Update rendered external-secrets
This commit is contained in:
parent
3597cd82d4
commit
4511625be7
1 changed files with 482 additions and 68 deletions
|
|
@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: acraccesstokens.generators.external-secrets.io
|
||||
|
|
@ -41,7 +41,6 @@ spec:
|
|||
This can be scoped down to the repository level using .spec.scope.
|
||||
In case scope is defined it will return an ACR Access Token.
|
||||
|
||||
|
||||
See docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md
|
||||
properties:
|
||||
apiVersion:
|
||||
|
|
@ -184,12 +183,10 @@ spec:
|
|||
if not provided it will return a refresh token that has full scope.
|
||||
Note: you need to pin it down to the repository level, there is no wildcard available.
|
||||
|
||||
|
||||
examples:
|
||||
repository:my-repository:pull,push
|
||||
repository:my-repository:pull
|
||||
|
||||
|
||||
see docs for details: https://docs.docker.com/registry/spec/auth/scope/
|
||||
type: string
|
||||
tenantId:
|
||||
|
|
@ -210,7 +207,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: clusterexternalsecrets.external-secrets.io
|
||||
|
|
@ -359,7 +356,6 @@ spec:
|
|||
description: |-
|
||||
GeneratorRef points to a generator custom resource.
|
||||
|
||||
|
||||
Deprecated: The generatorRef is not implemented in .data[].
|
||||
this will be removed with v1.
|
||||
properties:
|
||||
|
|
@ -908,7 +904,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: clustersecretstores.external-secrets.io
|
||||
|
|
@ -3213,6 +3209,156 @@ spec:
|
|||
required:
|
||||
- vaultUrl
|
||||
type: object
|
||||
beyondtrust:
|
||||
description: Beyondtrust configures this store to sync secrets
|
||||
using Password Safe provider.
|
||||
properties:
|
||||
auth:
|
||||
description: Auth configures how the operator authenticates
|
||||
with Beyondtrust.
|
||||
properties:
|
||||
certificate:
|
||||
description: Content of the certificate (cert.pem) for
|
||||
use when authenticating with an OAuth client Id using
|
||||
a Client Certificate.
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
certificateKey:
|
||||
description: Certificate private key (key.pem). For use
|
||||
when authenticating with an OAuth client Id
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
clientId:
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
clientSecret:
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- clientId
|
||||
- clientSecret
|
||||
type: object
|
||||
server:
|
||||
description: Auth configures how API server works.
|
||||
properties:
|
||||
apiUrl:
|
||||
type: string
|
||||
clientTimeOutSeconds:
|
||||
description: Timeout specifies a time limit for requests
|
||||
made by this Client. The timeout includes connection
|
||||
time, any redirects, and reading the response body.
|
||||
Defaults to 45 seconds.
|
||||
type: integer
|
||||
retrievalType:
|
||||
description: The secret retrieval type. SECRET = Secrets
|
||||
Safe (credential, text, file). MANAGED_ACCOUNT = Password
|
||||
Safe account associated with a system.
|
||||
type: string
|
||||
separator:
|
||||
description: A character that separates the folder names.
|
||||
type: string
|
||||
verifyCA:
|
||||
type: boolean
|
||||
required:
|
||||
- apiUrl
|
||||
- verifyCA
|
||||
type: object
|
||||
required:
|
||||
- auth
|
||||
- server
|
||||
type: object
|
||||
bitwardensecretsmanager:
|
||||
description: BitwardenSecretsManager configures this store to
|
||||
sync secrets using BitwardenSecretsManager provider
|
||||
|
|
@ -3259,6 +3405,33 @@ spec:
|
|||
Base64 encoded certificate for the bitwarden server sdk. The sdk MUST run with HTTPS to make sure no MITM attack
|
||||
can be performed.
|
||||
type: string
|
||||
caProvider:
|
||||
description: 'see: https://external-secrets.io/latest/spec/#external-secrets.io/v1alpha1.CAProvider'
|
||||
properties:
|
||||
key:
|
||||
description: The key where the CA certificate can be found
|
||||
in the Secret or ConfigMap.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the object located at the provider
|
||||
type.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
The namespace the Provider type is in.
|
||||
Can only be defined when used in a ClusterSecretStore.
|
||||
type: string
|
||||
type:
|
||||
description: The type of provider to use such as "Secret",
|
||||
or "ConfigMap".
|
||||
enum:
|
||||
- Secret
|
||||
- ConfigMap
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- type
|
||||
type: object
|
||||
identityURL:
|
||||
type: string
|
||||
organizationID:
|
||||
|
|
@ -3271,7 +3444,6 @@ spec:
|
|||
type: string
|
||||
required:
|
||||
- auth
|
||||
- caBundle
|
||||
- organizationID
|
||||
- projectID
|
||||
type: object
|
||||
|
|
@ -5681,7 +5853,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: ecrauthorizationtokens.generators.external-secrets.io
|
||||
|
|
@ -5853,7 +6025,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: externalsecrets.external-secrets.io
|
||||
|
|
@ -6123,9 +6295,7 @@ spec:
|
|||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -6269,7 +6439,6 @@ spec:
|
|||
description: |-
|
||||
GeneratorRef points to a generator custom resource.
|
||||
|
||||
|
||||
Deprecated: The generatorRef is not implemented in .data[].
|
||||
this will be removed with v1.
|
||||
properties:
|
||||
|
|
@ -6657,9 +6826,7 @@ spec:
|
|||
This field is effectively required, but due to backwards compatibility is
|
||||
allowed to be empty. Instances of this type with an empty value here are
|
||||
almost certainly wrong.
|
||||
TODO: Add other useful fields. apiVersion, kind, uid?
|
||||
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
||||
TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
|
||||
type: string
|
||||
type: object
|
||||
x-kubernetes-map-type: atomic
|
||||
|
|
@ -6704,7 +6871,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: fakes.generators.external-secrets.io
|
||||
|
|
@ -6781,7 +6948,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: gcraccesstokens.generators.external-secrets.io
|
||||
|
|
@ -6913,7 +7080,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: githubaccesstokens.generators.external-secrets.io
|
||||
|
|
@ -7017,7 +7184,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: passwords.generators.external-secrets.io
|
||||
|
|
@ -7116,7 +7283,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
name: pushsecrets.external-secrets.io
|
||||
spec:
|
||||
conversion:
|
||||
|
|
@ -7508,7 +7675,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: secretstores.external-secrets.io
|
||||
|
|
@ -9813,6 +9980,156 @@ spec:
|
|||
required:
|
||||
- vaultUrl
|
||||
type: object
|
||||
beyondtrust:
|
||||
description: Beyondtrust configures this store to sync secrets
|
||||
using Password Safe provider.
|
||||
properties:
|
||||
auth:
|
||||
description: Auth configures how the operator authenticates
|
||||
with Beyondtrust.
|
||||
properties:
|
||||
certificate:
|
||||
description: Content of the certificate (cert.pem) for
|
||||
use when authenticating with an OAuth client Id using
|
||||
a Client Certificate.
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
certificateKey:
|
||||
description: Certificate private key (key.pem). For use
|
||||
when authenticating with an OAuth client Id
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
clientId:
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
clientSecret:
|
||||
properties:
|
||||
secretRef:
|
||||
description: SecretRef references a key in a secret
|
||||
that will be used as value.
|
||||
properties:
|
||||
key:
|
||||
description: |-
|
||||
The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be
|
||||
defaulted, in others it may be required.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the Secret resource being
|
||||
referred to.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults
|
||||
to the namespace of the referent.
|
||||
type: string
|
||||
type: object
|
||||
value:
|
||||
description: Value can be specified directly to set
|
||||
a value without using a secret.
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- clientId
|
||||
- clientSecret
|
||||
type: object
|
||||
server:
|
||||
description: Auth configures how API server works.
|
||||
properties:
|
||||
apiUrl:
|
||||
type: string
|
||||
clientTimeOutSeconds:
|
||||
description: Timeout specifies a time limit for requests
|
||||
made by this Client. The timeout includes connection
|
||||
time, any redirects, and reading the response body.
|
||||
Defaults to 45 seconds.
|
||||
type: integer
|
||||
retrievalType:
|
||||
description: The secret retrieval type. SECRET = Secrets
|
||||
Safe (credential, text, file). MANAGED_ACCOUNT = Password
|
||||
Safe account associated with a system.
|
||||
type: string
|
||||
separator:
|
||||
description: A character that separates the folder names.
|
||||
type: string
|
||||
verifyCA:
|
||||
type: boolean
|
||||
required:
|
||||
- apiUrl
|
||||
- verifyCA
|
||||
type: object
|
||||
required:
|
||||
- auth
|
||||
- server
|
||||
type: object
|
||||
bitwardensecretsmanager:
|
||||
description: BitwardenSecretsManager configures this store to
|
||||
sync secrets using BitwardenSecretsManager provider
|
||||
|
|
@ -9859,6 +10176,33 @@ spec:
|
|||
Base64 encoded certificate for the bitwarden server sdk. The sdk MUST run with HTTPS to make sure no MITM attack
|
||||
can be performed.
|
||||
type: string
|
||||
caProvider:
|
||||
description: 'see: https://external-secrets.io/latest/spec/#external-secrets.io/v1alpha1.CAProvider'
|
||||
properties:
|
||||
key:
|
||||
description: The key where the CA certificate can be found
|
||||
in the Secret or ConfigMap.
|
||||
type: string
|
||||
name:
|
||||
description: The name of the object located at the provider
|
||||
type.
|
||||
type: string
|
||||
namespace:
|
||||
description: |-
|
||||
The namespace the Provider type is in.
|
||||
Can only be defined when used in a ClusterSecretStore.
|
||||
type: string
|
||||
type:
|
||||
description: The type of provider to use such as "Secret",
|
||||
or "ConfigMap".
|
||||
enum:
|
||||
- Secret
|
||||
- ConfigMap
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- type
|
||||
type: object
|
||||
identityURL:
|
||||
type: string
|
||||
organizationID:
|
||||
|
|
@ -9871,7 +10215,6 @@ spec:
|
|||
type: string
|
||||
required:
|
||||
- auth
|
||||
- caBundle
|
||||
- organizationID
|
||||
- projectID
|
||||
type: object
|
||||
|
|
@ -12281,7 +12624,70 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
name: uuids.generators.external-secrets.io
|
||||
spec:
|
||||
conversion:
|
||||
strategy: Webhook
|
||||
webhook:
|
||||
clientConfig:
|
||||
service:
|
||||
name: external-secrets-webhook
|
||||
namespace: external-secrets
|
||||
path: /convert
|
||||
conversionReviewVersions:
|
||||
- v1
|
||||
group: generators.external-secrets.io
|
||||
names:
|
||||
categories:
|
||||
- password
|
||||
kind: UUID
|
||||
listKind: UUIDList
|
||||
plural: uuids
|
||||
shortNames:
|
||||
- uuids
|
||||
singular: uuid
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: |-
|
||||
Password generates a random password based on the
|
||||
configuration parameters in spec.
|
||||
You can specify the length, characterset and other attributes.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: |-
|
||||
APIVersion defines the versioned schema of this representation of an object.
|
||||
Servers should convert recognized schemas to the latest internal value, and
|
||||
may reject unrecognized values.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
||||
type: string
|
||||
kind:
|
||||
description: |-
|
||||
Kind is a string value representing the REST resource this object represents.
|
||||
Servers may infer this from the endpoint the client submits requests to.
|
||||
Cannot be updated.
|
||||
In CamelCase.
|
||||
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: UUIDSpec controls the behavior of the uuid generator.
|
||||
type: object
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
subresources:
|
||||
status: {}
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: vaultdynamicsecrets.generators.external-secrets.io
|
||||
|
|
@ -13012,7 +13418,7 @@ apiVersion: apiextensions.k8s.io/v1
|
|||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.15.0
|
||||
controller-gen.kubebuilder.io/version: v0.16.2
|
||||
labels:
|
||||
external-secrets.io/component: controller
|
||||
name: webhooks.generators.external-secrets.io
|
||||
|
|
@ -13169,8 +13575,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets
|
||||
namespace: external-secrets
|
||||
---
|
||||
|
|
@ -13181,8 +13587,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-cert-controller
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-cert-controller
|
||||
namespace: external-secrets
|
||||
---
|
||||
|
|
@ -13193,8 +13599,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-webhook
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-webhook
|
||||
namespace: external-secrets
|
||||
---
|
||||
|
|
@ -13205,8 +13611,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-leaderelection
|
||||
namespace: external-secrets
|
||||
rules:
|
||||
|
|
@ -13243,8 +13649,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-cert-controller
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-cert-controller
|
||||
rules:
|
||||
- apiGroups:
|
||||
|
|
@ -13262,9 +13668,17 @@ rules:
|
|||
resources:
|
||||
- validatingwebhookconfigurations
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- get
|
||||
- apiGroups:
|
||||
- admissionregistration.k8s.io
|
||||
resourceNames:
|
||||
- secretstore-validate
|
||||
- externalsecret-validate
|
||||
resources:
|
||||
- validatingwebhookconfigurations
|
||||
verbs:
|
||||
- update
|
||||
- patch
|
||||
- apiGroups:
|
||||
|
|
@ -13309,8 +13723,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-controller
|
||||
rules:
|
||||
- apiGroups:
|
||||
|
|
@ -13420,8 +13834,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||||
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
||||
name: external-secrets-edit
|
||||
|
|
@ -13464,8 +13878,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
servicebinding.io/controller: "true"
|
||||
name: external-secrets-servicebindings
|
||||
rules:
|
||||
|
|
@ -13485,8 +13899,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
rbac.authorization.k8s.io/aggregate-to-admin: "true"
|
||||
rbac.authorization.k8s.io/aggregate-to-edit: "true"
|
||||
rbac.authorization.k8s.io/aggregate-to-view: "true"
|
||||
|
|
@ -13526,8 +13940,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-leaderelection
|
||||
namespace: external-secrets
|
||||
roleRef:
|
||||
|
|
@ -13546,8 +13960,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-cert-controller
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-cert-controller
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
|
@ -13565,8 +13979,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-controller
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
|
|
@ -13584,9 +13998,9 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-webhook
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
external-secrets.io/component: webhook
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-webhook
|
||||
namespace: external-secrets
|
||||
---
|
||||
|
|
@ -13597,9 +14011,9 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-webhook
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
external-secrets.io/component: webhook
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-webhook
|
||||
namespace: external-secrets
|
||||
spec:
|
||||
|
|
@ -13620,8 +14034,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets
|
||||
namespace: external-secrets
|
||||
spec:
|
||||
|
|
@ -13637,8 +14051,8 @@ spec:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
spec:
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
|
|
@ -13647,7 +14061,7 @@ spec:
|
|||
- --metrics-addr=:8080
|
||||
- --loglevel=info
|
||||
- --zap-time-encoding=epoch
|
||||
image: ghcr.io/external-secrets/external-secrets:v0.10.0
|
||||
image: ghcr.io/external-secrets/external-secrets:v0.10.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: external-secrets
|
||||
ports:
|
||||
|
|
@ -13675,8 +14089,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-cert-controller
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-cert-controller
|
||||
namespace: external-secrets
|
||||
spec:
|
||||
|
|
@ -13692,8 +14106,8 @@ spec:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-cert-controller
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
spec:
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
|
|
@ -13709,7 +14123,7 @@ spec:
|
|||
- --loglevel=info
|
||||
- --zap-time-encoding=epoch
|
||||
- --enable-partial-cache=true
|
||||
image: ghcr.io/external-secrets/external-secrets:v0.10.0
|
||||
image: ghcr.io/external-secrets/external-secrets:v0.10.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: cert-controller
|
||||
ports:
|
||||
|
|
@ -13742,8 +14156,8 @@ metadata:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-webhook
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
name: external-secrets-webhook
|
||||
namespace: external-secrets
|
||||
spec:
|
||||
|
|
@ -13759,8 +14173,8 @@ spec:
|
|||
app.kubernetes.io/instance: external-secrets
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
app.kubernetes.io/name: external-secrets-webhook
|
||||
app.kubernetes.io/version: v0.10.0
|
||||
helm.sh/chart: external-secrets-0.10.0
|
||||
app.kubernetes.io/version: v0.10.3
|
||||
helm.sh/chart: external-secrets-0.10.3
|
||||
spec:
|
||||
automountServiceAccountToken: true
|
||||
containers:
|
||||
|
|
@ -13774,7 +14188,7 @@ spec:
|
|||
- --healthz-addr=:8081
|
||||
- --loglevel=info
|
||||
- --zap-time-encoding=epoch
|
||||
image: ghcr.io/external-secrets/external-secrets:v0.10.0
|
||||
image: ghcr.io/external-secrets/external-secrets:v0.10.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
name: webhook
|
||||
ports:
|
||||
|
|
|
|||
Loading…
Reference in a new issue