/
appcatalog.appscode.com_appbindings.yaml
223 lines (223 loc) · 10.5 KB
/
appcatalog.appscode.com_appbindings.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
labels:
app.kubernetes.io/name: catalog
name: appbindings.appcatalog.appscode.com
spec:
additionalPrinterColumns:
- JSONPath: .spec.type
name: Type
type: string
- JSONPath: .spec.version
name: Version
type: string
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
group: appcatalog.appscode.com
names:
categories:
- catalog
- appscode
- all
kind: AppBinding
listKind: AppBindingList
plural: appbindings
singular: appbinding
preserveUnknownFields: false
scope: Namespaced
subresources: {}
validation:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AppBindingSpec is the spec for app
properties:
clientConfig:
description: ClientConfig defines how to communicate with the app. Required
properties:
caBundle:
description: CABundle is a PEM encoded CA bundle which will be used
to validate the serving certificate of this app.
format: byte
type: string
insecureSkipTLSVerify:
description: InsecureSkipTLSVerify disables TLS certificate verification
when communicating with this app. This is strongly discouraged. You
should use the CABundle instead.
type: boolean
service:
description: "`service` is a reference to the service for this app.
Either `service` or `url` must be specified. \n If the webhook
is running within the cluster, then you should use `service`."
properties:
name:
description: '`name` is the name of the service. Required'
type: string
path:
description: '`path` is an optional URL path which will be sent
in any request to this service.'
type: string
port:
description: The port that will be exposed by this app.
format: int32
type: integer
query:
description: '`query` is optional encoded query string, without
''?'' which will be sent in any request to this service.'
type: string
scheme:
description: 'Specifies which scheme to use, for example: http,
https If specified, then it will applied as prefix in this
format: scheme:// If not specified, then nothing will be prefixed'
type: string
required:
- name
- port
- scheme
type: object
url:
description: "`url` gives the location of the app, in standard URL
form (`[scheme://]host:port/path`). Exactly one of `url` or `service`
must be specified. \n The `host` should not refer to a service
running in the cluster; use the `service` field instead. The host
might be resolved via external DNS in some apiservers (e.g., `kube-apiserver`
cannot resolve in-cluster DNS as that would be a layering violation).
`host` may also be an IP address. \n A path is optional, and if
present may be any string permissible in a URL. You may use the
path to pass an arbitrary string to the app, for example, a cluster
identifier. \n Attempting to use a user or basic auth e.g. \"user:password@\"
is not allowed. Fragments (\"#...\") and query parameters (\"?...\")
are not allowed, either."
type: string
type: object
parameters:
description: "Parameters is a set of the parameters to be used to connect
to the app. The inline YAML/JSON payload to be translated into equivalent
JSON object. \n The Parameters field is NOT secret or secured in any
way and should NEVER be used to hold sensitive information. To set
parameters that contain secret information, you should ALWAYS store
that information in a Secret."
type: object
x-kubernetes-embedded-resource: true
x-kubernetes-preserve-unknown-fields: true
secret:
description: Secret is the name of the secret to create in the AppBinding's
namespace that will hold the credentials associated with the AppBinding.
properties:
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
type: object
secretTransforms:
description: List of transformations that should be applied to the credentials
associated with the ServiceBinding before they are inserted into the
Secret.
items:
description: 'SecretTransform is a single transformation that is applied
to the credentials returned from the broker before they are inserted
into the Secret associated with the ServiceBinding. Because different
brokers providing the same type of service may each return a different
credentials structure, users can specify the transformations that
should be applied to the Secret to adapt its entries to whatever
the service consumer expects. For example, the credentials returned
by the broker may include the key "USERNAME", but the consumer requires
the username to be exposed under the key "DB_USER" instead. To have
the Service Catalog transform the Secret, the following SecretTransform
must be specified in ServiceBinding.spec.secretTransform: - {"renameKey":
{"from": "USERNAME", "to": "DB_USER"}} Only one of the SecretTransform''s
members may be specified.'
properties:
addKey:
description: AddKey represents a transform that adds an additional
key to the credentials Secret
properties:
key:
description: The name of the key to add
type: string
stringValue:
description: The string (non-binary) value to add to the Secret
under the specified key.
type: string
value:
description: The binary value (possibly non-string) to add
to the Secret under the specified key. If both value and
stringValue are specified, then value is ignored and stringValue
is stored.
format: byte
type: string
required:
- key
type: object
addKeysFrom:
description: AddKeysFrom represents a transform that merges all
the entries of an existing Secret into the credentials Secret
properties:
secretRef:
description: The reference to the Secret that should be merged
into the credentials Secret.
properties:
name:
description: Name of the referent.
type: string
namespace:
description: Namespace of the referent.
type: string
type: object
type: object
removeKey:
description: RemoveKey represents a transform that removes a credentials
Secret entry
properties:
key:
description: The key to remove from the Secret
type: string
required:
- key
type: object
renameKey:
description: RenameKey represents a transform that renames a credentials
Secret entry's key
properties:
from:
description: The name of the key to rename
type: string
to:
description: The new name for the key
type: string
required:
- from
- to
type: object
type: object
type: array
type:
description: Type used to facilitate programmatic handling of application.
type: string
version:
description: Version used to facilitate programmatic handling of application.
type: string
required:
- clientConfig
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true