358 lines
11 KiB
YAML
358 lines
11 KiB
YAML
---
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
labels:
|
|
app: cert-manager
|
|
app.kubernetes.io/instance: cert-manager
|
|
app.kubernetes.io/name: cert-manager
|
|
app.kubernetes.io/version: v1.14.5
|
|
name: certificates.cert-manager.io
|
|
spec:
|
|
group: cert-manager.io
|
|
names:
|
|
categories:
|
|
- cert-manager
|
|
kind: Certificate
|
|
listKind: CertificateList
|
|
plural: certificates
|
|
shortNames:
|
|
- cert
|
|
- certs
|
|
singular: certificate
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].status
|
|
name: Ready
|
|
type: string
|
|
- jsonPath: .spec.secretName
|
|
name: Secret
|
|
type: string
|
|
- jsonPath: .spec.issuerRef.name
|
|
name: Issuer
|
|
priority: 1
|
|
type: string
|
|
- jsonPath: .status.conditions[?(@.type=="Ready")].message
|
|
name: Status
|
|
priority: 1
|
|
type: string
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
name: v1
|
|
schema:
|
|
openAPIV3Schema:
|
|
properties:
|
|
apiVersion:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
properties:
|
|
additionalOutputFormats:
|
|
items:
|
|
properties:
|
|
type:
|
|
enum:
|
|
- DER
|
|
- CombinedPEM
|
|
type: string
|
|
required:
|
|
- type
|
|
type: object
|
|
type: array
|
|
commonName:
|
|
type: string
|
|
dnsNames:
|
|
items:
|
|
type: string
|
|
type: array
|
|
duration:
|
|
type: string
|
|
emailAddresses:
|
|
items:
|
|
type: string
|
|
type: array
|
|
encodeUsagesInRequest:
|
|
type: boolean
|
|
ipAddresses:
|
|
items:
|
|
type: string
|
|
type: array
|
|
isCA:
|
|
type: boolean
|
|
issuerRef:
|
|
properties:
|
|
group:
|
|
type: string
|
|
kind:
|
|
type: string
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
keystores:
|
|
properties:
|
|
jks:
|
|
properties:
|
|
create:
|
|
type: boolean
|
|
passwordSecretRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
required:
|
|
- create
|
|
- passwordSecretRef
|
|
type: object
|
|
pkcs12:
|
|
properties:
|
|
create:
|
|
type: boolean
|
|
passwordSecretRef:
|
|
properties:
|
|
key:
|
|
type: string
|
|
name:
|
|
type: string
|
|
required:
|
|
- name
|
|
type: object
|
|
profile:
|
|
enum:
|
|
- LegacyRC2
|
|
- LegacyDES
|
|
- Modern2023
|
|
type: string
|
|
required:
|
|
- create
|
|
- passwordSecretRef
|
|
type: object
|
|
type: object
|
|
literalSubject:
|
|
type: string
|
|
nameConstraints:
|
|
properties:
|
|
critical:
|
|
type: boolean
|
|
excluded:
|
|
properties:
|
|
dnsDomains:
|
|
items:
|
|
type: string
|
|
type: array
|
|
emailAddresses:
|
|
items:
|
|
type: string
|
|
type: array
|
|
ipRanges:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uriDomains:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
permitted:
|
|
properties:
|
|
dnsDomains:
|
|
items:
|
|
type: string
|
|
type: array
|
|
emailAddresses:
|
|
items:
|
|
type: string
|
|
type: array
|
|
ipRanges:
|
|
items:
|
|
type: string
|
|
type: array
|
|
uriDomains:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
type: object
|
|
otherNames:
|
|
items:
|
|
properties:
|
|
oid:
|
|
type: string
|
|
utf8Value:
|
|
type: string
|
|
type: object
|
|
type: array
|
|
privateKey:
|
|
properties:
|
|
algorithm:
|
|
enum:
|
|
- RSA
|
|
- ECDSA
|
|
- Ed25519
|
|
type: string
|
|
encoding:
|
|
enum:
|
|
- PKCS1
|
|
- PKCS8
|
|
type: string
|
|
rotationPolicy:
|
|
enum:
|
|
- Never
|
|
- Always
|
|
type: string
|
|
size:
|
|
type: integer
|
|
type: object
|
|
renewBefore:
|
|
type: string
|
|
revisionHistoryLimit:
|
|
format: int32
|
|
type: integer
|
|
secretName:
|
|
type: string
|
|
secretTemplate:
|
|
properties:
|
|
annotations:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
labels:
|
|
additionalProperties:
|
|
type: string
|
|
type: object
|
|
type: object
|
|
subject:
|
|
properties:
|
|
countries:
|
|
items:
|
|
type: string
|
|
type: array
|
|
localities:
|
|
items:
|
|
type: string
|
|
type: array
|
|
organizationalUnits:
|
|
items:
|
|
type: string
|
|
type: array
|
|
organizations:
|
|
items:
|
|
type: string
|
|
type: array
|
|
postalCodes:
|
|
items:
|
|
type: string
|
|
type: array
|
|
provinces:
|
|
items:
|
|
type: string
|
|
type: array
|
|
serialNumber:
|
|
type: string
|
|
streetAddresses:
|
|
items:
|
|
type: string
|
|
type: array
|
|
type: object
|
|
uris:
|
|
items:
|
|
type: string
|
|
type: array
|
|
usages:
|
|
items:
|
|
enum:
|
|
- signing
|
|
- digital signature
|
|
- content commitment
|
|
- key encipherment
|
|
- key agreement
|
|
- data encipherment
|
|
- cert sign
|
|
- crl sign
|
|
- encipher only
|
|
- decipher only
|
|
- any
|
|
- server auth
|
|
- client auth
|
|
- code signing
|
|
- email protection
|
|
- s/mime
|
|
- ipsec end system
|
|
- ipsec tunnel
|
|
- ipsec user
|
|
- timestamping
|
|
- ocsp signing
|
|
- microsoft sgc
|
|
- netscape sgc
|
|
type: string
|
|
type: array
|
|
required:
|
|
- issuerRef
|
|
- secretName
|
|
type: object
|
|
status:
|
|
properties:
|
|
conditions:
|
|
items:
|
|
properties:
|
|
lastTransitionTime:
|
|
format: date-time
|
|
type: string
|
|
message:
|
|
type: string
|
|
observedGeneration:
|
|
format: int64
|
|
type: integer
|
|
reason:
|
|
type: string
|
|
status:
|
|
enum:
|
|
- "True"
|
|
- "False"
|
|
- Unknown
|
|
type: string
|
|
type:
|
|
type: string
|
|
required:
|
|
- status
|
|
- type
|
|
type: object
|
|
type: array
|
|
x-kubernetes-list-map-keys:
|
|
- type
|
|
x-kubernetes-list-type: map
|
|
failedIssuanceAttempts:
|
|
type: integer
|
|
lastFailureTime:
|
|
format: date-time
|
|
type: string
|
|
nextPrivateKeySecretName:
|
|
type: string
|
|
notAfter:
|
|
format: date-time
|
|
type: string
|
|
notBefore:
|
|
format: date-time
|
|
type: string
|
|
renewalTime:
|
|
format: date-time
|
|
type: string
|
|
revision:
|
|
type: integer
|
|
type: object
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|