apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: clients.iam.edge-infra.dev annotations: controller-gen.kubebuilder.io/version: (unknown) spec: group: iam.edge-infra.dev names: kind: Client listKind: ClientList plural: clients singular: client scope: Namespaced versions: - name: v1alpha1 additionalPrinterColumns: - name: Reason type: string jsonPath: .status.conditions[0].reason - name: Message type: string jsonPath: .status.conditions[0].message - name: Age type: date jsonPath: .metadata.creationTimestamp schema: openAPIV3Schema: type: object description: Client is the Schema for the clients API properties: apiVersion: type: string description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources kind: type: string description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds metadata: type: object spec: type: object description: ClientSpec defines the desired state of Client properties: audience: type: array description: Audience is a whitelist defining the audiences this client is allowed to request tokens for items: type: string clientName: type: string description: ClientName is the human-readable string name of the client to be presented to the end-user during authorization. grantTypes: type: array description: GrantTypes is an array of grant types the client is allowed to use. items: type: string maxItems: 5 minItems: 1 printBarcodeTypes: type: array description: 'PrintBarcodeTypes is an array that tells Edge-ID about client''s printing capabilities. Supported Values: 128A, qr' items: type: string maxItems: 2 printBarcodeUri: type: string description: PrintBarcodeURI is the redirect URI of the client where print barcode is handled. redirectUris: type: array description: RedirectURIs is an array of the redirect URIs allowed for the application items: type: string responseModes: type: array description: ResponseModes is an array of response modes that client is allowed to send items: type: string maxItems: 3 minItems: 0 responseTypes: type: array description: |- ResponseTypes is an array of the OAuth 2.0 response type strings that the client can use at the authorization endpoint. items: type: string maxItems: 3 minItems: 1 roles: type: array description: 'Roles is an array of roles the client has. Example roles: ULP_FINALIZE, AMS_CUSTOMER, etc.' items: type: string maxItems: 100 minItems: 0 scope: type: string description: |- Scope is a string containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens. pattern: ([a-zA-Z0-9\.\*]+\s?)+ secretName: type: string description: SecretName points to the K8s secret that contains this client's ID and password maxLength: 253 minLength: 1 pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' required: - grantTypes - secretName status: type: object description: ClientStatus defines the observed state of Client properties: conditions: type: array description: |- INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file items: type: object description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}" properties: type: type: string description: |- type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ status: type: string description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown lastTransitionTime: type: string description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time message: type: string description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 observedGeneration: type: integer description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 reason: type: string description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ required: - lastTransitionTime - message - reason - status - type reconciliationError: type: object description: ReconciliationError represents an error that occurred during the reconciliation process properties: description: type: string description: Description is the description of the reconciliation error statusCode: type: string description: Code is the status code of the reconciliation error served: true storage: true subresources: status: {}