f3ad42960a
This patchset provides the manifests supporting CAPZ v0.5.2. It requires CAPI v1alpha4 (v0.4.2) manifests and clusterctl v0.4.2 binary to work properly. Depends-on: https://review.opendev.org/c/airship/airshipctl/+/804834 Relates-to: #600 Change-Id: Icccaf84d8765c75fb19bb2be352086cc33647f30
122 lines
5.4 KiB
YAML
122 lines
5.4 KiB
YAML
|
|
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.3.0
|
|
creationTimestamp: null
|
|
name: azuresystemassignedidentites.infrastructure.cluster.x-k8s.io
|
|
spec:
|
|
group: infrastructure.cluster.x-k8s.io
|
|
names:
|
|
categories:
|
|
- cluster-api
|
|
kind: AzureSystemAssignedIdentity
|
|
listKind: AzureSystemAssignedIdentityList
|
|
plural: azuresystemassignedidentites
|
|
singular: azuresystemassignedidentity
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha3
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: AzureSystemAssignedIdentity represents a reference to an Azure
|
|
access key ID and secret access key, stored in a secret.
|
|
properties:
|
|
apiVersion:
|
|
description: 'APIVersion defines the versioned schema of this representation
|
|
of an object. Servers should convert recognized schemas to the latest
|
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
|
type: string
|
|
kind:
|
|
description: 'Kind is a string value representing the REST resource this
|
|
object represents. Servers may infer this from the endpoint the client
|
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: Spec for this AzureSystemAssignedIdentitySpec.
|
|
properties:
|
|
allowedNamespaces:
|
|
description: "AllowedNamespaces is a selector of namespaces that AzureClusters
|
|
can use this ClusterPrincipal from. This is a standard Kubernetes
|
|
LabelSelector, a label query over a set of resources. The result
|
|
of matchLabels and matchExpressions are ANDed. Controllers must
|
|
not support AzureClusters in namespaces outside this selector. \n
|
|
An empty selector (default) indicates that AzureClusters can use
|
|
this AzureSystemAssignedIdentity from any namespace. This field
|
|
is intentionally not a pointer because the nil behavior (no namespaces)
|
|
is undesirable here."
|
|
properties:
|
|
matchExpressions:
|
|
description: matchExpressions is a list of label selector requirements.
|
|
The requirements are ANDed.
|
|
items:
|
|
description: A label selector requirement is a selector that
|
|
contains values, a key, and an operator that relates the key
|
|
and values.
|
|
properties:
|
|
key:
|
|
description: key is the label key that the selector applies
|
|
to.
|
|
type: string
|
|
operator:
|
|
description: operator represents a key's relationship to
|
|
a set of values. Valid operators are In, NotIn, Exists
|
|
and DoesNotExist.
|
|
type: string
|
|
values:
|
|
description: values is an array of string values. If the
|
|
operator is In or NotIn, the values array must be non-empty.
|
|
If the operator is Exists or DoesNotExist, the values
|
|
array must be empty. This array is replaced during a strategic
|
|
merge patch.
|
|
items:
|
|
type: string
|
|
type: array
|
|
required:
|
|
- key
|
|
- operator
|
|
type: object
|
|
type: array
|
|
matchLabels:
|
|
additionalProperties:
|
|
type: string
|
|
description: matchLabels is a map of {key,value} pairs. A single
|
|
{key,value} in the matchLabels map is equivalent to an element
|
|
of matchExpressions, whose key field is "key", the operator
|
|
is "In", and the values array contains only "value". The requirements
|
|
are ANDed.
|
|
type: object
|
|
type: object
|
|
name:
|
|
type: string
|
|
secretRef:
|
|
description: 'Reference to a secret containing the credentials. The
|
|
secret should contain the following data keys: tenantID'
|
|
properties:
|
|
name:
|
|
description: Name is unique within a namespace to reference a
|
|
secret resource.
|
|
type: string
|
|
namespace:
|
|
description: Namespace defines the space within which the secret
|
|
name must be unique.
|
|
type: string
|
|
type: object
|
|
required:
|
|
- name
|
|
- secretRef
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
status:
|
|
acceptedNames:
|
|
kind: ""
|
|
plural: ""
|
|
conditions: []
|
|
storedVersions: []
|