{ "description": "VaultConnection is the Schema for the vaultconnections API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": [ "string", "null" ] }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": [ "string", "null" ] }, "metadata": { "type": [ "object", "null" ] }, "spec": { "additionalProperties": false, "description": "VaultConnectionSpec defines the desired state of VaultConnection", "properties": { "address": { "description": "Address of the Vault server", "type": "string" }, "caCertPath": { "description": "CACertPath is the path to a trusted PEM-encoded CA certificate file on the filesystem that can be used to validate\nthe certificate presented by the Vault server.\nCACertPath and CACertSecretRef are mutually exclusive, and only one should be specified.", "type": [ "string", "null" ] }, "caCertSecretRef": { "description": "CACertSecretRef is the name of a Kubernetes secret containing the trusted PEM encoded CA certificate chain as `ca.crt`.\nCACertPath and CACertSecretRef are mutually exclusive, and only one should be specified.", "type": [ "string", "null" ] }, "headers": { "additionalProperties": { "type": "string" }, "description": "Headers to be included in all Vault requests.", "type": [ "object", "null" ] }, "skipTLSVerify": { "default": false, "description": "SkipTLSVerify for TLS connections.", "type": "boolean" }, "timeout": { "description": "Timeout applied to all Vault requests for this connection. If not set, the\ndefault timeout from the Vault API client config is used.", "pattern": "^([0-9]+(\\.[0-9]+)?(s|m|h))$", "type": [ "string", "null" ] }, "tlsServerName": { "description": "TLSServerName to use as the SNI host for TLS connections.", "type": [ "string", "null" ] } }, "required": [ "address", "skipTLSVerify" ], "type": [ "object", "null" ] }, "status": { "additionalProperties": false, "description": "VaultConnectionStatus defines the observed state of VaultConnection", "properties": { "conditions": { "description": "Conditions hold information that can be used by other apps to determine the\nhealth of the resource instance.", "items": { "additionalProperties": false, "description": "Condition contains details for one aspect of the current state of this API Resource.", "properties": { "lastTransitionTime": { "description": "lastTransitionTime is the last time the condition transitioned from one status to another.\nThis should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.", "format": "date-time", "type": "string" }, "message": { "description": "message is a human readable message indicating details about the transition.\nThis may be an empty string.", "maxLength": 32768, "type": "string" }, "observedGeneration": { "description": "observedGeneration represents the .metadata.generation that the condition was set based upon.\nFor instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "minimum": 0, "type": [ "integer", "null" ] }, "reason": { "description": "reason contains a programmatic identifier indicating the reason for the condition's last transition.\nProducers of specific condition types may define expected values and meanings for this field,\nand whether the values are considered a guaranteed API.\nThe value should be a CamelCase string.\nThis field may not be empty.", "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "description": "status of the condition, one of True, False, Unknown.", "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "description": "type of condition in CamelCase or in foo.example.com/CamelCase.", "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": [ "array", "null" ] }, "valid": { "description": "Valid auth mechanism.", "type": "boolean" } }, "required": [ "valid" ], "type": [ "object", "null" ] } }, "type": "object" }