apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.11.0 creationTimestamp: null name: pushsecrets.external-secrets.io spec: group: external-secrets.io names: categories: - pushsecrets kind: PushSecret listKind: PushSecretList plural: pushsecrets singular: pushsecret scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: AGE type: date - jsonPath: .status.conditions[?(@.type=="Ready")].reason name: Status type: string name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: PushSecretSpec configures the behavior of the PushSecret. properties: data: description: Secret Data that should be pushed to providers items: properties: match: description: Match a given Secret Key to be pushed to the provider. properties: remoteRef: description: Remote Refs to push to providers. properties: remoteKey: description: Name of the resulting provider secret. type: string required: - remoteKey type: object secretKey: description: Secret Key to be pushed type: string required: - remoteRef - secretKey type: object required: - match type: object type: array deletionPolicy: default: None description: 'Deletion Policy to handle Secrets in the provider. Possible Values: "Delete/None". Defaults to "None".' type: string refreshInterval: description: The Interval to which External Secrets will try to push a secret definition type: string secretStoreRefs: items: properties: kind: default: SecretStore description: Kind of the SecretStore resource (SecretStore or ClusterSecretStore) Defaults to `SecretStore` type: string labelSelector: description: Optionally, sync to secret stores with label selector properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object x-kubernetes-map-type: atomic name: description: Optionally, sync to the SecretStore of the given name type: string type: object type: array selector: description: The Secret Selector (k8s source) for the Push Secret properties: secret: description: Select a Secret to Push. properties: name: description: Name of the Secret. The Secret must exist in the same namespace as the PushSecret manifest. type: string required: - name type: object required: - secret type: object required: - secretStoreRefs - selector type: object status: description: PushSecretStatus indicates the history of the status of PushSecret. properties: conditions: items: description: PushSecretStatusCondition indicates the status of the PushSecret. properties: lastTransitionTime: format: date-time type: string message: type: string reason: type: string status: type: string type: description: PushSecretConditionType indicates the condition of the PushSecret. type: string required: - status - type type: object type: array refreshTime: description: refreshTime is the time and date the external secret was fetched and the target secret updated format: date-time nullable: true type: string syncedPushSecrets: additionalProperties: additionalProperties: properties: match: description: Match a given Secret Key to be pushed to the provider. properties: remoteRef: description: Remote Refs to push to providers. properties: remoteKey: description: Name of the resulting provider secret. type: string required: - remoteKey type: object secretKey: description: Secret Key to be pushed type: string required: - remoteRef - secretKey type: object required: - match type: object type: object description: Synced Push Secrets for later deletion. Matches Secret Stores to PushSecretData that was stored to that secretStore. type: object syncedResourceVersion: description: SyncedResourceVersion keeps track of the last synced version. type: string type: object type: object served: true storage: true subresources: status: {}