358 lines
		
	
	
		
			11 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			358 lines
		
	
	
		
			11 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| ---
 | |
| apiVersion: apiextensions.k8s.io/v1
 | |
| kind: CustomResourceDefinition
 | |
| metadata:
 | |
|   labels:
 | |
|     app: cert-manager
 | |
|     app.kubernetes.io/instance: cert-manager
 | |
|     app.kubernetes.io/name: cert-manager
 | |
|     app.kubernetes.io/version: v1.14.5
 | |
|   name: certificates.cert-manager.io
 | |
| spec:
 | |
|   group: cert-manager.io
 | |
|   names:
 | |
|     categories:
 | |
|       - cert-manager
 | |
|     kind: Certificate
 | |
|     listKind: CertificateList
 | |
|     plural: certificates
 | |
|     shortNames:
 | |
|       - cert
 | |
|       - certs
 | |
|     singular: certificate
 | |
|   scope: Namespaced
 | |
|   versions:
 | |
|     - additionalPrinterColumns:
 | |
|         - jsonPath: .status.conditions[?(@.type=="Ready")].status
 | |
|           name: Ready
 | |
|           type: string
 | |
|         - jsonPath: .spec.secretName
 | |
|           name: Secret
 | |
|           type: string
 | |
|         - jsonPath: .spec.issuerRef.name
 | |
|           name: Issuer
 | |
|           priority: 1
 | |
|           type: string
 | |
|         - jsonPath: .status.conditions[?(@.type=="Ready")].message
 | |
|           name: Status
 | |
|           priority: 1
 | |
|           type: string
 | |
|         - jsonPath: .metadata.creationTimestamp
 | |
|           name: Age
 | |
|           type: date
 | |
|       name: v1
 | |
|       schema:
 | |
|         openAPIV3Schema:
 | |
|           properties:
 | |
|             apiVersion:
 | |
|               type: string
 | |
|             kind:
 | |
|               type: string
 | |
|             metadata:
 | |
|               type: object
 | |
|             spec:
 | |
|               properties:
 | |
|                 additionalOutputFormats:
 | |
|                   items:
 | |
|                     properties:
 | |
|                       type:
 | |
|                         enum:
 | |
|                           - DER
 | |
|                           - CombinedPEM
 | |
|                         type: string
 | |
|                     required:
 | |
|                       - type
 | |
|                     type: object
 | |
|                   type: array
 | |
|                 commonName:
 | |
|                   type: string
 | |
|                 dnsNames:
 | |
|                   items:
 | |
|                     type: string
 | |
|                   type: array
 | |
|                 duration:
 | |
|                   type: string
 | |
|                 emailAddresses:
 | |
|                   items:
 | |
|                     type: string
 | |
|                   type: array
 | |
|                 encodeUsagesInRequest:
 | |
|                   type: boolean
 | |
|                 ipAddresses:
 | |
|                   items:
 | |
|                     type: string
 | |
|                   type: array
 | |
|                 isCA:
 | |
|                   type: boolean
 | |
|                 issuerRef:
 | |
|                   properties:
 | |
|                     group:
 | |
|                       type: string
 | |
|                     kind:
 | |
|                       type: string
 | |
|                     name:
 | |
|                       type: string
 | |
|                   required:
 | |
|                     - name
 | |
|                   type: object
 | |
|                 keystores:
 | |
|                   properties:
 | |
|                     jks:
 | |
|                       properties:
 | |
|                         create:
 | |
|                           type: boolean
 | |
|                         passwordSecretRef:
 | |
|                           properties:
 | |
|                             key:
 | |
|                               type: string
 | |
|                             name:
 | |
|                               type: string
 | |
|                           required:
 | |
|                             - name
 | |
|                           type: object
 | |
|                       required:
 | |
|                         - create
 | |
|                         - passwordSecretRef
 | |
|                       type: object
 | |
|                     pkcs12:
 | |
|                       properties:
 | |
|                         create:
 | |
|                           type: boolean
 | |
|                         passwordSecretRef:
 | |
|                           properties:
 | |
|                             key:
 | |
|                               type: string
 | |
|                             name:
 | |
|                               type: string
 | |
|                           required:
 | |
|                             - name
 | |
|                           type: object
 | |
|                         profile:
 | |
|                           enum:
 | |
|                             - LegacyRC2
 | |
|                             - LegacyDES
 | |
|                             - Modern2023
 | |
|                           type: string
 | |
|                       required:
 | |
|                         - create
 | |
|                         - passwordSecretRef
 | |
|                       type: object
 | |
|                   type: object
 | |
|                 literalSubject:
 | |
|                   type: string
 | |
|                 nameConstraints:
 | |
|                   properties:
 | |
|                     critical:
 | |
|                       type: boolean
 | |
|                     excluded:
 | |
|                       properties:
 | |
|                         dnsDomains:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                         emailAddresses:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                         ipRanges:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                         uriDomains:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                       type: object
 | |
|                     permitted:
 | |
|                       properties:
 | |
|                         dnsDomains:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                         emailAddresses:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                         ipRanges:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                         uriDomains:
 | |
|                           items:
 | |
|                             type: string
 | |
|                           type: array
 | |
|                       type: object
 | |
|                   type: object
 | |
|                 otherNames:
 | |
|                   items:
 | |
|                     properties:
 | |
|                       oid:
 | |
|                         type: string
 | |
|                       utf8Value:
 | |
|                         type: string
 | |
|                     type: object
 | |
|                   type: array
 | |
|                 privateKey:
 | |
|                   properties:
 | |
|                     algorithm:
 | |
|                       enum:
 | |
|                         - RSA
 | |
|                         - ECDSA
 | |
|                         - Ed25519
 | |
|                       type: string
 | |
|                     encoding:
 | |
|                       enum:
 | |
|                         - PKCS1
 | |
|                         - PKCS8
 | |
|                       type: string
 | |
|                     rotationPolicy:
 | |
|                       enum:
 | |
|                         - Never
 | |
|                         - Always
 | |
|                       type: string
 | |
|                     size:
 | |
|                       type: integer
 | |
|                   type: object
 | |
|                 renewBefore:
 | |
|                   type: string
 | |
|                 revisionHistoryLimit:
 | |
|                   format: int32
 | |
|                   type: integer
 | |
|                 secretName:
 | |
|                   type: string
 | |
|                 secretTemplate:
 | |
|                   properties:
 | |
|                     annotations:
 | |
|                       additionalProperties:
 | |
|                         type: string
 | |
|                       type: object
 | |
|                     labels:
 | |
|                       additionalProperties:
 | |
|                         type: string
 | |
|                       type: object
 | |
|                   type: object
 | |
|                 subject:
 | |
|                   properties:
 | |
|                     countries:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                     localities:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                     organizationalUnits:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                     organizations:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                     postalCodes:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                     provinces:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                     serialNumber:
 | |
|                       type: string
 | |
|                     streetAddresses:
 | |
|                       items:
 | |
|                         type: string
 | |
|                       type: array
 | |
|                   type: object
 | |
|                 uris:
 | |
|                   items:
 | |
|                     type: string
 | |
|                   type: array
 | |
|                 usages:
 | |
|                   items:
 | |
|                     enum:
 | |
|                       - signing
 | |
|                       - digital signature
 | |
|                       - content commitment
 | |
|                       - key encipherment
 | |
|                       - key agreement
 | |
|                       - data encipherment
 | |
|                       - cert sign
 | |
|                       - crl sign
 | |
|                       - encipher only
 | |
|                       - decipher only
 | |
|                       - any
 | |
|                       - server auth
 | |
|                       - client auth
 | |
|                       - code signing
 | |
|                       - email protection
 | |
|                       - s/mime
 | |
|                       - ipsec end system
 | |
|                       - ipsec tunnel
 | |
|                       - ipsec user
 | |
|                       - timestamping
 | |
|                       - ocsp signing
 | |
|                       - microsoft sgc
 | |
|                       - netscape sgc
 | |
|                     type: string
 | |
|                   type: array
 | |
|               required:
 | |
|                 - issuerRef
 | |
|                 - secretName
 | |
|               type: object
 | |
|             status:
 | |
|               properties:
 | |
|                 conditions:
 | |
|                   items:
 | |
|                     properties:
 | |
|                       lastTransitionTime:
 | |
|                         format: date-time
 | |
|                         type: string
 | |
|                       message:
 | |
|                         type: string
 | |
|                       observedGeneration:
 | |
|                         format: int64
 | |
|                         type: integer
 | |
|                       reason:
 | |
|                         type: string
 | |
|                       status:
 | |
|                         enum:
 | |
|                           - "True"
 | |
|                           - "False"
 | |
|                           - Unknown
 | |
|                         type: string
 | |
|                       type:
 | |
|                         type: string
 | |
|                     required:
 | |
|                       - status
 | |
|                       - type
 | |
|                     type: object
 | |
|                   type: array
 | |
|                   x-kubernetes-list-map-keys:
 | |
|                     - type
 | |
|                   x-kubernetes-list-type: map
 | |
|                 failedIssuanceAttempts:
 | |
|                   type: integer
 | |
|                 lastFailureTime:
 | |
|                   format: date-time
 | |
|                   type: string
 | |
|                 nextPrivateKeySecretName:
 | |
|                   type: string
 | |
|                 notAfter:
 | |
|                   format: date-time
 | |
|                   type: string
 | |
|                 notBefore:
 | |
|                   format: date-time
 | |
|                   type: string
 | |
|                 renewalTime:
 | |
|                   format: date-time
 | |
|                   type: string
 | |
|                 revision:
 | |
|                   type: integer
 | |
|               type: object
 | |
|           type: object
 | |
|       served: true
 | |
|       storage: true
 | |
|       subresources:
 | |
|         status: {}
 | 
