v1beta1

package
v0.18.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package v1beta1 contains resources for external-secrets +kubebuilder:object:generate=true +groupName=external-secrets.io +versionName=v1beta1

Index

Constants

View Source 
const (
	// ConditionReasonSecretSynced indicates that the secrets was synced.
	ConditionReasonSecretSynced = "SecretSynced"
	// ConditionReasonSecretSyncedError indicates that there was an error syncing the secret.
	ConditionReasonSecretSyncedError = "SecretSyncedError"
	// ConditionReasonSecretDeleted indicates that the secret has been deleted.
	ConditionReasonSecretDeleted = "SecretDeleted"

	ReasonInvalidStoreRef      = "InvalidStoreRef"
	ReasonUnavailableStore     = "UnavailableStore"
	ReasonProviderClientConfig = "InvalidProviderClientConfig"
	ReasonUpdateFailed         = "UpdateFailed"
	ReasonUpdated              = "Updated"
	ReasonDeleted              = "Deleted"
)
View Source 
const (
	Group   = "external-secrets.io"
	Version = "v1beta1"
)

Package type metadata.

View Source 
const (
	// AnnotationDataHash is used to ensure consistency.
	AnnotationDataHash = "reconcile.external-secrets.io/data-hash"
)

Variables

View Source 
var (
	// SchemeGroupVersion is group version used to register these objects.
	SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source 
var (
	ExtSecretKind             = reflect.TypeOf(ExternalSecret{}).Name()
	ExtSecretGroupKind        = schema.GroupKind{Group: Group, Kind: ExtSecretKind}.String()
	ExtSecretKindAPIVersion   = ExtSecretKind + "." + SchemeGroupVersion.String()
	ExtSecretGroupVersionKind = SchemeGroupVersion.WithKind(ExtSecretKind)
)

ExternalSecret type metadata.

Functions

This section is empty.

Types

type ExternalSecret 

type ExternalSecret struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   ExternalSecretSpec   `json:"spec,omitempty"`
	Status ExternalSecretStatus `json:"status,omitempty"`
}

+kubebuilder:object:root=true +kubebuilder:storageversion ExternalSecret is the Schema for the external-secrets API. +kubebuilder:subresource:status +kubebuilder:resource:scope=Namespaced,categories={externalsecrets},shortName=es +kubebuilder:printcolumn:name="Store",type=string,JSONPath=`.spec.secretStoreRef.name` +kubebuilder:printcolumn:name="Refresh Interval",type=string,JSONPath=`.spec.refreshInterval` +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[?(@.type=="Ready")].reason`

func (*ExternalSecret) DeepCopy 

func (in *ExternalSecret) DeepCopy() *ExternalSecret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecret.

func (*ExternalSecret) DeepCopyInto 

func (in *ExternalSecret) DeepCopyInto(out *ExternalSecret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExternalSecret) DeepCopyObject 

func (in *ExternalSecret) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ExternalSecretConditionType 

type ExternalSecretConditionType string
const (
	ExternalSecretReady   ExternalSecretConditionType = "Ready"
	ExternalSecretDeleted ExternalSecretConditionType = "Deleted"
)

type ExternalSecretConversionStrategy 

type ExternalSecretConversionStrategy string
const (
	ExternalSecretConversionDefault ExternalSecretConversionStrategy = "Default"
	ExternalSecretConversionUnicode ExternalSecretConversionStrategy = "Unicode"
)

type ExternalSecretCreationPolicy 

type ExternalSecretCreationPolicy string

ExternalSecretCreationPolicy defines rules on how to create the resulting Secret. +kubebuilder:validation:Enum=Owner;Orphan;Merge;None 

const (
	// Owner creates the Secret and sets .metadata.ownerReferences to the ExternalSecret resource.
	CreatePolicyOwner ExternalSecretCreationPolicy = "Owner"

	// Orphan creates the Secret and does not set the ownerReference.
	// I.e. it will be orphaned after the deletion of the ExternalSecret.
	CreatePolicyOrphan ExternalSecretCreationPolicy = "Orphan"

	// Merge does not create the Secret, but merges the data fields to the Secret.
	CreatePolicyMerge ExternalSecretCreationPolicy = "Merge"

	// None does not create a Secret (future use with injector).
	CreatePolicyNone ExternalSecretCreationPolicy = "None"
)

type ExternalSecretData 

type ExternalSecretData struct {
	SecretKey string `json:"secretKey"`

	RemoteRef ExternalSecretDataRemoteRef `json:"remoteRef"`
}

ExternalSecretData defines the connection between the Kubernetes Secret key (spec.data.<key>) and the Provider data.

func (*ExternalSecretData) DeepCopy 

func (in *ExternalSecretData) DeepCopy() *ExternalSecretData

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretData.

func (*ExternalSecretData) DeepCopyInto 

func (in *ExternalSecretData) DeepCopyInto(out *ExternalSecretData)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretDataFromRemoteRef 

type ExternalSecretDataFromRemoteRef struct {
	// Used to extract multiple key/value pairs from one secret
	// +optional
	Extract *ExternalSecretDataRemoteRef `json:"extract,omitempty"`
	// Used to find secrets based on tags or regular expressions
	// +optional
	Find *ExternalSecretFind `json:"find,omitempty"`
}

+kubebuilder:validation:MinProperties=1 +kubebuilder:validation:MaxProperties=1

func (*ExternalSecretDataFromRemoteRef) DeepCopy 

func (in *ExternalSecretDataFromRemoteRef) DeepCopy() *ExternalSecretDataFromRemoteRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretDataFromRemoteRef.

func (*ExternalSecretDataFromRemoteRef) DeepCopyInto 

func (in *ExternalSecretDataFromRemoteRef) DeepCopyInto(out *ExternalSecretDataFromRemoteRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretDataRemoteRef 

type ExternalSecretDataRemoteRef struct {
	// Key is the key used in the Provider, mandatory
	Key string `json:"key"`

	// Used to select a specific version of the Provider value, if supported
	// +optional
	Version string `json:"version,omitempty"`

	// +optional
	// Used to select a specific property of the Provider value (if a map), if supported
	Property string `json:"property,omitempty"`

	// +optional
	// Used to define a conversion Strategy
	// +kubebuilder:default="Default"
	ConversionStrategy ExternalSecretConversionStrategy `json:"conversionStrategy,omitempty"`
}

ExternalSecretDataRemoteRef defines Provider data location.

func (*ExternalSecretDataRemoteRef) DeepCopy 

func (in *ExternalSecretDataRemoteRef) DeepCopy() *ExternalSecretDataRemoteRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretDataRemoteRef.

func (*ExternalSecretDataRemoteRef) DeepCopyInto 

func (in *ExternalSecretDataRemoteRef) DeepCopyInto(out *ExternalSecretDataRemoteRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretDeletionPolicy 

type ExternalSecretDeletionPolicy string

ExternalSecretDeletionPolicy defines rules on how to delete the resulting Secret. +kubebuilder:validation:Enum=Delete;Merge;Retain 

const (
	// Delete deletes the secret if all provider secrets are deleted.
	// If a secret gets deleted on the provider side and is not accessible
	// anymore this is not considered an error and the ExternalSecret
	// does not go into SecretSyncedError status.
	DeletionPolicyDelete ExternalSecretDeletionPolicy = "Delete"

	// Merge removes keys in the secret, but not the secret itself.
	// If a secret gets deleted on the provider side and is not accessible
	// anymore this is not considered an error and the ExternalSecret
	// does not go into SecretSyncedError status.
	DeletionPolicyMerge ExternalSecretDeletionPolicy = "Merge"

	// Retain will retain the secret if all provider secrets have been deleted.
	// If a provider secret does not exist the ExternalSecret gets into the
	// SecretSyncedError status.
	DeletionPolicyRetain ExternalSecretDeletionPolicy = "Retain"
)

type ExternalSecretFind 

type ExternalSecretFind struct {
	// A root path to start the find operations.
	// +optional
	Path *string `json:"path,omitempty"`
	// Finds secrets based on the name.
	// +optional
	Name *FindName `json:"name,omitempty"`

	// Find secrets based on tags.
	// +optional
	Tags map[string]string `json:"tags,omitempty"`
	// +optional
	// Used to define a conversion Strategy
	// +kubebuilder:default="Default"
	ConversionStrategy ExternalSecretConversionStrategy `json:"conversionStrategy,omitempty"`
}

func (*ExternalSecretFind) DeepCopy 

func (in *ExternalSecretFind) DeepCopy() *ExternalSecretFind

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretFind.

func (*ExternalSecretFind) DeepCopyInto 

func (in *ExternalSecretFind) DeepCopyInto(out *ExternalSecretFind)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretList 

type ExternalSecretList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ExternalSecret `json:"items"`
}

ExternalSecretList contains a list of ExternalSecret resources.

func (*ExternalSecretList) DeepCopy 

func (in *ExternalSecretList) DeepCopy() *ExternalSecretList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretList.

func (*ExternalSecretList) DeepCopyInto 

func (in *ExternalSecretList) DeepCopyInto(out *ExternalSecretList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExternalSecretList) DeepCopyObject 

func (in *ExternalSecretList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ExternalSecretSpec 

type ExternalSecretSpec struct {
	SecretStoreRef SecretStoreRef `json:"secretStoreRef"`

	Target ExternalSecretTarget `json:"target"`

	// RefreshInterval is the amount of time before the values are read again from the SecretStore provider
	// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h"
	// May be set to zero to fetch and create it once. Defaults to 1h.
	// +kubebuilder:default="1h"
	RefreshInterval *metav1.Duration `json:"refreshInterval,omitempty"`

	// Data defines the connection between the Kubernetes Secret keys and the Provider data
	// +optional
	Data []ExternalSecretData `json:"data,omitempty"`

	// DataFrom is used to fetch all properties from a specific Provider data
	// If multiple entries are specified, the Secret keys are merged in the specified order
	// +optional
	DataFrom []ExternalSecretDataFromRemoteRef `json:"dataFrom,omitempty"`
}

ExternalSecretSpec defines the desired state of ExternalSecret.

func (*ExternalSecretSpec) DeepCopy 

func (in *ExternalSecretSpec) DeepCopy() *ExternalSecretSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretSpec.

func (*ExternalSecretSpec) DeepCopyInto 

func (in *ExternalSecretSpec) DeepCopyInto(out *ExternalSecretSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretStatus 

type ExternalSecretStatus struct {
	// +nullable
	// refreshTime is the time and date the external secret was fetched and
	// the target secret updated
	RefreshTime metav1.Time `json:"refreshTime,omitempty"`

	// SyncedResourceVersion keeps track of the last synced version
	SyncedResourceVersion string `json:"syncedResourceVersion,omitempty"`

	// +optional
	Conditions []ExternalSecretStatusCondition `json:"conditions,omitempty"`
}

func (*ExternalSecretStatus) DeepCopy 

func (in *ExternalSecretStatus) DeepCopy() *ExternalSecretStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretStatus.

func (*ExternalSecretStatus) DeepCopyInto 

func (in *ExternalSecretStatus) DeepCopyInto(out *ExternalSecretStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretStatusCondition 

type ExternalSecretStatusCondition struct {
	Type   ExternalSecretConditionType `json:"type"`
	Status corev1.ConditionStatus      `json:"status"`

	// +optional
	Reason string `json:"reason,omitempty"`

	// +optional
	Message string `json:"message,omitempty"`

	// +optional
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
}

func (*ExternalSecretStatusCondition) DeepCopy 

func (in *ExternalSecretStatusCondition) DeepCopy() *ExternalSecretStatusCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretStatusCondition.

func (*ExternalSecretStatusCondition) DeepCopyInto 

func (in *ExternalSecretStatusCondition) DeepCopyInto(out *ExternalSecretStatusCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretTarget 

type ExternalSecretTarget struct {
	// Name defines the name of the Secret resource to be managed
	// This field is immutable
	// Defaults to the .metadata.name of the ExternalSecret resource
	// +optional
	Name string `json:"name,omitempty"`

	// CreationPolicy defines rules on how to create the resulting Secret
	// Defaults to 'Owner'
	// +optional
	// +kubebuilder:default="Owner"
	CreationPolicy ExternalSecretCreationPolicy `json:"creationPolicy,omitempty"`
	// DeletionPolicy defines rules on how to delete the resulting Secret
	// Defaults to 'Retain'
	// +optional
	// +kubebuilder:default="Retain"
	DeletionPolicy ExternalSecretDeletionPolicy `json:"deletionPolicy,omitempty"`
	// Template defines a blueprint for the created Secret resource.
	// +optional
	Template *ExternalSecretTemplate `json:"template,omitempty"`

	// Immutable defines if the final secret will be immutable
	// +optional
	Immutable bool `json:"immutable,omitempty"`
}

ExternalSecretTarget defines the Kubernetes Secret to be created There can be only one target per ExternalSecret.

func (*ExternalSecretTarget) DeepCopy 

func (in *ExternalSecretTarget) DeepCopy() *ExternalSecretTarget

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretTarget.

func (*ExternalSecretTarget) DeepCopyInto 

func (in *ExternalSecretTarget) DeepCopyInto(out *ExternalSecretTarget)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretTemplate 

type ExternalSecretTemplate struct {
	// +optional
	Type corev1.SecretType `json:"type,omitempty"`

	EngineVersion TemplateEngineVersion `json:"engineVersion,omitempty"`
	// +optional
	Metadata ExternalSecretTemplateMetadata `json:"metadata,omitempty"`

	// +optional
	Data map[string]string `json:"data,omitempty"`

	// +optional
	TemplateFrom []TemplateFrom `json:"templateFrom,omitempty"`
}

ExternalSecretTemplate defines a blueprint for the created Secret resource. we can not use native corev1.Secret, it will have empty ObjectMeta values: https://github.com/kubernetes-sigs/controller-tools/issues/448

func (*ExternalSecretTemplate) DeepCopy 

func (in *ExternalSecretTemplate) DeepCopy() *ExternalSecretTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretTemplate.

func (*ExternalSecretTemplate) DeepCopyInto 

func (in *ExternalSecretTemplate) DeepCopyInto(out *ExternalSecretTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalSecretTemplateMetadata 

type ExternalSecretTemplateMetadata struct {
	// +optional
	Annotations map[string]string `json:"annotations,omitempty"`

	// +optional
	Labels map[string]string `json:"labels,omitempty"`
}

ExternalSecretTemplateMetadata defines metadata fields for the Secret blueprint.

func (*ExternalSecretTemplateMetadata) DeepCopy 

func (in *ExternalSecretTemplateMetadata) DeepCopy() *ExternalSecretTemplateMetadata

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalSecretTemplateMetadata.

func (*ExternalSecretTemplateMetadata) DeepCopyInto 

func (in *ExternalSecretTemplateMetadata) DeepCopyInto(out *ExternalSecretTemplateMetadata)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FindName 

type FindName struct {
	// Finds secrets base
	// +optional
	RegExp string `json:"regexp,omitempty"`
}

func (*FindName) DeepCopy 

func (in *FindName) DeepCopy() *FindName

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FindName.

func (*FindName) DeepCopyInto 

func (in *FindName) DeepCopyInto(out *FindName)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretStoreRef 

type SecretStoreRef struct {
	// Name of the SecretStore resource
	Name string `json:"name"`

	// Kind of the SecretStore resource (SecretStore or ClusterSecretStore)
	// Defaults to `SecretStore`
	// +optional
	Kind string `json:"kind,omitempty"`
}

SecretStoreRef defines which SecretStore to fetch the ExternalSecret data.

func (*SecretStoreRef) DeepCopy 

func (in *SecretStoreRef) DeepCopy() *SecretStoreRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretStoreRef.

func (*SecretStoreRef) DeepCopyInto 

func (in *SecretStoreRef) DeepCopyInto(out *SecretStoreRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TemplateEngineVersion 

type TemplateEngineVersion string
const (
	TemplateEngineV1 TemplateEngineVersion = "v1"
	TemplateEngineV2 TemplateEngineVersion = "v2"
)

type TemplateFrom 

type TemplateFrom struct {
	ConfigMap *TemplateRef `json:"configMap,omitempty"`
	Secret    *TemplateRef `json:"secret,omitempty"`
}

+kubebuilder:validation:MinProperties=1 +kubebuilder:validation:MaxProperties=1

func (*TemplateFrom) DeepCopy 

func (in *TemplateFrom) DeepCopy() *TemplateFrom

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TemplateFrom.

func (*TemplateFrom) DeepCopyInto 

func (in *TemplateFrom) DeepCopyInto(out *TemplateFrom)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TemplateRef 

type TemplateRef struct {
	Name  string            `json:"name"`
	Items []TemplateRefItem `json:"items"`
}

func (*TemplateRef) DeepCopy 

func (in *TemplateRef) DeepCopy() *TemplateRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TemplateRef.

func (*TemplateRef) DeepCopyInto 

func (in *TemplateRef) DeepCopyInto(out *TemplateRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TemplateRefItem 

type TemplateRefItem struct {
	Key string `json:"key"`
}

func (*TemplateRefItem) DeepCopy 

func (in *TemplateRefItem) DeepCopy() *TemplateRefItem

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TemplateRefItem.

func (*TemplateRefItem) DeepCopyInto 

func (in *TemplateRefItem) DeepCopyInto(out *TemplateRefItem)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.