1package v1alpha1
  2
  3import "time"
  4
  5// SealedSecret is the K8s representation of a "sealed Secret" - a
  6// regular k8s Secret that has been sealed (encrypted) using the
  7// controller's key.
  8#SealedSecret: {
  9	_embeddedResource
 10
 11	// APIVersion defines the versioned schema of this representation
 12	// of an object.
 13	// Servers should convert recognized schemas to the latest
 14	// internal value, and
 15	// may reject unrecognized values.
 16	// More info:
 17	// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
 18	"apiVersion"?: string
 19
 20	// Kind is a string value representing the REST resource this
 21	// object represents.
 22	// Servers may infer this from the endpoint the client submits
 23	// requests to.
 24	// Cannot be updated.
 25	// In CamelCase.
 26	// More info:
 27	// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
 28	"kind"?: string
 29	"metadata"?: {}
 30
 31	// SealedSecretSpec is the specification of a SealedSecret.
 32	"spec"!: {
 33		// Data is deprecated and will be removed eventually. Use
 34		// per-value EncryptedData instead.
 35		"data"?: string
 36		"encryptedData"!: {
 37			[string]: string
 38			...
 39		}
 40
 41		// Template defines the structure of the Secret that will be
 42		// created from this sealed secret.
 43		"template"?: {
 44			// Keys that should be templated using decrypted data.
 45			"data"?:
 46				null | {
 47					[string]: string
 48				}
 49
 50			// Immutable, if set to true, ensures that data stored in the
 51			// Secret cannot
 52			// be updated (only object metadata can be modified).
 53			// If not set to true, the field can be modified at any time.
 54			// Defaulted to nil.
 55			"immutable"?: bool
 56
 57			// Standard object's metadata.
 58			// More info:
 59			// https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
 60			"metadata"?:
 61				null | {
 62					"annotations"?: [string]: string
 63					"finalizers"?: [...string]
 64					"labels"?: {
 65						[string]: string
 66					}
 67					"name"?:      string
 68					"namespace"?: string
 69					...
 70				}
 71
 72			// Used to facilitate programmatic handling of secret data.
 73			"type"?: string
 74		}
 75	}
 76
 77	// SealedSecretStatus is the most recently observed status of the
 78	// SealedSecret.
 79	"status"?: {
 80		// Represents the latest available observations of a sealed
 81		// secret's current state.
 82		"conditions"?: [...{
 83			// Last time the condition transitioned from one status to
 84			// another.
 85			"lastTransitionTime"?: time.Time
 86
 87			// The last time this condition was updated.
 88			"lastUpdateTime"?: time.Time
 89
 90			// A human readable message indicating details about the
 91			// transition.
 92			"message"?: string
 93
 94			// The reason for the condition's last transition.
 95			"reason"?: string
 96
 97			// Status of the condition for a sealed secret.
 98			// Valid values for "Synced": "True", "False", or "Unknown".
 99			"status"!: string
100
101			// Type of condition for a sealed secret.
102			// Valid value: "Synced"
103			"type"!: string
104		}]
105
106		// ObservedGeneration reflects the generation most recently
107		// observed by the sealed-secrets controller.
108		"observedGeneration"?: int64 & int
109	}
110
111	_embeddedResource: {
112		"apiVersion"!: string
113		"kind"!:       string
114		"metadata"?: {
115			...
116		}
117	}
118	apiVersion: "bitnami.com/v1alpha1"
119	kind:       "SealedSecret"
120	metadata!: {
121		"name"!:      string
122		"namespace"!: string
123		"labels"?: {
124			[string]: string
125		}
126		"annotations"?: {
127			[string]: string
128		}
129		...
130	}
131}