From 03fd5a4cd06b90a507854a45118f1245d5b8049c Mon Sep 17 00:00:00 2001 From: Jonathan Hardison Date: Fri, 13 Sep 2024 00:02:47 -0500 Subject: [PATCH] add coi crd --- .../prod/crd-clusteroriginissuer.yaml | 119 ++++++++++++++++++ .../overlays/prod/kustomization.yaml | 1 + 2 files changed, 120 insertions(+) create mode 100644 core/origin-ca-issuer/overlays/prod/crd-clusteroriginissuer.yaml diff --git a/core/origin-ca-issuer/overlays/prod/crd-clusteroriginissuer.yaml b/core/origin-ca-issuer/overlays/prod/crd-clusteroriginissuer.yaml new file mode 100644 index 0000000..b16504e --- /dev/null +++ b/core/origin-ca-issuer/overlays/prod/crd-clusteroriginissuer.yaml @@ -0,0 +1,119 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + name: clusteroriginissuers.cert-manager.k8s.cloudflare.com +spec: + group: cert-manager.k8s.cloudflare.com + names: + kind: ClusterOriginIssuer + listKind: ClusterOriginIssuerList + plural: clusteroriginissuers + singular: clusteroriginissuer + scope: Cluster + versions: + - name: v1 + schema: + openAPIV3Schema: + description: A ClusterOriginIssuer represents the Cloudflare Origin CA as + an external cert-manager issuer. It is scoped to a single namespace, so + it can be used only by resources in the same namespace. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Spec is the desired state of the ClusterOriginIssuer resource. + properties: + auth: + description: Auth configures how to authenticate with the Cloudflare + API. + properties: + serviceKeyRef: + description: ServiceKeyRef authenticates with an API Service Key. + properties: + key: + description: Key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: Name of the secret in the issuer's namespace + to select. If a cluster-scoped issuer, the secret is selected + from the "cluster resource namespace" configured on the + controller. + type: string + required: + - key + - name + type: object + type: object + requestType: + description: RequestType is the signature algorithm Cloudflare should + use to sign the certificate. + enum: + - OriginRSA + - OriginECC + type: string + required: + - auth + - requestType + type: object + status: + description: Status of the ClusterOriginIssuer. This is set and managed + automatically. + properties: + conditions: + description: List of status conditions to indicate the status of an + OriginIssuer Known condition types are `Ready`. + items: + description: OriginIssuerCondition contains condition information + for the OriginIssuer. + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding + to the last status change of this condition. + format: date-time + type: string + message: + description: Message is a human readable description of the + details of the last transition1, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation + for the condition's last transition. + type: string + status: + description: Status of the condition, one of ('True', 'False', + 'Unknown') + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: Type of the condition, known values are ('Ready') + enum: + - Ready + type: string + required: + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} \ No newline at end of file diff --git a/core/origin-ca-issuer/overlays/prod/kustomization.yaml b/core/origin-ca-issuer/overlays/prod/kustomization.yaml index ef420da..fb77c38 100644 --- a/core/origin-ca-issuer/overlays/prod/kustomization.yaml +++ b/core/origin-ca-issuer/overlays/prod/kustomization.yaml @@ -4,6 +4,7 @@ kind: Kustomization resources: - 0-namespace.yaml - crd.yaml + - crd-clusteroriginissuer.yaml - deployment.yaml - role-approver.yaml - role.yaml