-
Notifications
You must be signed in to change notification settings - Fork 0
/
schema.openapi.yaml
121 lines (121 loc) · 5.86 KB
/
schema.openapi.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
---
openapi: 3.0.0
info:
title: kustomize-pass
description: kustomize generator and transformer plugin for pass managed secrets
contact:
name: Finn Sell <[email protected]>
license:
name: MIT
version: 0.3.1
paths: {}
components:
schemas:
ApiVersion:
description: "Possible values for `PassSecret`s apiVersion field"
type: string
enum:
- ftsell.de/v1beta1
GeneratorBehavior:
description: "Possible behavior which kustomize will use when handling generated resources. Defaults to `create`.\n\nSee the [upstream go definition](https://github.com/kubernetes-sigs/kustomize/blob/master/api/types/generatorargs.go)"
type: string
enum:
- create
- replace
- merge
GitPassSource:
type: object
required:
- url
properties:
url:
description: Git clone url
type: string
K8sObjectMeta:
description: "Standard object's metadata\n\nSee https://kubernetes.io/docs/reference/kubernetes-api/common-definitions/object-meta/"
type: object
required:
- name
properties:
annotations:
description: "Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects.\n\nMore info: http://kubernetes.io/docs/user-guide/annotations"
type: object
additionalProperties:
type: string
nullable: true
labels:
description: "Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services.\n\nMore info: http://kubernetes.io/docs/user-guide/labels"
type: object
additionalProperties:
type: string
nullable: true
name:
description: "Name must be unique within a namespace. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated.\n\nMore info: http://kubernetes.io/docs/user-guide/identifiers#names"
type: string
namespace:
description: "Namespace defines the space within which each name must be unique. An empty namespace is equivalent to the \"default\" namespace, but \"default\" is the canonical representation. Not all objects are required to be scoped to a namespace - the value of this field for those objects will be empty.\n\nMust be a DNS_LABEL. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/namespaces"
type: string
nullable: true
Kind:
description: "Possible values for `PassSecrets`s kind field"
type: string
enum:
- PassSecret
PassSource:
description: "A reference to the source from which [`PassSecret`](crate::k8s_type::PassSecret) data is retrieved"
anyOf:
- description: "Use the existing store located at `~/.password-store` or pointed to by environment variable `PASSWORD_STORE_DIR`"
type: "null"
- description: Use a git repository which contains a password store at its root
allOf:
- $ref: "#/components/schemas/GitPassSource"
V1Beta1PassSecret:
description: "The concrete type that is used to configure this application as a KRM function\n\nThe content of this object is similar to the [Kubernetes Secret definition](https://kubernetes.io/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/) except that the meaning of the `data` field is different because all values are retrieved from pass."
type: object
required:
- apiVersion
- data
- kind
- metadata
properties:
apiVersion:
description: Kubernetes object apiVersion of this object
allOf:
- $ref: "#/components/schemas/ApiVersion"
behavior:
description: Which behavior kustomize uses when handling the generated resource
default: create
allOf:
- $ref: "#/components/schemas/GeneratorBehavior"
data:
description: "Data contains the secret data references.\n\nKeys will be copied to the resulting kubernetes secret object while values will be retrieved from pass. This works by using the value of **this** object as the name of the entry in pass.\n\nEach key must consist of alphanumeric characters, '-', '_' or '.'."
type: object
additionalProperties:
type: string
immutable:
description: "Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil."
type: boolean
nullable: true
kind:
description: Kind of the kubernetes objects
allOf:
- $ref: "#/components/schemas/Kind"
metadata:
description: "Standard object's metadata"
allOf:
- $ref: "#/components/schemas/K8sObjectMeta"
plainData:
description: "Optional data that is not retrieved from pass but given in plaintext (as string, not base64 encoded)"
type: object
additionalProperties:
type: string
nullable: true
source:
description: Reference to the store from which data of this secret should be retrieved
default: ~
allOf:
- $ref: "#/components/schemas/PassSource"
type:
description: "Used to facilitate programmatic handling of secret data.\n\nSee https://kubernetes.io/docs/concepts/configuration/secret/#secret-types"
type: string
nullable: true