mirrors/external-secrets
1
0
Fork 0
mirror of https://github.com/external-secrets/external-secrets.git synced 2024-12-14 11:57:59 +00:00
Code Activity

Merge pull request #4 from external-secrets/change-crd-subdomain

Browse source 
Change CRD subdomain from external-secerets.x-k8s.io to external-secrets.io
This commit is contained in:
Jonatas Baldin 2020-12-01 15:27:26 +01:00 committed by GitHub
commit 8deaa8471a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
21 changed files with 331 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
PROJECT
View file

@ -1,4 +1,4 @@
domain: x-k8s.io domain: io
repo: github.com/external-secrets/external-secrets repo: github.com/external-secrets/external-secrets
resources: resources:
- group: external-secrets - group: external-secrets

4
api/v1alpha1/groupversion_info.go
View file

@ -16,7 +16,7 @@ limitations under the License.
// Package v1alpha1 contains API Schema definitions for the external-secrets v1alpha1 API group // Package v1alpha1 contains API Schema definitions for the external-secrets v1alpha1 API group
// +kubebuilder:object:generate=true // +kubebuilder:object:generate=true
// +groupName=external-secrets.x-k8s.io // +groupName=external-secrets.io
package v1alpha1 package v1alpha1
import ( import (
@ -26,7 +26,7 @@ import (
var ( var (
// GroupVersion is group version used to register these objects // GroupVersion is group version used to register these objects
GroupVersion = schema.GroupVersion{Group: "external-secrets.x-k8s.io", Version: "v1alpha1"} GroupVersion = schema.GroupVersion{Group: "external-secrets.io", Version: "v1alpha1"}
// SchemeBuilder is used to add go types to the GroupVersionKind scheme // SchemeBuilder is used to add go types to the GroupVersionKind scheme
SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

169
config/crd/bases/external-secrets.io_externalsecrets.yaml Normal file
View file

@ -0,0 +1,169 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: externalsecrets.external-secrets.io
spec:
group: external-secrets.io
names:
kind: ExternalSecret
listKind: ExternalSecretList
plural: externalsecrets
singular: externalsecret
scope: Namespaced
validation:
openAPIV3Schema:
description: ExternalSecret is the Schema for the externalsecrets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ExternalSecretSpec defines the desired state of ExternalSecret
properties:
data:
description: Data defines the connection between the Kubernetes Secret
keys and the Provider data
items:
description: ExternalSecretData defines the connection between the
Kubernetes Secret key (spec.data.<key>) and the Provider data
properties:
remoteRef:
description: ExternalSecretDataRemoteRef defines Provider data
location
properties:
key:
description: Key is the key used in the Provider, mandatory
type: string
property:
description: Used to select a specific property of the Provider
value (if a map), if supported
type: string
version:
description: Used to select a specific version of the Provider
value, if supported
type: string
required:
- key
type: object
secretKey:
type: string
required:
- remoteRef
- secretKey
type: object
type: array
dataFrom:
description: DataFrom is used to fetch all properties from a specific
Provider data If multiple entries are specified, the Secret keys are
merged in the specified order
items:
description: ExternalSecretDataRemoteRef defines Provider data location
properties:
key:
description: Key is the key used in the Provider, mandatory
type: string
property:
description: Used to select a specific property of the Provider
value (if a map), if supported
type: string
version:
description: Used to select a specific version of the Provider
value, if supported
type: string
required:
- key
type: object
type: array
refreshInterval:
description: 'RefreshInterval is the amount of time before the values
reading again from the SecretStore provider Valid time units are "ns",
"us" (or "µs"), "ms", "s", "m", "h" (from time.ParseDuration) May
be set to zero to fetch and create it once TODO: Default to some value?'
type: string
secretStoreRef:
description: SecretStoreRef defines which SecretStore to fetch the ExternalSecret
data
properties:
kind:
description: Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
Defaults to `SecretStore`
type: string
name:
description: Name of the SecretStore resource
type: string
required:
- name
type: object
target:
description: ExternalSecretTarget defines the Kubernetes Secret to be
created There can be only one target per ExternalSecret
properties:
creationPolicy:
description: CreationPolicy defines rules on how to create the resulting
Secret Defaults to 'Owner'
type: string
name:
description: Name defines the name of the Secret resource to be
managed This field is immutable Defaults to the .metadata.name
of the ExternalSecret resource
type: string
type: object
required:
- secretStoreRef
- target
type: object
status:
properties:
conditions:
items:
properties:
lastSyncTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
type: string
required:
- status
- type
type: object
type: array
phase:
description: ExternalSecretStatusPhase represents the current phase
of the Secret sync
type: string
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

130
config/crd/bases/external-secrets.io_secretstores.yaml Normal file
View file

@ -0,0 +1,130 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: secretstores.external-secrets.io
spec:
group: external-secrets.io
names:
kind: SecretStore
listKind: SecretStoreList
plural: secretstores
singular: secretstore
scope: Namespaced
validation:
openAPIV3Schema:
description: SecretStore is the Schema for the secretstores API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: SecretStoreSpec defines the desired state of SecretStore
properties:
awssm:
description: AWSSM configures this store to sync secrets using AWS Secret
Manager provider
properties:
auth:
description: Auth defines the information necessary to authenticate
against AWS
properties:
secretRef:
properties:
accessKeyIDSecretRef:
description: The AccessKeyID is used for authentication
properties:
key:
type: string
name:
type: string
namespace:
type: string
required:
- key
- name
type: object
secretAccessKeySecretRef:
description: The SecretAccessKey is used for authentication
properties:
key:
type: string
name:
type: string
namespace:
type: string
required:
- key
- name
type: object
type: object
required:
- secretRef
type: object
region:
description: AWS Region to be used for the provider
type: string
role:
description: Role is a Role ARN which the SecretManager provider
will assume
type: string
required:
- auth
- region
type: object
controller:
description: 'Used to select the correct KES controller (think: ingress.ingressClassName)
The KES controller is instantiated with a specific controller name
and filters ES based on this property'
type: string
type: object
status:
description: SecretStoreStatus defines the observed state of the SecretStore
properties:
conditions:
items:
properties:
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
type: string
required:
- status
- type
type: object
type: array
phase:
type: string
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

4
config/crd/bases/external-secrets.x-k8s.io_externalsecrets.yaml
View file

@ -6,9 +6,9 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.2.5 controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null creationTimestamp: null
name: externalsecrets.external-secrets.x-k8s.io name: externalsecrets.external-secrets.io
spec: spec:
group: external-secrets.x-k8s.io group: external-secrets.io
names: names:
kind: ExternalSecret kind: ExternalSecret
listKind: ExternalSecretList listKind: ExternalSecretList

4
config/crd/bases/external-secrets.x-k8s.io_secretstores.yaml
View file

@ -6,9 +6,9 @@ metadata:
annotations: annotations:
controller-gen.kubebuilder.io/version: v0.2.5 controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null creationTimestamp: null
name: secretstores.external-secrets.x-k8s.io name: secretstores.external-secrets.io
spec: spec:
group: external-secrets.x-k8s.io group: external-secrets.io
names: names:
kind: SecretStore kind: SecretStore
listKind: SecretStoreList listKind: SecretStoreList

4
config/crd/kustomization.yaml
View file

@ -2,8 +2,8 @@
# since it depends on service name and namespace that are out of this kustomize package. # since it depends on service name and namespace that are out of this kustomize package.
# It should be run by config/default # It should be run by config/default
resources: resources:
- bases/external-secrets.x-k8s.io_secretstores.yaml - bases/external-secrets.io_secretstores.yaml
- bases/external-secrets.x-k8s.io_externalsecrets.yaml - bases/external-secrets.io_externalsecrets.yaml
# +kubebuilder:scaffold:crdkustomizeresource # +kubebuilder:scaffold:crdkustomizeresource
patchesStrategicMerge: patchesStrategicMerge:

2
config/crd/patches/cainjection_in_externalsecrets.yaml
View file

@ -5,4 +5,4 @@ kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: externalsecrets.external-secrets.x-k8s.io name: externalsecrets.external-secrets.io

2
config/crd/patches/cainjection_in_secretstores.yaml
View file

@ -5,4 +5,4 @@ kind: CustomResourceDefinition
metadata: metadata:
annotations: annotations:
cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
name: secretstores.external-secrets.x-k8s.io name: secretstores.external-secrets.io

2
config/crd/patches/webhook_in_externalsecrets.yaml
View file

@ -3,7 +3,7 @@
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: externalsecrets.external-secrets.x-k8s.io name: externalsecrets.external-secrets.io
spec: spec:
conversion: conversion:
strategy: Webhook strategy: Webhook

2
config/crd/patches/webhook_in_secretstores.yaml
View file

@ -3,7 +3,7 @@
apiVersion: apiextensions.k8s.io/v1beta1 apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition kind: CustomResourceDefinition
metadata: metadata:
name: secretstores.external-secrets.x-k8s.io name: secretstores.external-secrets.io
spec: spec:
conversion: conversion:
strategy: Webhook strategy: Webhook

4
config/rbac/externalsecret_editor_role.yaml
View file

@ -5,7 +5,7 @@ metadata:
name: externalsecret-editor-role name: externalsecret-editor-role
rules: rules:
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- externalsecrets - externalsecrets
verbs: verbs:
@ -17,7 +17,7 @@ rules:
- update - update
- watch - watch
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- externalsecrets/status - externalsecrets/status
verbs: verbs:

4
config/rbac/externalsecret_viewer_role.yaml
View file

@ -5,7 +5,7 @@ metadata:
name: externalsecret-viewer-role name: externalsecret-viewer-role
rules: rules:
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- externalsecrets - externalsecrets
verbs: verbs:
@ -13,7 +13,7 @@ rules:
- list - list
- watch - watch
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- externalsecrets/status - externalsecrets/status
verbs: verbs:

8
config/rbac/role.yaml
View file

@ -7,7 +7,7 @@ metadata:
name: manager-role name: manager-role
rules: rules:
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- externalsecrets - externalsecrets
verbs: verbs:
@ -19,7 +19,7 @@ rules:
- update - update
- watch - watch
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- externalsecrets/status - externalsecrets/status
verbs: verbs:
@ -27,7 +27,7 @@ rules:
- patch - patch
- update - update
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- secretstores - secretstores
verbs: verbs:
@ -39,7 +39,7 @@ rules:
- update - update
- watch - watch
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- secretstores/status - secretstores/status
verbs: verbs:

4
config/rbac/secretstore_editor_role.yaml
View file

@ -5,7 +5,7 @@ metadata:
name: secretstore-editor-role name: secretstore-editor-role
rules: rules:
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- secretstores - secretstores
verbs: verbs:
@ -17,7 +17,7 @@ rules:
- update - update
- watch - watch
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- secretstores/status - secretstores/status
verbs: verbs:

4
config/rbac/secretstore_viewer_role.yaml
View file

@ -5,7 +5,7 @@ metadata:
name: secretstore-viewer-role name: secretstore-viewer-role
rules: rules:
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- secretstores - secretstores
verbs: verbs:
@ -13,7 +13,7 @@ rules:
- list - list
- watch - watch
- apiGroups: - apiGroups:
- external-secrets.x-k8s.io - external-secrets.io
resources: resources:
- secretstores/status - secretstores/status
verbs: verbs:

2
config/samples/external-secrets_v1alpha1_externalsecret.yaml
View file

@ -1,4 +1,4 @@
apiVersion: external-secrets.x-k8s.io/v1alpha1 apiVersion: external-secrets.io/v1alpha1
kind: ExternalSecret kind: ExternalSecret
metadata: metadata:
name: externalsecret-sample name: externalsecret-sample

2
config/samples/external-secrets_v1alpha1_secretstore.yaml
View file

@ -1,4 +1,4 @@
apiVersion: external-secrets.x-k8s.io/v1alpha1 apiVersion: external-secrets.io/v1alpha1
kind: SecretStore kind: SecretStore
metadata: metadata:
name: secretstore-sample name: secretstore-sample

4
controllers/externalsecret_controller.go
View file

@ -34,8 +34,8 @@ type ExternalSecretReconciler struct {
Scheme *runtime.Scheme Scheme *runtime.Scheme
} }
// +kubebuilder:rbac:groups=external-secrets.x-k8s.io,resources=externalsecrets,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=external-secrets.io,resources=externalsecrets,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=external-secrets.x-k8s.io,resources=externalsecrets/status,verbs=get;update;patch // +kubebuilder:rbac:groups=external-secrets.io,resources=externalsecrets/status,verbs=get;update;patch
func (r *ExternalSecretReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { func (r *ExternalSecretReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
_ = context.Background() _ = context.Background()

4
controllers/secretstore_controller.go
View file

@ -34,8 +34,8 @@ type SecretStoreReconciler struct {
Scheme *runtime.Scheme Scheme *runtime.Scheme
} }
// +kubebuilder:rbac:groups=external-secrets.x-k8s.io,resources=secretstores,verbs=get;list;watch;create;update;patch;delete // +kubebuilder:rbac:groups=external-secrets.io,resources=secretstores,verbs=get;list;watch;create;update;patch;delete
// +kubebuilder:rbac:groups=external-secrets.x-k8s.io,resources=secretstores/status,verbs=get;update;patch // +kubebuilder:rbac:groups=external-secrets.io,resources=secretstores/status,verbs=get;update;patch
func (r *SecretStoreReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) { func (r *SecretStoreReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
_ = context.Background() _ = context.Background()

2
main.go
View file

@ -59,7 +59,7 @@ func main() {
MetricsBindAddress: metricsAddr, MetricsBindAddress: metricsAddr,
Port: 9443, Port: 9443,
LeaderElection: enableLeaderElection, LeaderElection: enableLeaderElection,
LeaderElectionID: "1fc40399.x-k8s.io", LeaderElectionID: "1fc40399.io",
}) })
if err != nil { if err != nil {
setupLog.Error(err, "unable to start manager") setupLog.Error(err, "unable to start manager")