HaimKortovich
d5c3485fd2
All checks were successful
Build and Publish / build-release (push) Successful in 8m29s
243 lines
10 KiB
YAML
243 lines
10 KiB
YAML
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.17.3
|
|
name: oidcapps.zitadel.github.com
|
|
spec:
|
|
group: zitadel.github.com
|
|
names:
|
|
kind: OIDCApp
|
|
listKind: OIDCAppList
|
|
plural: oidcapps
|
|
singular: oidcapp
|
|
scope: Namespaced
|
|
versions:
|
|
- name: v1alpha1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: OIDCApp is the Schema for the oidcapps API
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: OIDCAppSpec defines the desired state of OIDCApp
|
|
properties:
|
|
accessTokenRoleAssertion:
|
|
type: boolean
|
|
accessTokenType:
|
|
enum:
|
|
- OIDC_TOKEN_TYPE_BEARER
|
|
- OIDC_TOKEN_TYPE_JWT
|
|
type: string
|
|
additionalOrigins:
|
|
items:
|
|
type: string
|
|
type: array
|
|
appType:
|
|
enum:
|
|
- OIDC_APP_TYPE_WEB
|
|
- OIDC_APP_TYPE_USER_AGENT
|
|
- OIDC_APP_TYPE_NATIVE
|
|
type: string
|
|
authMethodType:
|
|
enum:
|
|
- OIDC_AUTH_METHOD_TYPE_BASIC
|
|
- OIDC_AUTH_METHOD_TYPE_POST
|
|
- OIDC_AUTH_METHOD_TYPE_NONE
|
|
- OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
|
|
type: string
|
|
backChannelLogoutUri:
|
|
type: string
|
|
clockSkew:
|
|
format: duration
|
|
type: string
|
|
devMode:
|
|
type: boolean
|
|
grantTypes:
|
|
items:
|
|
enum:
|
|
- OIDC_GRANT_TYPE_AUTHORIZATION_CODE
|
|
- OIDC_GRANT_TYPE_IMPLICIT
|
|
- OIDC_GRANT_TYPE_REFRESH_TOKEN
|
|
- OIDC_GRANT_TYPE_DEVICE_CODE
|
|
- OIDC_GRANT_TYPE_TOKEN_EXCHANGE
|
|
type: string
|
|
type: array
|
|
idTokenRoleAssertion:
|
|
type: boolean
|
|
idTokenUserinfoAssertion:
|
|
type: boolean
|
|
oidcAppName:
|
|
type: string
|
|
postLogoutRedirectUris:
|
|
items:
|
|
type: string
|
|
type: array
|
|
projectRef:
|
|
description: |-
|
|
INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
|
|
Important: Run "make" to regenerate code after modifying this file
|
|
properties:
|
|
apiVersion:
|
|
description: API version of the referent.
|
|
type: string
|
|
fieldPath:
|
|
description: |-
|
|
If referring to a piece of an object instead of an entire object, this string
|
|
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
|
|
For example, if the object reference is to a container within a pod, this would take on a value like:
|
|
"spec.containers{name}" (where "name" refers to the name of the container that triggered
|
|
the event) or if no container name is specified "spec.containers[2]" (container with
|
|
index 2 in this pod). This syntax is chosen only to have some well-defined way of
|
|
referencing a part of an object.
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind of the referent.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
name:
|
|
description: |-
|
|
Name of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
type: string
|
|
namespace:
|
|
description: |-
|
|
Namespace of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
|
|
type: string
|
|
resourceVersion:
|
|
description: |-
|
|
Specific resourceVersion to which this reference is made, if any.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
|
|
type: string
|
|
uid:
|
|
description: |-
|
|
UID of the referent.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
|
|
type: string
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
redirectUris:
|
|
items:
|
|
type: string
|
|
type: array
|
|
responseTypes:
|
|
items:
|
|
enum:
|
|
- OIDC_RESPONSE_TYPE_CODE
|
|
- OIDC_RESPONSE_TYPE_ID_TOKEN
|
|
- OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN
|
|
type: string
|
|
type: array
|
|
skipNativeAppSuccessPage:
|
|
type: boolean
|
|
required:
|
|
- accessTokenRoleAssertion
|
|
- accessTokenType
|
|
- appType
|
|
- authMethodType
|
|
- clockSkew
|
|
- devMode
|
|
- grantTypes
|
|
- idTokenRoleAssertion
|
|
- idTokenUserinfoAssertion
|
|
- oidcAppName
|
|
- postLogoutRedirectUris
|
|
- projectRef
|
|
- redirectUris
|
|
- responseTypes
|
|
- skipNativeAppSuccessPage
|
|
type: object
|
|
status:
|
|
description: OIDCAppStatus defines the observed state of OIDCApp
|
|
properties:
|
|
appId:
|
|
type: string
|
|
clientId:
|
|
type: string
|
|
conditions:
|
|
description: |-
|
|
INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
|
|
Important: Run "make" to regenerate code after modifying this file
|
|
items:
|
|
description: Condition contains details for one aspect of the current
|
|
state of this API Resource.
|
|
properties:
|
|
lastTransitionTime:
|
|
description: |-
|
|
lastTransitionTime is the last time the condition transitioned from one status to another.
|
|
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
description: |-
|
|
message is a human readable message indicating details about the transition.
|
|
This may be an empty string.
|
|
maxLength: 32768
|
|
type: string
|
|
observedGeneration:
|
|
description: |-
|
|
observedGeneration represents the .metadata.generation that the condition was set based upon.
|
|
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
|
|
with respect to the current state of the instance.
|
|
format: int64
|
|
minimum: 0
|
|
type: integer
|
|
reason:
|
|
description: |-
|
|
reason contains a programmatic identifier indicating the reason for the condition's last transition.
|
|
Producers of specific condition types may define expected values and meanings for this field,
|
|
and whether the values are considered a guaranteed API.
|
|
The value should be a CamelCase string.
|
|
This field may not be empty.
|
|
maxLength: 1024
|
|
minLength: 1
|
|
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
|
|
type: string
|
|
status:
|
|
description: status of the condition, one of True, False, Unknown.
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
description: type of condition in CamelCase or in foo.example.com/CamelCase.
|
|
maxLength: 316
|
|
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
|
|
type: string
|
|
required:
|
|
- lastTransitionTime
|
|
- message
|
|
- reason
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
required:
|
|
- appId
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|