software-engineering/zitadel-resources-operator
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update crd
All checks were successful
Build and Publish / build-release (push) Successful in 2m8s
Details

Browse Source
This commit is contained in:
HaimKortovich
2026-04-30 15:56:58 -05:00
parent 319acd90de
commit 7a4a52e917
13 changed files with 825 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
api/v1alpha1/zz_generated.deepcopy.go
View File

@@ -944,6 +944,7 @@ func (in *OrganizationList) DeepCopyObject() runtime.Object {
func (in *OrganizationRef) DeepCopyInto(out *OrganizationRef) { func (in *OrganizationRef) DeepCopyInto(out *OrganizationRef) {
*out = *in *out = *in
out.ObjectReference = in.ObjectReference out.ObjectReference = in.ObjectReference
out.ConnectionRef = in.ConnectionRef
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationRef. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrganizationRef.
@@ -1108,6 +1109,7 @@ func (in *ProjectList) DeepCopyObject() runtime.Object {
func (in *ProjectRef) DeepCopyInto(out *ProjectRef) { func (in *ProjectRef) DeepCopyInto(out *ProjectRef) {
*out = *in *out = *in
out.ObjectReference = in.ObjectReference out.ObjectReference = in.ObjectReference
out.ConnectionRef = in.ConnectionRef
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectRef. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectRef.
@@ -1190,6 +1192,21 @@ func (in *ProjectStatus) DeepCopy() *ProjectStatus {
return out return out
} }
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ResolvedReference) DeepCopyInto(out *ResolvedReference) {
*out = *in
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResolvedReference.
func (in *ResolvedReference) DeepCopy() *ResolvedReference {
if in == nil {
return nil
}
out := new(ResolvedReference)
in.DeepCopyInto(out)
return out
}
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Resource) DeepCopyInto(out *Resource) { func (in *Resource) DeepCopyInto(out *Resource) {
*out = *in *out = *in

50
config/crd/bases/zitadel.github.com_actions.yaml
View File

@@ -46,6 +46,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -87,6 +92,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
script: script:
type: string type: string
timeout: timeout:

50
config/crd/bases/zitadel.github.com_apiapps.yaml
View File

@@ -48,6 +48,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -89,6 +94,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
required: required:
- authMethodType - authMethodType
- projectRef - projectRef

50
config/crd/bases/zitadel.github.com_flows.yaml
View File

@@ -95,6 +95,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -136,6 +141,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
triggerType: triggerType:
enum: enum:
- TRIGGER_TYPE_POST_AUTHENTICATION - TRIGGER_TYPE_POST_AUTHENTICATION

102
config/crd/bases/zitadel.github.com_machineusers.yaml
View File

@@ -48,6 +48,13 @@ spec:
items: items:
properties: properties:
projectRef: projectRef:
description: ProjectRef can reference a project via K8s object
or direct Zitadel ID
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -89,6 +96,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or
zitadel ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
roleKeys: roleKeys:
items: items:
type: string type: string
@@ -154,6 +206,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -195,6 +252,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
username: username:
type: string type: string
required: required:

52
config/crd/bases/zitadel.github.com_oidcapps.yaml
View File

@@ -94,6 +94,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -135,6 +140,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
redirectUris: redirectUris:
items: items:
type: string type: string
@@ -232,8 +282,6 @@ spec:
- type - type
type: object type: object
type: array type: array
required:
- appId
type: object type: object
type: object type: object
served: true served: true

102
config/crd/bases/zitadel.github.com_projects.yaml
View File

@@ -43,6 +43,13 @@ spec:
items: items:
properties: properties:
organizationRef: organizationRef:
description: OrganizationRef can reference an organization via
K8s object or direct Zitadel ID
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -84,6 +91,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or
zitadel ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
roleKeys: roleKeys:
items: items:
type: string type: string
@@ -100,6 +152,11 @@ spec:
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
https://zitadel.com/docs/apis/resources/mgmt/management-service-add-project https://zitadel.com/docs/apis/resources/mgmt/management-service-add-project
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -141,6 +198,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
projectName: projectName:
type: string type: string
projectRoleAssertion: projectRoleAssertion:

50
ops/chart/crds/action-crd.yaml
View File

@@ -45,6 +45,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -86,6 +91,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
script: script:
type: string type: string
timeout: timeout:

50
ops/chart/crds/apiapp-crd.yaml
View File

@@ -47,6 +47,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -88,6 +93,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
required: required:
- authMethodType - authMethodType
- projectRef - projectRef

50
ops/chart/crds/flow-crd.yaml
View File

@@ -94,6 +94,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -135,6 +140,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
triggerType: triggerType:
enum: enum:
- TRIGGER_TYPE_POST_AUTHENTICATION - TRIGGER_TYPE_POST_AUTHENTICATION

102
ops/chart/crds/machineuser-crd.yaml
View File

@@ -47,6 +47,13 @@ spec:
items: items:
properties: properties:
projectRef: projectRef:
description: ProjectRef can reference a project via K8s object
or direct Zitadel ID
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -88,6 +95,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or
zitadel ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
roleKeys: roleKeys:
items: items:
type: string type: string
@@ -153,6 +205,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -194,6 +251,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
username: username:
type: string type: string
required: required:

52
ops/chart/crds/oidcapp-crd.yaml
View File

@@ -93,6 +93,11 @@ spec:
description: |- description: |-
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -134,6 +139,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
redirectUris: redirectUris:
items: items:
type: string type: string
@@ -231,8 +281,6 @@ spec:
- type - type
type: object type: object
type: array type: array
required:
- appId
type: object type: object
type: object type: object
served: true served: true

102
ops/chart/crds/project-crd.yaml
View File

@@ -42,6 +42,13 @@ spec:
items: items:
properties: properties:
organizationRef: organizationRef:
description: OrganizationRef can reference an organization via
K8s object or direct Zitadel ID
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -83,6 +90,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or
zitadel ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
roleKeys: roleKeys:
items: items:
type: string type: string
@@ -99,6 +151,11 @@ spec:
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file Important: Run "make" to regenerate code after modifying this file
https://zitadel.com/docs/apis/resources/mgmt/management-service-add-project https://zitadel.com/docs/apis/resources/mgmt/management-service-add-project
properties:
apiVersion:
description: API version of the referent.
type: string
connectionRef:
properties: properties:
apiVersion: apiVersion:
description: API version of the referent. description: API version of the referent.
@@ -140,6 +197,51 @@ spec:
type: string type: string
type: object type: object
x-kubernetes-map-type: atomic x-kubernetes-map-type: atomic
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
type: string
id:
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
x-kubernetes-validations:
- message: must provide either k8s object reference (name) or zitadel
ID reference (id), but not both
rule: has(self.name) == has(self.id)
- message: zitadel ID reference requires connectionRef.name
rule: '!has(self.id) || has(self.connectionRef.name)'
projectName: projectName:
type: string type: string
projectRoleAssertion: projectRoleAssertion: