1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00

feat: add CRD validation for resource name/key fields (#4104)

* Add CRD validation for name/key fields

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>

* add output of check-diff

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Mathew Wicks <5735406+thesuperzapper@users.noreply.github.com>
Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Co-authored-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
This commit is contained in:
Mathew Wicks 2024-11-28 07:53:07 -08:00 committed by GitHub
parent 08566af7c1
commit 1be7daedbc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
27 changed files with 8515 additions and 2470 deletions

View file

@ -22,11 +22,15 @@ import (
// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data.
type SecretStoreRef struct {
// Name of the SecretStore resource
Name string `json:"name"`
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
// Defaults to `SecretStore`
// +optional
// +kubebuilder:validation:Enum=SecretStore;ClusterSecretStore
Kind string `json:"kind,omitempty"`
}
@ -92,25 +96,37 @@ type TemplateFrom struct {
}
type TemplateRef struct {
Name string `json:"name"`
// The name of the ConfigMap/Secret resource
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// A list of keys in the ConfigMap/Secret to use as templates for Secret data
Items []TemplateRefItem `json:"items"`
}
type TemplateRefItem struct {
// A key in the ConfigMap/Secret
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key"`
}
// ExternalSecretTarget defines the Kubernetes Secret to be created
// There can be only one target per ExternalSecret.
type ExternalSecretTarget struct {
// Name defines the name of the Secret resource to be managed
// This field is immutable
// The name of the Secret resource to be managed.
// Defaults to the .metadata.name of the ExternalSecret resource
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// CreationPolicy defines rules on how to create the resulting Secret
// Defaults to 'Owner'
// CreationPolicy defines rules on how to create the resulting Secret.
// Defaults to "Owner"
// +optional
// +kubebuilder:default="Owner"
CreationPolicy ExternalSecretCreationPolicy `json:"creationPolicy,omitempty"`
@ -126,6 +142,10 @@ type ExternalSecretTarget struct {
// ExternalSecretData defines the connection between the Kubernetes Secret key (spec.data.<key>) and the Provider data.
type ExternalSecretData struct {
// The key in the Kubernetes Secret to store the value.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
SecretKey string `json:"secretKey"`
RemoteRef ExternalSecretDataRemoteRef `json:"remoteRef"`
@ -140,11 +160,12 @@ type ExternalSecretDataRemoteRef struct {
// +optional
Version string `json:"version,omitempty"`
// +optional
// Used to select a specific property of the Provider value (if a map), if supported
Property string `json:"property,omitempty"`
// +optional
Property string `json:"property,omitempty"`
// Used to define a conversion Strategy
// +optional
// +kubebuilder:default="Default"
ConversionStrategy ExternalSecretConversionStrategy `json:"conversionStrategy,omitempty"`
}

View file

@ -30,14 +30,19 @@ const (
type PushSecretStoreRef struct {
// Optionally, sync to the SecretStore of the given name
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// Optionally, sync to secret stores with label selector
// +optional
LabelSelector *metav1.LabelSelector `json:"labelSelector,omitempty"`
// Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
// Defaults to `SecretStore`
// +kubebuilder:default="SecretStore"
// +optional
// +kubebuilder:default="SecretStore"
// +kubebuilder:validation:Enum=SecretStore;ClusterSecretStore
Kind string `json:"kind,omitempty"`
}
@ -68,27 +73,37 @@ const (
// PushSecretSpec configures the behavior of the PushSecret.
type PushSecretSpec struct {
// The Interval to which External Secrets will try to push a secret definition
RefreshInterval *metav1.Duration `json:"refreshInterval,omitempty"`
RefreshInterval *metav1.Duration `json:"refreshInterval,omitempty"`
SecretStoreRefs []PushSecretStoreRef `json:"secretStoreRefs"`
// UpdatePolicy to handle Secrets in the provider. Possible Values: "Replace/IfNotExists". Defaults to "Replace".
// UpdatePolicy to handle Secrets in the provider.
// +kubebuilder:default="Replace"
// +optional
UpdatePolicy PushSecretUpdatePolicy `json:"updatePolicy,omitempty"`
// Deletion Policy to handle Secrets in the provider. Possible Values: "Delete/None". Defaults to "None".
// Deletion Policy to handle Secrets in the provider.
// +kubebuilder:default="None"
// +optional
DeletionPolicy PushSecretDeletionPolicy `json:"deletionPolicy,omitempty"`
// The Secret Selector (k8s source) for the Push Secret
Selector PushSecretSelector `json:"selector"`
// Secret Data that should be pushed to providers
Data []PushSecretData `json:"data,omitempty"`
// Template defines a blueprint for the created Secret resource.
// +optional
Template *esv1beta1.ExternalSecretTemplate `json:"template,omitempty"`
}
type PushSecretSecret struct {
// Name of the Secret. The Secret must exist in the same namespace as the PushSecret manifest.
// Name of the Secret.
// The Secret must exist in the same namespace as the PushSecret manifest.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
}

View file

@ -50,8 +50,11 @@ type KubernetesProvider struct {
Auth KubernetesAuth `json:"auth"`
// Remote namespace to fetch the secrets from
// +kubebuilder:default= default
// +optional
// +kubebuilder:default=default
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
RemoteNamespace string `json:"remoteNamespace,omitempty"`
}

View file

@ -39,14 +39,23 @@ type CAProvider struct {
Type CAProviderType `json:"type"`
// The name of the object located at the provider type.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// The key the value inside of the provider type to use, only used with "Secret" type
// The key where the CA certificate can be found in the Secret or ConfigMap.
// +kubebuilder:validation:Optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
// The namespace the Provider type is in.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
}

View file

@ -75,14 +75,23 @@ type WebhookCAProvider struct {
Type WebhookCAProviderType `json:"type"`
// The name of the object located at the provider type.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// The key the value inside of the provider type to use, only used with "Secret" type
// The key where the CA certificate can be found in the Secret or ConfigMap.
// +kubebuilder:validation:Optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
// The namespace the Provider type is in.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
}

View file

@ -24,8 +24,12 @@ type ClusterExternalSecretSpec struct {
// The spec for the ExternalSecrets to be created
ExternalSecretSpec ExternalSecretSpec `json:"externalSecretSpec"`
// The name of the external secrets to be created defaults to the name of the ClusterExternalSecret
// The name of the external secrets to be created.
// Defaults to the name of the ClusterExternalSecret
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
ExternalSecretName string `json:"externalSecretName,omitempty"`
// The metadata of the external secrets to be created
@ -43,6 +47,9 @@ type ClusterExternalSecretSpec struct {
// Choose namespaces by name. This field is ORed with anything that NamespaceSelectors ends up choosing.
// +optional
// +kubebuilder:validation:items:MinLength:=1
// +kubebuilder:validation:items:MaxLength:=63
// +kubebuilder:validation:items:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespaces []string `json:"namespaces,omitempty"`
// The time in which the controller should reconcile its objects and recheck namespaces for labels.

View file

@ -22,11 +22,15 @@ import (
// SecretStoreRef defines which SecretStore to fetch the ExternalSecret data.
type SecretStoreRef struct {
// Name of the SecretStore resource
Name string `json:"name"`
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
// Defaults to `SecretStore`
// +optional
// +kubebuilder:validation:Enum=SecretStore;ClusterSecretStore
Kind string `json:"kind,omitempty"`
}
@ -92,12 +96,16 @@ type ExternalSecretTemplate struct {
// template specified in .data and .templateFrom[].
// +kubebuilder:default="v2"
EngineVersion TemplateEngineVersion `json:"engineVersion,omitempty"`
// +optional
Metadata ExternalSecretTemplateMetadata `json:"metadata,omitempty"`
// +kubebuilder:default="Replace"
MergePolicy TemplateMergePolicy `json:"mergePolicy,omitempty"`
// +optional
Data map[string]string `json:"data,omitempty"`
// +optional
TemplateFrom []TemplateFrom `json:"templateFrom,omitempty"`
}
@ -121,10 +129,11 @@ const (
type TemplateFrom struct {
ConfigMap *TemplateRef `json:"configMap,omitempty"`
Secret *TemplateRef `json:"secret,omitempty"`
// +optional
// +optional
// +kubebuilder:default="Data"
Target TemplateTarget `json:"target,omitempty"`
// +optional
Literal *string `json:"literal,omitempty"`
}
@ -147,12 +156,23 @@ const (
)
type TemplateRef struct {
Name string `json:"name"`
// The name of the ConfigMap/Secret resource
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// A list of keys in the ConfigMap/Secret to use as templates for Secret data
Items []TemplateRefItem `json:"items"`
}
type TemplateRefItem struct {
// A key in the ConfigMap/Secret
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key"`
// +kubebuilder:default="Values"
TemplateAs TemplateScope `json:"templateAs,omitempty"`
}
@ -160,22 +180,26 @@ type TemplateRefItem struct {
// ExternalSecretTarget defines the Kubernetes Secret to be created
// There can be only one target per ExternalSecret.
type ExternalSecretTarget struct {
// Name defines the name of the Secret resource to be managed
// This field is immutable
// The name of the Secret resource to be managed.
// Defaults to the .metadata.name of the ExternalSecret resource
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// CreationPolicy defines rules on how to create the resulting Secret
// Defaults to 'Owner'
// CreationPolicy defines rules on how to create the resulting Secret.
// Defaults to "Owner"
// +optional
// +kubebuilder:default="Owner"
CreationPolicy ExternalSecretCreationPolicy `json:"creationPolicy,omitempty"`
// DeletionPolicy defines rules on how to delete the resulting Secret
// Defaults to 'Retain'
// DeletionPolicy defines rules on how to delete the resulting Secret.
// Defaults to "Retain"
// +optional
// +kubebuilder:default="Retain"
DeletionPolicy ExternalSecretDeletionPolicy `json:"deletionPolicy,omitempty"`
// Template defines a blueprint for the created Secret resource.
// +optional
Template *ExternalSecretTemplate `json:"template,omitempty"`
@ -187,8 +211,10 @@ type ExternalSecretTarget struct {
// ExternalSecretData defines the connection between the Kubernetes Secret key (spec.data.<key>) and the Provider data.
type ExternalSecretData struct {
// SecretKey defines the key in which the controller stores
// the value. This is the key in the Kind=Secret
// The key in the Kubernetes Secret to store the value.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
SecretKey string `json:"secretKey"`
// RemoteRef points to the remote secret and defines
@ -196,7 +222,7 @@ type ExternalSecretData struct {
RemoteRef ExternalSecretDataRemoteRef `json:"remoteRef"`
// SourceRef allows you to override the source
// from which the value will pulled from.
// from which the value will be pulled.
SourceRef *StoreSourceRef `json:"sourceRef,omitempty"`
}
@ -338,6 +364,7 @@ type FindName struct {
type ExternalSecretSpec struct {
// +optional
SecretStoreRef SecretStoreRef `json:"secretStoreRef,omitempty"`
// +kubebuilder:default={creationPolicy:Owner,deletionPolicy:Retain}
// +optional
Target ExternalSecretTarget `json:"target,omitempty"`
@ -395,7 +422,11 @@ type GeneratorRef struct {
APIVersion string `json:"apiVersion,omitempty"`
// Specify the Kind of the resource, e.g. Password, ACRAccessToken, ClusterGenerator etc.
Kind string `json:"kind"`
// Specify the name of the generator resource
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
}

View file

@ -49,8 +49,11 @@ type KubernetesProvider struct {
AuthRef *esmeta.SecretKeySelector `json:"authRef,omitempty"`
// Remote namespace to fetch the secrets from
// +kubebuilder:default= default
// +optional
// +kubebuilder:default=default
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
RemoteNamespace string `json:"remoteNamespace,omitempty"`
}

View file

@ -51,6 +51,9 @@ type ClusterSecretStoreCondition struct {
// Choose namespaces by name
// +optional
// +kubebuilder:validation:items:MinLength:=1
// +kubebuilder:validation:items:MaxLength:=63
// +kubebuilder:validation:items:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespaces []string `json:"namespaces,omitempty"`
// Choose namespaces by using regex matching
@ -211,15 +214,24 @@ type CAProvider struct {
Type CAProviderType `json:"type"`
// The name of the object located at the provider type.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// The key where the CA certificate can be found in the Secret or ConfigMap.
// +kubebuilder:validation:Optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
// The namespace the Provider type is in.
// Can only be defined when used in a ClusterSecretStore.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
}

View file

@ -75,14 +75,23 @@ type WebhookCAProvider struct {
Type WebhookCAProviderType `json:"type"`
// The name of the object located at the provider type.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// The key the value inside of the provider type to use, only used with "Secret" type
// The key where the CA certificate can be found in the Secret or ConfigMap.
// +kubebuilder:validation:Optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
// The namespace the Provider type is in.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
}

View file

@ -73,14 +73,23 @@ type WebhookCAProvider struct {
Type WebhookCAProviderType `json:"type"`
// The name of the object located at the provider type.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// The key the value inside of the provider type to use, only used with "Secret" type
// The key where the CA certificate can be found in the Secret or ConfigMap.
// +kubebuilder:validation:Optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
// The namespace the Provider type is in.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
}
@ -100,8 +109,15 @@ type WebhookSecret struct {
type SecretKeySelector struct {
// The name of the Secret resource being referred to.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// The key where the token is found.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
}

View file

@ -14,29 +14,48 @@ limitations under the License.
package v1
// A reference to a specific 'key' within a Secret resource,
// A reference to a specific 'key' within a Secret resource.
// In some instances, `key` is a required field.
type SecretKeySelector struct {
// The name of the Secret resource being referred to.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name,omitempty"`
// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
// to the namespace of the referent.
// The namespace of the Secret resource being referred to.
// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
// defaulted, in others it may be required.
// A key in the referenced Secret.
// Some instances of this field may be defaulted, in others it may be required.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[-._a-zA-Z0-9]+$
Key string `json:"key,omitempty"`
}
// A reference to a ServiceAccount resource.
type ServiceAccountSelector struct {
// The name of the ServiceAccount resource being referred to.
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=253
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
Name string `json:"name"`
// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
// to the namespace of the referent.
// Namespace of the resource being referred to.
// Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
// +optional
// +kubebuilder:validation:MinLength:=1
// +kubebuilder:validation:MaxLength:=63
// +kubebuilder:validation:Pattern:=^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
Namespace *string `json:"namespace,omitempty"`
// Audience specifies the `aud` claim for the service account token
// If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
// then this audiences will be appended to the list

View file

@ -68,8 +68,12 @@ spec:
type: object
type: object
externalSecretName:
description: The name of the external secrets to be created defaults
to the name of the ClusterExternalSecret
description: |-
The name of the external secrets to be created.
Defaults to the name of the ClusterExternalSecret
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
externalSecretSpec:
description: The spec for the ExternalSecrets to be created
@ -127,14 +131,16 @@ spec:
- key
type: object
secretKey:
description: |-
SecretKey defines the key in which the controller stores
the value. This is the key in the Kind=Secret
description: The key in the Kubernetes Secret to store the
value.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
sourceRef:
description: |-
SourceRef allows you to override the source
from which the value will pulled from.
from which the value will be pulled.
maxProperties: 1
properties:
generatorRef:
@ -155,6 +161,9 @@ spec:
type: string
name:
description: Specify the name of the generator resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- kind
@ -168,12 +177,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
type: object
required:
@ -331,6 +344,9 @@ spec:
type: string
name:
description: Specify the name of the generator resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- kind
@ -344,12 +360,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
type: object
type: object
@ -371,12 +391,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
target:
default:
@ -389,8 +413,8 @@ spec:
creationPolicy:
default: Owner
description: |-
CreationPolicy defines rules on how to create the resulting Secret
Defaults to 'Owner'
CreationPolicy defines rules on how to create the resulting Secret.
Defaults to "Owner"
enum:
- Owner
- Orphan
@ -400,8 +424,8 @@ spec:
deletionPolicy:
default: Retain
description: |-
DeletionPolicy defines rules on how to delete the resulting Secret
Defaults to 'Retain'
DeletionPolicy defines rules on how to delete the resulting Secret.
Defaults to "Retain"
enum:
- Delete
- Merge
@ -413,9 +437,11 @@ spec:
type: boolean
name:
description: |-
Name defines the name of the Secret resource to be managed
This field is immutable
The name of the Secret resource to be managed.
Defaults to the .metadata.name of the ExternalSecret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
template:
description: Template defines a blueprint for the created
@ -460,9 +486,15 @@ spec:
configMap:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
templateAs:
default: Values
@ -475,6 +507,11 @@ spec:
type: object
type: array
name:
description: The name of the ConfigMap/Secret
resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -485,9 +522,15 @@ spec:
secret:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
templateAs:
default: Values
@ -500,6 +543,11 @@ spec:
type: object
type: array
name:
description: The name of the ConfigMap/Secret
resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -624,6 +672,9 @@ spec:
description: Choose namespaces by name. This field is ORed with anything
that NamespaceSelectors ends up choosing.
items:
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: array
refreshTime:

File diff suppressed because it is too large Load diff

View file

@ -88,6 +88,10 @@ spec:
- key
type: object
secretKey:
description: The key in the Kubernetes Secret to store the value.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
required:
- remoteRef
@ -138,12 +142,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
target:
description: |-
@ -153,8 +161,8 @@ spec:
creationPolicy:
default: Owner
description: |-
CreationPolicy defines rules on how to create the resulting Secret
Defaults to 'Owner'
CreationPolicy defines rules on how to create the resulting Secret.
Defaults to "Owner"
enum:
- Owner
- Merge
@ -165,9 +173,11 @@ spec:
type: boolean
name:
description: |-
Name defines the name of the Secret resource to be managed
This field is immutable
The name of the Secret resource to be managed.
Defaults to the .metadata.name of the ExternalSecret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
template:
description: Template defines a blueprint for the created Secret
@ -208,15 +218,25 @@ spec:
configMap:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
required:
- key
type: object
type: array
name:
description: The name of the ConfigMap/Secret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -225,15 +245,25 @@ spec:
secret:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
required:
- key
type: object
type: array
name:
description: The name of the ConfigMap/Secret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -392,14 +422,15 @@ spec:
- key
type: object
secretKey:
description: |-
SecretKey defines the key in which the controller stores
the value. This is the key in the Kind=Secret
description: The key in the Kubernetes Secret to store the value.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
sourceRef:
description: |-
SourceRef allows you to override the source
from which the value will pulled from.
from which the value will be pulled.
maxProperties: 1
properties:
generatorRef:
@ -420,6 +451,9 @@ spec:
type: string
name:
description: Specify the name of the generator resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- kind
@ -433,12 +467,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
type: object
required:
@ -595,6 +633,9 @@ spec:
type: string
name:
description: Specify the name of the generator resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- kind
@ -608,12 +649,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
type: object
type: object
@ -635,12 +680,16 @@ spec:
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
enum:
- SecretStore
- ClusterSecretStore
type: string
name:
description: Name of the SecretStore resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
type: object
target:
default:
@ -653,8 +702,8 @@ spec:
creationPolicy:
default: Owner
description: |-
CreationPolicy defines rules on how to create the resulting Secret
Defaults to 'Owner'
CreationPolicy defines rules on how to create the resulting Secret.
Defaults to "Owner"
enum:
- Owner
- Orphan
@ -664,8 +713,8 @@ spec:
deletionPolicy:
default: Retain
description: |-
DeletionPolicy defines rules on how to delete the resulting Secret
Defaults to 'Retain'
DeletionPolicy defines rules on how to delete the resulting Secret.
Defaults to "Retain"
enum:
- Delete
- Merge
@ -676,9 +725,11 @@ spec:
type: boolean
name:
description: |-
Name defines the name of the Secret resource to be managed
This field is immutable
The name of the Secret resource to be managed.
Defaults to the .metadata.name of the ExternalSecret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
template:
description: Template defines a blueprint for the created Secret
@ -723,9 +774,15 @@ spec:
configMap:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
templateAs:
default: Values
@ -738,6 +795,10 @@ spec:
type: object
type: array
name:
description: The name of the ConfigMap/Secret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -748,9 +809,15 @@ spec:
secret:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
templateAs:
default: Values
@ -763,6 +830,10 @@ spec:
type: object
type: array
name:
description: The name of the ConfigMap/Secret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items

View file

@ -92,8 +92,7 @@ spec:
type: array
deletionPolicy:
default: None
description: 'Deletion Policy to handle Secrets in the provider. Possible
Values: "Delete/None". Defaults to "None".'
description: Deletion Policy to handle Secrets in the provider.
enum:
- Delete
- None
@ -107,9 +106,11 @@ spec:
properties:
kind:
default: SecretStore
description: |-
Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
description: Kind of the SecretStore resource (SecretStore or
ClusterSecretStore)
enum:
- SecretStore
- ClusterSecretStore
type: string
labelSelector:
description: Optionally, sync to secret stores with label selector
@ -160,6 +161,9 @@ spec:
name:
description: Optionally, sync to the SecretStore of the given
name
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
type: object
type: array
@ -181,6 +185,9 @@ spec:
type: string
name:
description: Specify the name of the generator resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- kind
@ -190,8 +197,12 @@ spec:
description: Select a Secret to Push.
properties:
name:
description: Name of the Secret. The Secret must exist in
the same namespace as the PushSecret manifest.
description: |-
Name of the Secret.
The Secret must exist in the same namespace as the PushSecret manifest.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- name
@ -239,9 +250,15 @@ spec:
configMap:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
templateAs:
default: Values
@ -254,6 +271,10 @@ spec:
type: object
type: array
name:
description: The name of the ConfigMap/Secret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -264,9 +285,15 @@ spec:
secret:
properties:
items:
description: A list of keys in the ConfigMap/Secret
to use as templates for Secret data
items:
properties:
key:
description: A key in the ConfigMap/Secret
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
templateAs:
default: Values
@ -279,6 +306,10 @@ spec:
type: object
type: array
name:
description: The name of the ConfigMap/Secret resource
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
required:
- items
@ -298,8 +329,7 @@ spec:
type: object
updatePolicy:
default: Replace
description: 'UpdatePolicy to handle Secrets in the provider. Possible
Values: "Replace/IfNotExists". Defaults to "Replace".'
description: UpdatePolicy to handle Secrets in the provider.
enum:
- Replace
- IfNotExists

File diff suppressed because it is too large Load diff

View file

@ -82,17 +82,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
clientSecret:
@ -101,17 +110,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -138,11 +156,17 @@ spec:
name:
description: The name of the ServiceAccount resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name

View file

@ -79,17 +79,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
clientSecret:
@ -98,17 +107,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -135,11 +153,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -207,11 +231,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -227,17 +257,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretAccessKeySecretRef:
@ -245,17 +284,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
sessionTokenSecretRef:
@ -266,17 +314,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -321,17 +378,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -357,11 +423,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -392,22 +464,31 @@ spec:
properties:
secretRef:
description: |-
A reference to a specific 'key' within a Secret resource,
A reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
@ -501,11 +582,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -521,17 +608,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretAccessKeySecretRef:
@ -539,17 +635,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
sessionTokenSecretRef:
@ -560,17 +665,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -661,17 +775,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretRef:
@ -683,17 +806,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
@ -712,17 +844,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretRef:
@ -732,17 +873,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -774,11 +924,17 @@ spec:
name:
description: The name of the ServiceAccount
resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -803,17 +959,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretAccessKeySecretRef:
@ -822,17 +987,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
sessionTokenSecretRef:
@ -843,17 +1017,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -915,11 +1098,17 @@ spec:
name:
description: The name of the ServiceAccount
resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -945,17 +1134,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
@ -986,17 +1184,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
serviceAccountRef:
@ -1017,11 +1224,17 @@ spec:
name:
description: The name of the ServiceAccount
resource being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -1049,17 +1262,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
username:
@ -1085,17 +1307,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
userPass:
@ -1116,17 +1347,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
username:
@ -1154,15 +1394,24 @@ spec:
key:
description: The key where the CA certificate can
be found in the Secret or ConfigMap.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the object located at the
provider type.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
The namespace the Provider type is in.
Can only be defined when used in a ClusterSecretStore.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type:
description: The type of provider to use such as "Secret",
@ -1227,17 +1476,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
keySecretRef:
@ -1248,17 +1506,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -1321,15 +1588,24 @@ spec:
webhook server certificate.
properties:
key:
description: The key the value inside of the provider
type to use, only used with "Secret" type
description: The key where the CA certificate can be found
in the Secret or ConfigMap.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the object located at the provider
type.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: The namespace the Provider type is in.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type:
description: The type of provider to use such as "Secret",
@ -1371,10 +1647,16 @@ spec:
properties:
key:
description: The key where the token is found.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
type: object
required:

View file

@ -70,11 +70,17 @@ spec:
name:
description: The name of the ServiceAccount resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -90,17 +96,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretAccessKeySecretRef:
@ -108,17 +123,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
sessionTokenSecretRef:
@ -129,17 +153,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object

View file

@ -56,17 +56,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -92,11 +101,17 @@ spec:
name:
description: The name of the ServiceAccount resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name

View file

@ -53,22 +53,31 @@ spec:
properties:
secretRef:
description: |-
A reference to a specific 'key' within a Secret resource,
A reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:

View file

@ -68,11 +68,17 @@ spec:
name:
description: The name of the ServiceAccount resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -88,17 +94,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretAccessKeySecretRef:
@ -106,17 +121,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
sessionTokenSecretRef:
@ -127,17 +151,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object

View file

@ -89,17 +89,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretRef:
@ -111,17 +120,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
@ -140,17 +158,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretRef:
@ -160,17 +187,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -199,11 +235,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -228,17 +270,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
secretAccessKeySecretRef:
@ -246,17 +297,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
sessionTokenSecretRef:
@ -267,17 +327,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object
@ -338,11 +407,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -368,17 +443,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
required:
@ -409,17 +493,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
serviceAccountRef:
@ -440,11 +533,17 @@ spec:
name:
description: The name of the ServiceAccount resource
being referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
Namespace of the resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- name
@ -472,17 +571,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
username:
@ -508,17 +616,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
userPass:
@ -539,17 +656,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being
referred to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
username:
@ -577,15 +703,24 @@ spec:
key:
description: The key where the CA certificate can be found
in the Secret or ConfigMap.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the object located at the provider
type.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
The namespace the Provider type is in.
Can only be defined when used in a ClusterSecretStore.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type:
description: The type of provider to use such as "Secret",
@ -650,17 +785,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
keySecretRef:
@ -671,17 +815,26 @@ spec:
properties:
key:
description: |-
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
defaulted, in others it may be required.
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: |-
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
to the namespace of the referent.
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type: object
type: object

View file

@ -67,14 +67,23 @@ spec:
server certificate.
properties:
key:
description: The key the value inside of the provider type to
use, only used with "Secret" type
description: The key where the CA certificate can be found in
the Secret or ConfigMap.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the object located at the provider type.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
namespace:
description: The namespace the Provider type is in.
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
type:
description: The type of provider to use such as "Secret", or
@ -116,10 +125,16 @@ spec:
properties:
key:
description: The key where the token is found.
maxLength: 253
minLength: 1
pattern: ^[-._a-zA-Z0-9]+$
type: string
name:
description: The name of the Secret resource being referred
to.
maxLength: 253
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
type: object
required:

File diff suppressed because it is too large Load diff

View file

@ -1747,7 +1747,8 @@ string
</td>
<td>
<em>(Optional)</em>
<p>The name of the external secrets to be created defaults to the name of the ClusterExternalSecret</p>
<p>The name of the external secrets to be created.
Defaults to the name of the ClusterExternalSecret</p>
</td>
</tr>
<tr>
@ -1935,7 +1936,8 @@ string
</td>
<td>
<em>(Optional)</em>
<p>The name of the external secrets to be created defaults to the name of the ClusterExternalSecret</p>
<p>The name of the external secrets to be created.
Defaults to the name of the ClusterExternalSecret</p>
</td>
</tr>
<tr>
@ -3156,8 +3158,7 @@ string
</em>
</td>
<td>
<p>SecretKey defines the key in which the controller stores
the value. This is the key in the Kind=Secret</p>
<p>The key in the Kubernetes Secret to store the value.</p>
</td>
</tr>
<tr>
@ -3185,7 +3186,7 @@ StoreSourceRef
</td>
<td>
<p>SourceRef allows you to override the source
from which the value will pulled from.</p>
from which the value will be pulled.</p>
</td>
</tr>
</tbody>
@ -3958,8 +3959,7 @@ string
</td>
<td>
<em>(Optional)</em>
<p>Name defines the name of the Secret resource to be managed
This field is immutable
<p>The name of the Secret resource to be managed.
Defaults to the .metadata.name of the ExternalSecret resource</p>
</td>
</tr>
@ -3974,8 +3974,8 @@ ExternalSecretCreationPolicy
</td>
<td>
<em>(Optional)</em>
<p>CreationPolicy defines rules on how to create the resulting Secret
Defaults to &lsquo;Owner&rsquo;</p>
<p>CreationPolicy defines rules on how to create the resulting Secret.
Defaults to &ldquo;Owner&rdquo;</p>
</td>
</tr>
<tr>
@ -3989,8 +3989,8 @@ ExternalSecretDeletionPolicy
</td>
<td>
<em>(Optional)</em>
<p>DeletionPolicy defines rules on how to delete the resulting Secret
Defaults to &lsquo;Retain&rsquo;</p>
<p>DeletionPolicy defines rules on how to delete the resulting Secret.
Defaults to &ldquo;Retain&rdquo;</p>
</td>
</tr>
<tr>
@ -7827,6 +7827,7 @@ string
</em>
</td>
<td>
<p>The name of the ConfigMap/Secret resource</p>
</td>
</tr>
<tr>
@ -7839,6 +7840,7 @@ string
</em>
</td>
<td>
<p>A list of keys in the ConfigMap/Secret to use as templates for Secret data</p>
</td>
</tr>
</tbody>
@ -7867,6 +7869,7 @@ string
</em>
</td>
<td>
<p>A key in the ConfigMap/Secret</p>
</td>
</tr>
<tr>
@ -9187,7 +9190,7 @@ string
</em>
</td>
<td>
<p>The key the value inside of the provider type to use, only used with &ldquo;Secret&rdquo; type</p>
<p>The key where the CA certificate can be found in the Secret or ConfigMap.</p>
</td>
</tr>
<tr>