select a Secret to Push.
properties :
name :
description : Name of the Secret. The Secret must exist in
the same namespace as the PushSecret manifest.
type : string
required :
- name
type : object
required :
- secret
type : object
2023-12-22 20:45:34 +00:00
template :
description : Template defines a blueprint for the created Secret resource.
properties :
data :
additionalProperties :
type : string
type : object
engineVersion :
default : v2
description : EngineVersion specifies the template engine version
that should be used to compile/execute the template specified
in .data and .templateFrom[].
enum :
- v1
- v2
type : string
mergePolicy :
default : Replace
enum :
- Replace
- Merge
type : string
metadata :
description : ExternalSecretTemplateMetadata defines metadata fields
for the Secret blueprint.
properties :
annotations :
additionalProperties :
type : string
type : object
labels :
additionalProperties :
type : string
type : object
type : object
templateFrom :
items :
properties :
configMap :
properties :
items :
items :
properties :
key :
type : string
templateAs :
default : Values
enum :
- Values
- KeysAndValues
type : string
required :
- key
type : object
type : array
name :
type : string
required :
- items
- name
type : object
literal :
type : string
secret :
properties :
items :
items :
properties :
key :
type : string
templateAs :
default : Values
enum :
- Values
- KeysAndValues
type : string
required :
- key
type : object
type : array
name :
type : string
required :
- items
- name
type : object
target :
default : Data
enum :
- Data
- Annotations
- Labels
type : string
type : object
type : array
type :
type : string
type : object
2022-11-29 19:04:46 +00:00
required :
- secretStoreRefs
- selector
type : object
status :
description : PushSecretStatus indicates the history of the status of PushSecret.
properties :
conditions :
items :
description : PushSecretStatusCondition indicates the status of the
PushSecret.
properties :
lastTransitionTime :
format : date-time
type : string
message :
type : string
reason :
type : string
status :
type : string
type :
description : PushSecretConditionType indicates the condition
of the PushSecret.
type : string
required :
- status
- type
type : object
type : array
refreshTime :
description : refreshTime is the time and date the external secret
was fetched and the target secret updated
format : date-time
nullable : true
type : string
syncedPushSecrets :
additionalProperties :
additionalProperties :
properties :
match :
description : Match a given Secret Key to be pushed to the
provider.
properties :
remoteRef :
description : Remote Refs to push to providers.
properties :
2023-05-17 22:15:18 +00:00
property :
description : Name of the property in the resulting
secret
type : string
2022-11-29 19:04:46 +00:00
remoteKey :
description : Name of the resulting provider secret.
type : string
required :
- remoteKey
type : object
secretKey :
description : Secret Key to be pushed
type : string
required :
- remoteRef
type : object
2023-08-28 21:50:21 +00:00
metadata :
description : Metadata is metadata attached to the secret.
The structure of metadata is provider specific, please look
it up in the provider documentation.
x-kubernetes-preserve-unknown-fields : true
2022-11-29 19:04:46 +00:00
required :
- match
type : object
type : object
description : Synced Push Secrets for later deletion. Matches Secret
Stores to PushSecretData that was stored to that secretStore.
type : object
syncedResourceVersion :
description : SyncedResourceVersion keeps track of the last synced
version.
type : string
type : object
type : object
served : true
storage : true
subresources :
status : {}
