-
Notifications
You must be signed in to change notification settings - Fork 242
/
Copy pathociclusteridentity_v1beta1.json
156 lines (156 loc) · 7.99 KB
/
ociclusteridentity_v1beta1.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
{
"description": "OCIClusterIdentity is the Schema for the OCI Cluster Identity API",
"properties": {
"apiVersion": {
"description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
"type": "string"
},
"kind": {
"description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
"type": "string"
},
"metadata": {
"type": "object"
},
"spec": {
"description": "OCIClusterIdentitySpec defines the parameters that are used to create an OCIClusterIdentity.",
"properties": {
"allowedNamespaces": {
"description": "AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. Namespaces can be selected either using an array of namespaces or with label selector. An empty allowedNamespaces object indicates that OCIClusters can use this identity from any namespace. If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) A namespace should be either in the NamespaceList or match with Selector to use the identity.",
"nullable": true,
"properties": {
"list": {
"description": "A nil or empty list indicates that OCICluster cannot use the identity from any namespace. NamespaceList takes precedence over the Selector.",
"items": {
"type": "string"
},
"nullable": true,
"type": "array"
},
"selector": {
"description": "Selector is a selector of namespaces that OCICluster can use this Identity from. This is a standard Kubernetes LabelSelector, a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. \n A nil or empty selector indicates that OCICluster cannot use this OCIClusterIdentity from any namespace.",
"properties": {
"matchExpressions": {
"description": "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
"items": {
"description": "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.",
"properties": {
"key": {
"description": "key is the label key that the selector applies to.",
"type": "string"
},
"operator": {
"description": "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
"type": "string"
},
"values": {
"description": "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
"items": {
"type": "string"
},
"type": "array"
}
},
"required": [
"key",
"operator"
],
"type": "object",
"additionalProperties": false
},
"type": "array"
},
"matchLabels": {
"additionalProperties": {
"type": "string"
},
"description": "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed.",
"type": "object"
}
},
"type": "object",
"x-kubernetes-map-type": "atomic",
"additionalProperties": false
}
},
"type": "object",
"additionalProperties": false
},
"principalSecret": {
"description": "PrincipalSecret is a secret reference which contains the authentication credentials for the principal.",
"properties": {
"name": {
"description": "name is unique within a namespace to reference a secret resource.",
"type": "string"
},
"namespace": {
"description": "namespace defines the space within which the secret name must be unique.",
"type": "string"
}
},
"type": "object",
"x-kubernetes-map-type": "atomic",
"additionalProperties": false
},
"type": {
"description": "Type is the type of OCI Principal used. UserPrincipal is the only supported value",
"type": "string"
}
},
"required": [
"type"
],
"type": "object",
"additionalProperties": false
},
"status": {
"description": "OCIClusterIdentityStatus defines the observed state of OCIClusterIdentity.",
"properties": {
"conditions": {
"description": "Conditions defines current service state of the OCIClusterIdentity.",
"items": {
"description": "Condition defines an observation of a Cluster API resource operational state.",
"properties": {
"lastTransitionTime": {
"description": "Last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.",
"format": "date-time",
"type": "string"
},
"message": {
"description": "A human readable message indicating details about the transition. This field may be empty.",
"type": "string"
},
"reason": {
"description": "The reason for the condition's last transition in CamelCase. The specific API may choose whether or not this field is considered a guaranteed API. This field may not be empty.",
"type": "string"
},
"severity": {
"description": "Severity provides an explicit classification of Reason code, so the users or machines can immediately understand the current situation and act accordingly. The Severity field MUST be set only when Status=False.",
"type": "string"
},
"status": {
"description": "Status of the condition, one of True, False, Unknown.",
"type": "string"
},
"type": {
"description": "Type of condition in CamelCase or in foo.example.com/CamelCase. Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important.",
"type": "string"
}
},
"required": [
"lastTransitionTime",
"status",
"type"
],
"type": "object",
"additionalProperties": false
},
"type": "array"
}
},
"type": "object",
"additionalProperties": false
}
},
"type": "object"
}