1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
# ============LICENSE_START=======================================================
# oom-certservice-k8s-external-provider
# ================================================================================
# Copyright (c) 2019 Smallstep Labs, Inc.
# Modifications copyright (C) 2020 Nokia. All rights reserved.
# ================================================================================
# This source code was copied from the following git repository:
# https://github.com/smallstep/step-issuer
# The source code was modified for usage in the ONAP project.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
#
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cmpv2issuers.certmanager.onap.org
spec:
group: certmanager.onap.org
names:
kind: CMPv2Issuer
listKind: CMPv2IssuerList
plural: cmpv2issuers
singular: cmpv2issuer
scope: Namespaced
versions:
- name: v1
served: true
storage: true
schema:
openAPIV3Schema:
description: CMPv2Issuer is the Schema for the cmpv2issuers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/cmpv2api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/cmpv2api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CMPv2IssuerSpec defines the desired state of CMPv2Issuer
properties:
url:
description: URL to CertService API.
type: string
healthEndpoint:
description: Path of health check endpoint.
type: string
certEndpoint:
description: Path of cerfificate signing enpoint.
type: string
caName:
description: Name of the external CA server configured on CertService API side.
type: string
certSecretRef:
description: Reference to K8s secret which contains certificate, private key and CA certificate
needed to connect to CertService API (which requires client certificate authentication)
properties:
name:
description: The name of K8s secret to select certificates from. Secret must be in the same
namespace as CMPv2Issuer.
type: string
keyRef:
description: The key of the secret to select private key from. Must be a
valid secret key.
type: string
certRef:
description: The key of the secret to select cert from. Must be a
valid secret key.
type: string
cacertRef:
description: The key of the secret to select cacert from. Must be a
valid secret key.
type: string
required:
- name
- keyRef
- certRef
- cacertRef
type: object
required:
- url
- healthEndpoint
- certEndpoint
- caName
- certSecretRef
type: object
status:
description: CMPv2IssuerStatus defines the observed state of CMPv2Issuer
properties:
conditions:
items:
description: CMPv2IssuerCondition contains condition information for
the certservice issuer.
properties:
lastTransitionTime:
description: LastTransitionTime is the timestamp corresponding
to the last status change of this condition.
format: date-time
type: string
message:
description: Message is a human readable description of the details
of the last transition, complementing reason.
type: string
reason:
description: Reason is a brief machine readable explanation for
the condition's last transition.
type: string
status:
allOf:
- enum:
- "True"
- "False"
- Unknown
- enum:
- "True"
- "False"
- Unknown
description: Status of the condition, one of ('True', 'False',
'Unknown').
type: string
type:
description: Type of the condition, currently ('Ready').
enum:
- Ready
type: string
required:
- status
- type
type: object
type: array
type: object
type: object
|