icecheng/freeleaps-ops
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c42f249e9f
freeleaps-ops/freeleaps-secret-operator/helm-pkg/secret-operator/templates/crds.yaml

321 lines
10 KiB
YAML
Raw Normal View History

feat(helm): add helm package codes for secret operator Signed-off-by: zhenyus <zhenyus@mathmast.com>
2025-08-18 03:24:07 +00:00
{{- if .Values.crds.install }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: freeleapssecretstores.freeleaps.com
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
spec:
group: freeleaps.com
versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
provider:
type: object
properties:
azurekv:
type: object
properties:
tenantId:
type: string
description: "Azure tenant ID"
vaultUrl:
type: string
description: "Key Vault URL (https://<vault-name>.vault.azure.net/)"
vaultName:
type: string
description: "Key Vault name"
subscriptionId:
type: string
description: "Azure subscription ID"
resourceGroup:
type: string
description: "Resource group containing the Key Vault"
authSecretRef:
type: object
properties:
clientId:
type: object
properties:
name:
type: string
description: "K8s Secret name containing client ID"
key:
type: string
description: "Key within the Secret"
namespace:
type: string
description: "Namespace of the K8s Secret containing client ID"
required:
- name
- key
- namespace
clientSecret:
type: object
properties:
name:
type: string
description: "K8s Secret name containing client secret"
key:
type: string
description: "Key within the Secret"
namespace:
type: string
description: "Namespace of the K8s Secret containing client secret"
required:
- name
- key
- namespace
required:
- clientId
- clientSecret
required:
- tenantId
- vaultUrl
- vaultName
- subscriptionId
- resourceGroup
- authSecretRef
status:
type: object
properties:
conditions:
type: array
items:
type: object
properties:
type:
type: string
status:
type: string
enum: ["True", "False", "Unknown"]
reason:
type: string
message:
type: string
lastTransitionTime:
type: string
format: date-time
required:
- type
- status
phase:
type: string
enum: ["Ready", "NotReady", "Error"]
additionalPrinterColumns:
- name: Phase
type: string
description: The phase of the FreeleapsSecretStore
jsonPath: .status.phase
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
subresources:
status: {}
scope: Cluster
names:
plural: freeleapssecretstores
singular: freeleapssecretstore
kind: FreeleapsSecretStore
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: freeleapssecrets.freeleaps.com
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
spec:
group: freeleaps.com
versions:
- name: v1alpha1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
secretStoreRef:
type: object
properties:
kind:
type: string
enum: ["FreeleapsSecretStore"]
name:
type: string
description: "Name of the FreeleapsSecretStore"
required:
- kind
- name
target:
type: object
properties:
name:
type: string
description: "Name of the target Kubernetes Secret to create"
creationPolicy:
type: string
enum: ["Owner", "Merge"]
description: "How to handle target Secret creation"
required:
- name
- creationPolicy
data:
type: array
items:
type: object
properties:
secretKey:
type: string
description: "Key name in the target Kubernetes Secret"
remoteRef:
type: object
properties:
key:
type: string
description: "Secret key/name in the external vault"
type:
type: string
enum: ["Secret"]
description: "Type of secret (Secret, Certificate, File, etc.)"
property:
type: string
description: "Optional: specific property within the secret"
required:
- key
- type
required:
- secretKey
- remoteRef
refreshInterval:
type: string
description: "How often to refresh (default: 1h)"
default: "1h"
required:
- secretStoreRef
- target
- data
status:
type: object
x-kubernetes-preserve-unknown-fields: true
properties:
conditions:
type: array
items:
type: object
properties:
type:
type: string
status:
type: string
enum: ["True", "False", "Unknown"]
reason:
type: string
message:
type: string
lastTransitionTime:
type: string
format: date-time
required:
- type
- status
phase:
type: string
enum: ["Ready", "NotReady", "Error"]
lastSyncTime:
type: string
format: date-time
description: "Timestamp of the last successful sync"
syncedGeneration:
type: integer
format: int64
description: "Generation of the resource that was last synced"
additionalPrinterColumns:
- name: Phase
type: string
description: The phase of the FreeleapsSecret
jsonPath: .status.phase
- name: Target
type: string
description: Name of the target Kubernetes Secret
jsonPath: .spec.target.name
- name: Last Sync
type: date
description: Last successful sync time
jsonPath: .status.lastSyncTime
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
subresources:
status: {}
scope: Namespaced
names:
plural: freeleapssecrets
singular: freeleapssecret
kind: FreeleapsSecret
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: clusterkopfpeerings.kopf.dev
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
spec:
scope: Cluster
group: kopf.dev
names:
kind: ClusterKopfPeering
plural: clusterkopfpeerings
singular: clusterkopfpeering
versions:
- name: v1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
status:
type: object
x-kubernetes-preserve-unknown-fields: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: kopfpeerings.kopf.dev
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-weight": "-5"
spec:
scope: Namespaced
group: kopf.dev
names:
kind: KopfPeering
plural: kopfpeerings
singular: kopfpeering
versions:
- name: v1
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
status:
type: object
x-kubernetes-preserve-unknown-fields: true
{{- end }}
Reference in New Issue Copy Permalink