summaryrefslogtreecommitdiffstats
path: root/certServiceK8sExternalProvider/deploy/crd.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'certServiceK8sExternalProvider/deploy/crd.yaml')
-rw-r--r--certServiceK8sExternalProvider/deploy/crd.yaml36
1 files changed, 25 insertions, 11 deletions
diff --git a/certServiceK8sExternalProvider/deploy/crd.yaml b/certServiceK8sExternalProvider/deploy/crd.yaml
index 1d45b0c9..cc884388 100644
--- a/certServiceK8sExternalProvider/deploy/crd.yaml
+++ b/certServiceK8sExternalProvider/deploy/crd.yaml
@@ -58,27 +58,41 @@ spec:
description: CMPv2IssuerSpec defines the desired state of CMPv2Issuer
properties:
url:
- description: URL is the base URL for the certservice certificates instance.
+ description: URL to CertService API.
type: string
- keyRef:
- description: keyRef is a reference to a Secret containing the
- cmpv2provisioner password used to decrypt the cmpv2provisioner private key.
+ caName:
+ description: Name of the external CA server configured on CertService API side.
+ type: string
+ certSecretRef:
+ description: Reference to K8s secret which contains certificate, private key and CA certificate
+ needed to connect to CertService API (which requires client certificate authentication)
properties:
- key:
- description: The key of the secret to select from. Must be a
+ name:
+ description: The name of K8s secret to select certificates from. Secret must be in the same
+ namespace as CMPv2Issuer.
+ type: string
+ keyRef:
+ description: The key of the secret to select private key from. Must be a
valid secret key.
type: string
- name:
- description: The name of the secret in the pod's namespace to
- select from.
+ certRef:
+ description: The key of the secret to select cert from. Must be a
+ valid secret key.
+ type: string
+ cacertRef:
+ description: The key of the secret to select cacert from. Must be a
+ valid secret key.
type: string
required:
- name
- - key
+ - keyRef
+ - certRef
+ - cacertRef
type: object
required:
- url
- - keyRef
+ - caName
+ - certSecretRef
type: object
status:
description: CMPv2IssuerStatus defines the observed state of CMPv2Issuer