1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 name: providers.iam.edge-infra.dev
5 annotations:
6 controller-gen.kubebuilder.io/version: (unknown)
7spec:
8 group: iam.edge-infra.dev
9 names:
10 kind: Provider
11 listKind: ProviderList
12 plural: providers
13 singular: provider
14 scope: Namespaced
15 versions:
16 - name: v1alpha1
17 additionalPrinterColumns:
18 - name: Target
19 type: string
20 jsonPath: .spec.target
21 - name: Age
22 type: date
23 jsonPath: .metadata.creationTimestamp
24 schema:
25 openAPIV3Schema:
26 type: object
27 description: Provider is the Schema for the providers API
28 properties:
29 apiVersion:
30 type: string
31 description: |-
32 APIVersion defines the versioned schema of this representation of an object.
33 Servers should convert recognized schemas to the latest internal value, and
34 may reject unrecognized values.
35 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
36 kind:
37 type: string
38 description: |-
39 Kind is a string value representing the REST resource this object represents.
40 Servers may infer this from the endpoint the client submits requests to.
41 Cannot be updated.
42 In CamelCase.
43 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
44 metadata:
45 type: object
46 spec:
47 type: object
48 description: ProviderSpec defines the desired state of Provider
49 properties:
50 barcode:
51 type: object
52 description: Barcode contains the configuration that Barcode login method should have
53 properties:
54 expire:
55 type: string
56 role:
57 type: boolean
58 description: checks if the user has the permission to print barcode
59 encryption:
60 type: object
61 description: encryption field contains the version of the encryption key secret
62 properties:
63 version:
64 type: string
65 required:
66 - version
67 ff:
68 type: object
69 additionalProperties:
70 type: boolean
71 description: FF contains the launchdarkly feature flags defaults that should be enabled
72 issuer:
73 type: string
74 description: |-
75 Issuer sets the value of the `iss`-claim (issuer) that is minted in our tokens
76 Recommended is to use the URL of the authorization server, i.e. https://iam.store.ncr.corp
77 If this claim does not contain a URL (some other kind of identifier) or
78 it cannot be resolved on that URL, the client will need to configure a separate URL.
79
80
81 Workloads running inside the cluster require this change as the external addr1ess,
82 https://iam.store.ncr.corp cannot be resolved in the cluster.
83
84
85 Should not contain trailing '/'
86 okta:
87 type: object
88 description: okta field contains authurl as well as cred secret name
89 properties:
90 credsSecretName:
91 type: string
92 required:
93 - credsSecretName
94 pin:
95 type: object
96 description: PIN contains the configuration that PIN login method should have
97 properties:
98 attempts:
99 type: integer
100 maximum: 5
101 minimum: 3
102 expire:
103 type: string
104 history:
105 type: integer
106 maximum: 5
107 minimum: 3
108 length:
109 type: integer
110 profile:
111 type: object
112 description: Profile contains the configuration of profile
113 properties:
114 expire:
115 type: string
116 target:
117 type: string
118 description: 'Target sets the type of environment this provider targets, options: gcp, sds'
119 status:
120 type: object
121 description: ProviderStatus defines the observed state of Provider
122 properties:
123 conditions:
124 type: array
125 items:
126 type: object
127 description: "Condition contains details for one aspect of the current state of this API Resource.\n---\nThis struct is intended for direct use as an array at the field path .status.conditions. For example,\n\n\n\ttype FooStatus struct{\n\t // Represents the observations of a foo's current state.\n\t // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t // other fields\n\t}"
128 properties:
129 type:
130 type: string
131 description: |-
132 type of condition in CamelCase or in foo.example.com/CamelCase.
133 ---
134 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
135 useful (see .node.status.conditions), the ability to deconflict is important.
136 The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
137 maxLength: 316
138 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
139 status:
140 type: string
141 description: status of the condition, one of True, False, Unknown.
142 enum:
143 - "True"
144 - "False"
145 - Unknown
146 lastTransitionTime:
147 type: string
148 description: |-
149 lastTransitionTime is the last time the condition transitioned from one status to another.
150 This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
151 format: date-time
152 message:
153 type: string
154 description: |-
155 message is a human readable message indicating details about the transition.
156 This may be an empty string.
157 maxLength: 32768
158 observedGeneration:
159 type: integer
160 description: |-
161 observedGeneration represents the .metadata.generation that the condition was set based upon.
162 For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
163 with respect to the current state of the instance.
164 format: int64
165 minimum: 0
166 reason:
167 type: string
168 description: |-
169 reason contains a programmatic identifier indicating the reason for the condition's last transition.
170 Producers of specific condition types may define expected values and meanings for this field,
171 and whether the values are considered a guaranteed API.
172 The value should be a CamelCase string.
173 This field may not be empty.
174 maxLength: 1024
175 minLength: 1
176 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
177 required:
178 - lastTransitionTime
179 - message
180 - reason
181 - status
182 - type
183 served: true
184 storage: true
185 subresources:
186 status: {}
View as plain text