Skip to content

Latest commit

 

History

History
622 lines (622 loc) · 9.56 KB

mapping.md

File metadata and controls

622 lines (622 loc) · 9.56 KB
title linktitle description weight
API Documentation
API Documentation
Reference of the jx-promote configuration
10

Packages:

secret.jenkins-x.io/v1alpha1

Package v1alpha1 is the v1alpha1 version of the API.

Resource Types:

SecretMapping

SecretMapping represents a collection of mappings of Secrets to destinations in the underlying secret store (e.g. Vault keys)

Field Description
apiVersion
string
secret.jenkins-x.io/v1alpha1
kind
string
SecretMapping
metadata
Kubernetes meta/v1.ObjectMeta
(Optional) Refer to the Kubernetes API documentation for the fields of the metadata field.
spec
SecretMappingSpec

Spec the definition of the secret mappings



secrets
[]SecretRule

Secrets rules for each secret

defaults
Defaults

AwsSecretsManager

(Appears on: Defaults, SecretRule)

AwsSecretsManager stores default config when using AWS Secret Manager for secret storage

Field Description
roleArn
string
region
string
versionStage
string

AzureKeyVaultConfig

(Appears on: Defaults, SecretRule)

AzureKeyVaultConfig stores default config when using Azure Key Vault for secret storage

Field Description
keyVaultName
string

BackendType (string alias)

(Appears on: Defaults, SecretRule)

BackendType describes a secrets backend

Defaults

(Appears on: SecretMappingSpec)

Defaults contains default mapping configuration for any Kubernetes secrets to External Secrets

Field Description
backendType
BackendType

DefaultBackendType the default back end to use if there’s no specific mapping

roleArn
string

RoleArn is used for some back ends like AWS and Alicloud

region
string

Region is used for some back ends like AWS

versionStage
string

VersionStage the default version stage to use which is used on some back ends like AWS and Alicloud

azureKeyVault
AzureKeyVaultConfig

AzureKeyVault config

gcpSecretsManager
GcpSecretsManager

GcpSecretsManager config

secretsManager
AwsSecretsManager

AwsSecretsManager config

GcpSecretsManager

(Appears on: Defaults, SecretRule)

GcpSecretsManager stores default config when using GSM for secret storage

Field Description
version
string

Version of the referenced secret

projectId
string

ProjectID for the secret, defaults to the current GCP project

uniquePrefix
string

UniquePrefix needs to be a unique prefix in the GCP project where the secret resides, defaults to cluster name

Mapping

(Appears on: SecretRule)

Mapping the predicates which must be true to invoke the associated tasks/pipelines

Field Description
name
string

Name the secret entry name which maps to the Key of the Secret.Data map

key
string
(Optional)

Key the Vault key to load the secret value

property
string
(Optional)

Property the Vault property on the key to load the secret value

versionStage
string
(Optional)

VersionStage the version of the secret value

isBinary
bool
(Optional)

IsBinary to indicate a binary secret

SecretMappingSpec

(Appears on: SecretMapping)

SecretMappingSpec defines the desired state of SecretMapping.

Field Description
secrets
[]SecretRule

Secrets rules for each secret

defaults
Defaults

SecretRule

(Appears on: SecretMappingSpec)

SecretRule the rules for a specific Secret

Field Description
name
string

Name name of the secret

namespace
string

Namespace name of the secret

backendType
BackendType

BackendType for the secret

mappings
[]Mapping

Mappings one more mappings

unsecured
[]string

Unsecured represent a list of a secret’s keys that will remain as plain secrets rather than undergoing conversion

roleArn
string

RoleArn is used for some back ends like AWS and Alicloud

region
string

Region is used for some back ends like AWS

azureKeyVault
AzureKeyVaultConfig

AzureKeyVaultConfig config

gcpSecretsManager
GcpSecretsManager

GcpSecretsManager config

secretsManager
AwsSecretsManager

AwsSecretsManager config


Generated with gen-crd-api-reference-docs on git commit dc79ae7.