95 lines
4.0 KiB
Io
95 lines
4.0 KiB
Io
---
|
|
# Source: external-secrets/charts/external-secrets/templates/crds/cloudsmithaccesstoken.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.19.0
|
|
labels:
|
|
external-secrets.io/component: controller
|
|
name: cloudsmithaccesstokens.generators.external-secrets.io
|
|
spec:
|
|
group: generators.external-secrets.io
|
|
names:
|
|
categories:
|
|
- external-secrets
|
|
- external-secrets-generators
|
|
kind: CloudsmithAccessToken
|
|
listKind: CloudsmithAccessTokenList
|
|
plural: cloudsmithaccesstokens
|
|
singular: cloudsmithaccesstoken
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: CloudsmithAccessToken generates Cloudsmith access token using OIDC authentication
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: CloudsmithAccessTokenSpec defines the configuration for generating a Cloudsmith access token using OIDC authentication.
|
|
properties:
|
|
apiUrl:
|
|
description: APIURL configures the Cloudsmith API URL. Defaults to https://api.cloudsmith.io.
|
|
type: string
|
|
orgSlug:
|
|
description: OrgSlug is the organization slug in Cloudsmith
|
|
type: string
|
|
serviceAccountRef:
|
|
description: Name of the service account you are federating with
|
|
properties:
|
|
audiences:
|
|
description: |-
|
|
Audience specifies the `aud` claim for the service account token
|
|
If the service account uses a well-known annotation for e.g. IRSA or GCP Workload Identity
|
|
then this audiences will be appended to the list
|
|
items:
|
|
type: string
|
|
type: array
|
|
name:
|
|
description: The name of the ServiceAccount resource being referred to.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
type: string
|
|
namespace:
|
|
description: |-
|
|
Namespace of the resource being referred to.
|
|
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
|
|
maxLength: 63
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
serviceSlug:
|
|
description: ServiceSlug is the service slug in Cloudsmith for OIDC authentication
|
|
type: string
|
|
required:
|
|
- orgSlug
|
|
- serviceAccountRef
|
|
- serviceSlug
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|