224 lines
10 KiB
Io
224 lines
10 KiB
Io
---
|
|
# Source: external-secrets/charts/external-secrets/templates/crds/webhook.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.19.0
|
|
labels:
|
|
external-secrets.io/component: controller
|
|
name: webhooks.generators.external-secrets.io
|
|
spec:
|
|
group: generators.external-secrets.io
|
|
names:
|
|
categories:
|
|
- external-secrets
|
|
- external-secrets-generators
|
|
kind: Webhook
|
|
listKind: WebhookList
|
|
plural: webhooks
|
|
singular: webhook
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: |-
|
|
Webhook connects to a third party API server to handle the secrets generation
|
|
configuration parameters in spec.
|
|
You can specify the server, the token, and additional body parameters.
|
|
See documentation for the full API specification for requests and responses.
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: WebhookSpec controls the behavior of the external generator. Any body parameters should be passed to the server through the parameters field.
|
|
properties:
|
|
auth:
|
|
description: Auth specifies a authorization protocol. Only one protocol may be set.
|
|
maxProperties: 1
|
|
minProperties: 1
|
|
properties:
|
|
ntlm:
|
|
description: NTLMProtocol configures the store to use NTLM for auth
|
|
properties:
|
|
passwordSecret:
|
|
description: |-
|
|
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
|
|
In some instances, `key` is a required field.
|
|
properties:
|
|
key:
|
|
description: |-
|
|
A key in the referenced Secret.
|
|
Some instances of this field may be defaulted, in others it may be required.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[-._a-zA-Z0-9]+$
|
|
type: string
|
|
name:
|
|
description: The name of the Secret resource being referred to.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
type: string
|
|
namespace:
|
|
description: |-
|
|
The namespace of the Secret resource being referred to.
|
|
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
|
|
maxLength: 63
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
usernameSecret:
|
|
description: |-
|
|
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
|
|
In some instances, `key` is a required field.
|
|
properties:
|
|
key:
|
|
description: |-
|
|
A key in the referenced Secret.
|
|
Some instances of this field may be defaulted, in others it may be required.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[-._a-zA-Z0-9]+$
|
|
type: string
|
|
name:
|
|
description: The name of the Secret resource being referred to.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
type: string
|
|
namespace:
|
|
description: |-
|
|
The namespace of the Secret resource being referred to.
|
|
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
|
|
maxLength: 63
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type: object
|
|
required:
|
|
- passwordSecret
|
|
- usernameSecret
|
|
type: object
|
|
type: object
|
|
body:
|
|
description: Body
|
|
type: string
|
|
caBundle:
|
|
description: |-
|
|
PEM encoded CA bundle used to validate webhook server certificate. Only used
|
|
if the Server URL is using HTTPS protocol. This parameter is ignored for
|
|
plain HTTP protocol connection. If not set the system root certificates
|
|
are used to validate the TLS connection.
|
|
format: byte
|
|
type: string
|
|
caProvider:
|
|
description: The provider for the CA bundle to use to validate webhook server certificate.
|
|
properties:
|
|
key:
|
|
description: The key where the CA certificate can be found in the Secret or ConfigMap.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[-._a-zA-Z0-9]+$
|
|
type: string
|
|
name:
|
|
description: The name of the object located at the provider type.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
type: string
|
|
namespace:
|
|
description: The namespace the Provider type is in.
|
|
maxLength: 63
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
|
type: string
|
|
type:
|
|
description: The type of provider to use such as "Secret", or "ConfigMap".
|
|
enum:
|
|
- Secret
|
|
- ConfigMap
|
|
type: string
|
|
required:
|
|
- name
|
|
- type
|
|
type: object
|
|
headers:
|
|
additionalProperties:
|
|
type: string
|
|
description: Headers
|
|
type: object
|
|
method:
|
|
description: Webhook Method
|
|
type: string
|
|
result:
|
|
description: Result formatting
|
|
properties:
|
|
jsonPath:
|
|
description: Json path of return value
|
|
type: string
|
|
type: object
|
|
secrets:
|
|
description: |-
|
|
Secrets to fill in templates
|
|
These secrets will be passed to the templating function as key value pairs under the given name
|
|
items:
|
|
description: WebhookSecret defines a secret reference that will be used in webhook templates.
|
|
properties:
|
|
name:
|
|
description: Name of this secret in templates
|
|
type: string
|
|
secretRef:
|
|
description: Secret ref to fill in credentials
|
|
properties:
|
|
key:
|
|
description: The key where the token is found.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[-._a-zA-Z0-9]+$
|
|
type: string
|
|
name:
|
|
description: The name of the Secret resource being referred to.
|
|
maxLength: 253
|
|
minLength: 1
|
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
|
type: string
|
|
type: object
|
|
required:
|
|
- name
|
|
- secretRef
|
|
type: object
|
|
type: array
|
|
timeout:
|
|
description: Timeout
|
|
type: string
|
|
url:
|
|
description: Webhook url to call
|
|
type: string
|
|
required:
|
|
- result
|
|
- url
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|