Automated Manifest Update (#4583)
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: #4583 Co-authored-by: gitea-bot <gitea-bot@alexlebens.net> Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
This commit was merged in pull request #4583.
This commit is contained in:
@@ -9,9 +9,9 @@ metadata:
|
||||
app.kubernetes.io/name: "cert-manager"
|
||||
app.kubernetes.io/instance: "cert-manager"
|
||||
app.kubernetes.io/component: "crds"
|
||||
app.kubernetes.io/version: "v1.19.4"
|
||||
app.kubernetes.io/version: "v1.20.0"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
helm.sh/chart: cert-manager-v1.19.4
|
||||
helm.sh/chart: cert-manager-v1.20.0
|
||||
spec:
|
||||
group: cert-manager.io
|
||||
names:
|
||||
@@ -398,6 +398,22 @@ spec:
|
||||
The TenantID of the Azure Service Principal used to authenticate with Azure DNS.
|
||||
If set, ClientID and ClientSecret must also be set.
|
||||
type: string
|
||||
zoneType:
|
||||
description: |-
|
||||
ZoneType determines which type of Azure DNS zone to use.
|
||||
|
||||
Valid values are:
|
||||
- AzurePublicZone (default): Use a public Azure DNS zone.
|
||||
- AzurePrivateZone: Use an Azure Private DNS zone.
|
||||
|
||||
If not specified, AzurePublicZone is used.
|
||||
|
||||
Support for Azure Private DNS zones is currently
|
||||
experimental and may change in future releases.
|
||||
enum:
|
||||
- AzurePublicZone
|
||||
- AzurePrivateZone
|
||||
type: string
|
||||
required:
|
||||
- resourceGroupName
|
||||
- subscriptionID
|
||||
@@ -521,7 +537,7 @@ spec:
|
||||
description: |-
|
||||
The IP address or hostname of an authoritative DNS server supporting
|
||||
RFC2136 in the form host:port. If the host is an IPv6 address it must be
|
||||
enclosed in square brackets (e.g [2001:db8::1]) ; port is optional.
|
||||
enclosed in square brackets (e.g [2001:db8::1]); port is optional.
|
||||
This field is required.
|
||||
type: string
|
||||
protocol:
|
||||
@@ -571,8 +587,8 @@ spec:
|
||||
description: |-
|
||||
The AccessKeyID is used for authentication.
|
||||
Cannot be set when SecretAccessKeyID is set.
|
||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
||||
vars, shared credentials file or AWS Instance metadata,
|
||||
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||
vars, shared credentials file, or AWS Instance metadata,
|
||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||
type: string
|
||||
accessKeyIDSecretRef:
|
||||
@@ -580,8 +596,8 @@ spec:
|
||||
The SecretAccessKey is used for authentication. If set, pull the AWS
|
||||
access key ID from a key within a Kubernetes Secret.
|
||||
Cannot be set when AccessKeyID is set.
|
||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
||||
vars, shared credentials file or AWS Instance metadata,
|
||||
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||
vars, shared credentials file, or AWS Instance metadata,
|
||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||
properties:
|
||||
key:
|
||||
@@ -670,8 +686,8 @@ spec:
|
||||
secretAccessKeySecretRef:
|
||||
description: |-
|
||||
The SecretAccessKey is used for authentication.
|
||||
If neither the Access Key nor Key ID are set, we fall-back to using env
|
||||
vars, shared credentials file or AWS Instance metadata,
|
||||
If neither the Access Key nor Key ID are set, we fall back to using env
|
||||
vars, shared credentials file, or AWS Instance metadata,
|
||||
see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials
|
||||
properties:
|
||||
key:
|
||||
@@ -2028,9 +2044,10 @@ spec:
|
||||
operator:
|
||||
description: |-
|
||||
Operator represents a key's relationship to the value.
|
||||
Valid operators are Exists and Equal. Defaults to Equal.
|
||||
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||
Exists is equivalent to wildcard for value, so that a pod can
|
||||
tolerate all taints of a particular category.
|
||||
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||
type: string
|
||||
tolerationSeconds:
|
||||
description: |-
|
||||
@@ -3239,9 +3256,10 @@ spec:
|
||||
operator:
|
||||
description: |-
|
||||
Operator represents a key's relationship to the value.
|
||||
Valid operators are Exists and Equal. Defaults to Equal.
|
||||
Valid operators are Exists, Equal, Lt, and Gt. Defaults to Equal.
|
||||
Exists is equivalent to wildcard for value, so that a pod can
|
||||
tolerate all taints of a particular category.
|
||||
Lt and Gt perform numeric comparisons (requires feature gate TaintTolerationComparisonOperators).
|
||||
type: string
|
||||
tolerationSeconds:
|
||||
description: |-
|
||||
@@ -3498,8 +3516,8 @@ spec:
|
||||
properties:
|
||||
audiences:
|
||||
description: |-
|
||||
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault. The default token
|
||||
consisting of the issuer's namespace and name is always included.
|
||||
TokenAudiences is an optional list of extra audiences to include in the token passed to Vault.
|
||||
The default audiences are always included in the token.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
@@ -3627,16 +3645,16 @@ spec:
|
||||
type: object
|
||||
venafi:
|
||||
description: |-
|
||||
Venafi configures this issuer to sign certificates using a Venafi TPP
|
||||
or Venafi Cloud policy zone.
|
||||
Venafi configures this issuer to sign certificates using a CyberArk Certificate Manager Self-Hosted
|
||||
or SaaS policy zone.
|
||||
properties:
|
||||
cloud:
|
||||
description: |-
|
||||
Cloud specifies the Venafi cloud configuration settings.
|
||||
Only one of TPP or Cloud may be specified.
|
||||
Cloud specifies the CyberArk Certificate Manager SaaS configuration settings.
|
||||
Only one of CyberArk Certificate Manager may be specified.
|
||||
properties:
|
||||
apiTokenSecretRef:
|
||||
description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token.
|
||||
description: APITokenSecretRef is a secret key selector for the CyberArk Certificate Manager SaaS API token.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
@@ -3654,7 +3672,7 @@ spec:
|
||||
type: object
|
||||
url:
|
||||
description: |-
|
||||
URL is the base URL for Venafi Cloud.
|
||||
URL is the base URL for CyberArk Certificate Manager SaaS.
|
||||
Defaults to "https://api.venafi.cloud/".
|
||||
type: string
|
||||
required:
|
||||
@@ -3662,13 +3680,13 @@ spec:
|
||||
type: object
|
||||
tpp:
|
||||
description: |-
|
||||
TPP specifies Trust Protection Platform configuration settings.
|
||||
Only one of TPP or Cloud may be specified.
|
||||
TPP specifies CyberArk Certificate Manager Self-Hosted configuration settings.
|
||||
Only one of CyberArk Certificate Manager may be specified.
|
||||
properties:
|
||||
caBundle:
|
||||
description: |-
|
||||
Base64-encoded bundle of PEM CAs which will be used to validate the certificate
|
||||
chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP.
|
||||
chain presented by the CyberArk Certificate Manager Self-Hosted server. Only used if using HTTPS; ignored for HTTP.
|
||||
If undefined, the certificate bundle in the cert-manager controller container
|
||||
is used to validate the chain.
|
||||
format: byte
|
||||
@@ -3676,7 +3694,7 @@ spec:
|
||||
caBundleSecretRef:
|
||||
description: |-
|
||||
Reference to a Secret containing a base64-encoded bundle of PEM CAs
|
||||
which will be used to validate the certificate chain presented by the TPP server.
|
||||
which will be used to validate the certificate chain presented by the CyberArk Certificate Manager Self-Hosted server.
|
||||
Only used if using HTTPS; ignored for HTTP. Mutually exclusive with CABundle.
|
||||
If neither CABundle nor CABundleSecretRef is defined, the certificate bundle in
|
||||
the cert-manager controller container is used to validate the TLS connection.
|
||||
@@ -3697,7 +3715,7 @@ spec:
|
||||
type: object
|
||||
credentialsRef:
|
||||
description: |-
|
||||
CredentialsRef is a reference to a Secret containing the Venafi TPP API credentials.
|
||||
CredentialsRef is a reference to a Secret containing the CyberArk Certificate Manager Self-Hosted API credentials.
|
||||
The secret must contain the key 'access-token' for the Access Token Authentication,
|
||||
or two keys, 'username' and 'password' for the API Keys Authentication.
|
||||
properties:
|
||||
@@ -3711,7 +3729,7 @@ spec:
|
||||
type: object
|
||||
url:
|
||||
description: |-
|
||||
URL is the base URL for the vedsdk endpoint of the Venafi TPP instance,
|
||||
URL is the base URL for the vedsdk endpoint of the CyberArk Certificate Manager Self-Hosted instance,
|
||||
for example: "https://tpp.example.com/vedsdk".
|
||||
type: string
|
||||
required:
|
||||
@@ -3720,8 +3738,8 @@ spec:
|
||||
type: object
|
||||
zone:
|
||||
description: |-
|
||||
Zone is the Venafi Policy Zone to use for this issuer.
|
||||
All requests made to the Venafi platform will be restricted by the named
|
||||
Zone is the Certificate Manager Policy Zone to use for this issuer.
|
||||
All requests made to the Certificate Manager platform will be restricted by the named
|
||||
zone policy.
|
||||
This field is required.
|
||||
type: string
|
||||
|
||||
Reference in New Issue
Block a user