-
Notifications
You must be signed in to change notification settings - Fork 21
/
operator.authorino.kuadrant.io_authorinos.yaml
277 lines (277 loc) · 11 KB
/
operator.authorino.kuadrant.io_authorinos.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.15.0
name: authorinos.operator.authorino.kuadrant.io
spec:
group: operator.authorino.kuadrant.io
names:
kind: Authorino
listKind: AuthorinoList
plural: authorinos
singular: authorino
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: Authorino is the Schema for the authorinos API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: AuthorinoSpec defines the desired state of Authorino
properties:
authConfigLabelSelectors:
type: string
clusterWide:
type: boolean
evaluatorCacheSize:
type: integer
healthz:
properties:
port:
description: Port number of the health/readiness probe endpoints.
format: int32
type: integer
type: object
image:
type: string
imagePullPolicy:
description: PullPolicy describes a policy for if/when to pull a container
image
type: string
listener:
properties:
maxHttpRequestBodySize:
description: Maximum payload (request body) size for the auth
service (HTTP interface), in bytes.
type: integer
port:
description: |-
Port number of the GRPC interface.
DEPRECATED: use 'ports.grpc' instead.
format: int32
type: integer
ports:
description: Port numbers of the GRPC and HTTP auth interfaces.
properties:
grpc:
format: int32
type: integer
http:
format: int32
type: integer
type: object
timeout:
description: Timeout of the auth service (GRPC and HTTP interfaces),
in milliseconds.
type: integer
tls:
description: TLS configuration of the auth service (GRPC and HTTP
interfaces).
properties:
certSecretRef:
description: |-
LocalObjectReference contains enough information to let you locate the
referenced object inside the same namespace.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
enabled:
type: boolean
type: object
required:
- tls
type: object
logLevel:
type: string
logMode:
type: string
metrics:
properties:
deep:
type: boolean
port:
format: int32
type: integer
type: object
oidcServer:
properties:
port:
format: int32
type: integer
tls:
properties:
certSecretRef:
description: |-
LocalObjectReference contains enough information to let you locate the
referenced object inside the same namespace.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
enabled:
type: boolean
type: object
required:
- tls
type: object
replicas:
format: int32
type: integer
secretLabelSelectors:
type: string
supersedingHostSubsets:
type: boolean
tracing:
properties:
endpoint:
type: string
insecure:
type: boolean
tags:
additionalProperties:
type: string
type: object
required:
- endpoint
type: object
volumes:
properties:
defaultMode:
description: Permissions mode.
format: int32
type: integer
items:
items:
properties:
configMaps:
description: Allow multiple configmaps to mount to the same
directory
items:
type: string
type: array
items:
description: Mount details
items:
description: Maps a string key to a path within a volume.
properties:
key:
description: key is the key to project.
type: string
mode:
description: |-
mode is Optional: mode bits used to set permissions on this file.
Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511.
YAML accepts both octal and decimal values, JSON requires decimal values for mode bits.
If not specified, the volume defaultMode will be used.
This might be in conflict with other options that affect the file
mode, like fsGroup, and the result can be other mode bits set.
format: int32
type: integer
path:
description: |-
path is the relative path of the file to map the key to.
May not be an absolute path.
May not contain the path element '..'.
May not start with the string '..'.
type: string
required:
- key
- path
type: object
type: array
mountPath:
description: An absolute path where to mount it
type: string
name:
description: Volume name
type: string
secrets:
description: Secret mount
items:
type: string
type: array
required:
- mountPath
type: object
type: array
type: object
required:
- listener
- oidcServer
type: object
status:
description: AuthorinoStatus defines the observed state of Authorino
properties:
conditions:
description: |-
Conditions is an array of the current Authorino's CR conditions
Supported condition types: ConditionReady
items:
properties:
lastTransitionTime:
description: Last time the condition transit from one status
to another.
format: date-time
type: string
lastUpdatedTime:
description: Last time the condition was updated
format: date-time
type: string
message:
description: Human readable message indicating details about
last transition.
type: string
reason:
description: (brief) reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition
type: string
required:
- status
- type
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
type: object
type: object
served: true
storage: true
subresources:
status: {}