crossplane
170 строк · 6.6 Кб
1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4annotations:
5controller-gen.kubebuilder.io/version: v0.14.0
6name: storeconfigs.secrets.crossplane.io
7spec:
8group: secrets.crossplane.io
9names:
10categories:
11- crossplane
12- store
13kind: StoreConfig
14listKind: StoreConfigList
15plural: storeconfigs
16singular: storeconfig
17scope: Cluster
18versions:
19- additionalPrinterColumns:
20- jsonPath: .metadata.creationTimestamp
21name: AGE
22type: date
23- jsonPath: .spec.type
24name: TYPE
25type: string
26- jsonPath: .spec.defaultScope
27name: DEFAULT-SCOPE
28type: string
29name: v1alpha1
30schema:
31openAPIV3Schema:
32description: A StoreConfig configures how Crossplane controllers should store
33connection details.
34properties:
35apiVersion:
36description: |-
37APIVersion defines the versioned schema of this representation of an object.
38Servers should convert recognized schemas to the latest internal value, and
39may reject unrecognized values.
40More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
41type: string
42kind:
43description: |-
44Kind is a string value representing the REST resource this object represents.
45Servers may infer this from the endpoint the client submits requests to.
46Cannot be updated.
47In CamelCase.
48More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
49type: string
50metadata:
51type: object
52spec:
53description: A StoreConfigSpec defines the desired state of a StoreConfig.
54properties:
55defaultScope:
56description: |-
57DefaultScope used for scoping secrets for "cluster-scoped" resources.
58If store type is "Kubernetes", this would mean the default namespace to
59store connection secrets for cluster scoped resources.
60In case of "Vault", this would be used as the default parent path.
61Typically, should be set as Crossplane installation namespace.
62type: string
63kubernetes:
64description: |-
65Kubernetes configures a Kubernetes secret store.
66If the "type" is "Kubernetes" but no config provided, in cluster config
67will be used.
68properties:
69auth:
70description: Credentials used to connect to the Kubernetes API.
71properties:
72env:
73description: |-
74Env is a reference to an environment variable that contains credentials
75that must be used to connect to the provider.
76properties:
77name:
78description: Name is the name of an environment variable.
79type: string
80required:
81- name
82type: object
83fs:
84description: |-
85Fs is a reference to a filesystem location that contains credentials that
86must be used to connect to the provider.
87properties:
88path:
89description: Path is a filesystem path.
90type: string
91required:
92- path
93type: object
94secretRef:
95description: |-
96A SecretRef is a reference to a secret key that contains the credentials
97that must be used to connect to the provider.
98properties:
99key:
100description: The key to select.
101type: string
102name:
103description: Name of the secret.
104type: string
105namespace:
106description: Namespace of the secret.
107type: string
108required:
109- key
110- name
111- namespace
112type: object
113source:
114description: Source of the credentials.
115enum:
116- None
117- Secret
118- Environment
119- Filesystem
120type: string
121required:
122- source
123type: object
124required:
125- auth
126type: object
127plugin:
128description: Plugin configures External secret store as a plugin.
129properties:
130configRef:
131description: ConfigRef contains store config reference info.
132properties:
133apiVersion:
134description: APIVersion of the referenced config.
135type: string
136kind:
137description: Kind of the referenced config.
138type: string
139name:
140description: Name of the referenced config.
141type: string
142required:
143- apiVersion
144- kind
145- name
146type: object
147endpoint:
148description: Endpoint is the endpoint of the gRPC server.
149type: string
150type: object
151type:
152default: Kubernetes
153description: |-
154Type configures which secret store to be used. Only the configuration
155block for this store will be used and others will be ignored if provided.
156Default is Kubernetes.
157enum:
158- Kubernetes
159- Vault
160- Plugin
161type: string
162required:
163- defaultScope
164type: object
165required:
166- spec
167type: object
168served: true
169storage: true
170subresources: {}
171