# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cnrm.cloud.google.com/version: 1.106.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: alpha cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: networkservicesedgecachekeysets.networkservices.cnrm.cloud.google.com spec: group: networkservices.cnrm.cloud.google.com names: categories: - gcp kind: NetworkServicesEdgeCacheKeyset plural: networkservicesedgecachekeysets shortNames: - gcpnetworkservicesedgecachekeyset - gcpnetworkservicesedgecachekeysets singular: networkservicesedgecachekeyset scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age type: date - description: When 'True', the most recent reconcile of the resource succeeded jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready type: string - description: The reason for the value in 'Ready' jsonPath: .status.conditions[?(@.type=='Ready')].reason name: Status type: string - description: The last transition time for the value in 'Status' jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date name: v1alpha1 schema: openAPIV3Schema: properties: apiVersion: description: 'apiVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' type: string kind: description: 'kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' type: string metadata: type: object spec: properties: description: description: A human-readable description of the resource. type: string projectRef: description: The project that this resource belongs to. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `name` field of a `Project` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object publicKey: description: |- An ordered list of Ed25519 public keys to use for validating signed requests. You must specify 'public_keys' or 'validation_shared_keys' (or both). The keys in 'public_keys' are checked first. You may specify no more than one Google-managed public key. If you specify 'public_keys', you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. items: properties: id: description: |- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. type: string managed: description: Set to true to have the CDN automatically manage this public key value. type: boolean value: description: |- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. oneOf: - not: required: - valueFrom required: - value - not: required: - value required: - valueFrom properties: value: description: Value of the field. Cannot be used if 'valueFrom' is specified. type: string valueFrom: description: Source for the field's value. Cannot be used if 'value' is specified. properties: secretKeyRef: description: Reference to a value with the given key in the given Secret in the resource's namespace. properties: key: description: Key that identifies the value to be extracted. type: string name: description: Name of the Secret to extract a value from. type: string required: - name - key type: object type: object type: object required: - id type: object type: array resourceID: description: Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string validationSharedKeys: description: |- An ordered list of shared keys to use for validating signed requests. Shared keys are secret. Ensure that only authorized users can add 'validation_shared_keys' to a keyset. You can rotate keys by appending (pushing) a new key to the list of 'validation_shared_keys' and removing any superseded keys. You must specify 'public_keys' or 'validation_shared_keys' (or both). The keys in 'public_keys' are checked first. items: properties: secretVersion: description: |- The name of the secret version in Secret Manager. The resource name of the secret version must be in the format 'projects/*/secrets/*/versions/*' where the '*' values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using. * If you are using HMAC-SHA1, we suggest 20-byte secrets. * If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations. type: string required: - secretVersion type: object type: array required: - projectRef type: object status: properties: conditions: description: Conditions represent the latest available observation of the resource's current state. items: properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. type: string message: description: Human-readable message indicating details about last transition. type: string reason: description: Unique, one-word, CamelCase reason for the condition's last transition. type: string status: description: Status is the status of the condition. Can be True, False, Unknown. type: string type: description: Type is the type of the condition. type: string type: object type: array observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. type: integer type: object required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []