{{- if .Values.crds.install }} apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: freeleapssecretstores.freeleaps.com annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-weight": "-5" spec: group: freeleaps.com versions: - name: v1alpha1 served: true storage: true schema: openAPIV3Schema: type: object properties: spec: type: object properties: provider: type: object properties: azurekv: type: object properties: tenantId: type: string description: "Azure tenant ID" vaultUrl: type: string description: "Key Vault URL (https://.vault.azure.net/)" vaultName: type: string description: "Key Vault name" subscriptionId: type: string description: "Azure subscription ID" resourceGroup: type: string description: "Resource group containing the Key Vault" authSecretRef: type: object properties: clientId: type: object properties: name: type: string description: "K8s Secret name containing client ID" key: type: string description: "Key within the Secret" namespace: type: string description: "Namespace of the K8s Secret containing client ID" required: - name - key - namespace clientSecret: type: object properties: name: type: string description: "K8s Secret name containing client secret" key: type: string description: "Key within the Secret" namespace: type: string description: "Namespace of the K8s Secret containing client secret" required: - name - key - namespace required: - clientId - clientSecret required: - tenantId - vaultUrl - vaultName - subscriptionId - resourceGroup - authSecretRef status: type: object properties: conditions: type: array items: type: object properties: type: type: string status: type: string enum: ["True", "False", "Unknown"] reason: type: string message: type: string lastTransitionTime: type: string format: date-time required: - type - status phase: type: string enum: ["Ready", "NotReady", "Error"] additionalPrinterColumns: - name: Phase type: string description: The phase of the FreeleapsSecretStore jsonPath: .status.phase - name: Age type: date jsonPath: .metadata.creationTimestamp subresources: status: {} scope: Cluster names: plural: freeleapssecretstores singular: freeleapssecretstore kind: FreeleapsSecretStore --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: freeleapssecrets.freeleaps.com annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-weight": "-5" spec: group: freeleaps.com versions: - name: v1alpha1 served: true storage: true schema: openAPIV3Schema: type: object properties: spec: type: object properties: secretStoreRef: type: object properties: kind: type: string enum: ["FreeleapsSecretStore"] name: type: string description: "Name of the FreeleapsSecretStore" required: - kind - name target: type: object properties: name: type: string description: "Name of the target Kubernetes Secret to create" creationPolicy: type: string enum: ["Owner", "Merge"] description: "How to handle target Secret creation" required: - name - creationPolicy data: type: array items: type: object properties: secretKey: type: string description: "Key name in the target Kubernetes Secret" remoteRef: type: object properties: key: type: string description: "Secret key/name in the external vault" type: type: string enum: ["Secret"] description: "Type of secret (Secret, Certificate, File, etc.)" property: type: string description: "Optional: specific property within the secret" required: - key - type required: - secretKey - remoteRef refreshInterval: type: string description: "How often to refresh (default: 1h)" default: "1h" required: - secretStoreRef - target - data status: type: object x-kubernetes-preserve-unknown-fields: true properties: conditions: type: array items: type: object properties: type: type: string status: type: string enum: ["True", "False", "Unknown"] reason: type: string message: type: string lastTransitionTime: type: string format: date-time required: - type - status phase: type: string enum: ["Ready", "NotReady", "Error"] lastSyncTime: type: string format: date-time description: "Timestamp of the last successful sync" syncedGeneration: type: integer format: int64 description: "Generation of the resource that was last synced" additionalPrinterColumns: - name: Phase type: string description: The phase of the FreeleapsSecret jsonPath: .status.phase - name: Target type: string description: Name of the target Kubernetes Secret jsonPath: .spec.target.name - name: Last Sync type: date description: Last successful sync time jsonPath: .status.lastSyncTime - name: Age type: date jsonPath: .metadata.creationTimestamp subresources: status: {} scope: Namespaced names: plural: freeleapssecrets singular: freeleapssecret kind: FreeleapsSecret --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: clusterkopfpeerings.kopf.dev annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-weight": "-5" spec: scope: Cluster group: kopf.dev names: kind: ClusterKopfPeering plural: clusterkopfpeerings singular: clusterkopfpeering versions: - name: v1 served: true storage: true schema: openAPIV3Schema: type: object properties: status: type: object x-kubernetes-preserve-unknown-fields: true --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: kopfpeerings.kopf.dev annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-weight": "-5" spec: scope: Namespaced group: kopf.dev names: kind: KopfPeering plural: kopfpeerings singular: kopfpeering versions: - name: v1 served: true storage: true schema: openAPIV3Schema: type: object properties: status: type: object x-kubernetes-preserve-unknown-fields: true {{- end }}