kcr_secrets_stackable_tech 2.20250921.72647

Kubernetes Custom Resource Bindings
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

// WARNING: generated by kopium - manual changes will be overwritten
// kopium command: kopium --docs --derive=Default --derive=PartialEq --smart-derive-elision --filename crd-catalog/stackabletech/secret-operator/secrets.stackable.tech/v1alpha1/truststores.yaml
// kopium version: 0.22.3

#[allow(unused_imports)]
mod prelude {
    pub use kube::CustomResource;
    pub use serde::{Serialize, Deserialize};
}
use self::prelude::*;

/// A [TrustStore](<https://docs.stackable.tech/home/nightly/secret-operator/truststore)> requests information about how to validate secrets issued by a [SecretClass](<https://docs.stackable.tech/home/nightly/secret-operator/secretclass).>
/// 
/// The requested information is written to a ConfigMap with the same name as the TrustStore.
#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
#[kube(group = "secrets.stackable.tech", version = "v1alpha1", kind = "TrustStore", plural = "truststores")]
#[kube(namespaced)]
#[kube(schema = "disabled")]
#[kube(derive="Default")]
#[kube(derive="PartialEq")]
pub struct TrustStoreSpec {
    /// The [format](<https://docs.stackable.tech/home/nightly/secret-operator/secretclass#format)> that the data should be converted into.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub format: Option<TrustStoreFormat>,
    /// The name of the SecretClass that the request concerns.
    #[serde(rename = "secretClassName")]
    pub secret_class_name: String,
    /// Which Kubernetes kind should be used to output the requested information to.
    /// 
    /// The trust information (such as a `ca.crt`) can be considered public information, so we put it in a `ConfigMap` by default. However, some tools might require it to be placed in a `Secret`, so we also support that.
    /// 
    /// Can be either `ConfigMap` or `Secret`, defaults to `ConfigMap`.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetKind")]
    pub target_kind: Option<TrustStoreTargetKind>,
}

/// A [TrustStore](<https://docs.stackable.tech/home/nightly/secret-operator/truststore)> requests information about how to validate secrets issued by a [SecretClass](<https://docs.stackable.tech/home/nightly/secret-operator/secretclass).>
/// 
/// The requested information is written to a ConfigMap with the same name as the TrustStore.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum TrustStoreFormat {
    #[serde(rename = "tls-pem")]
    TlsPem,
    #[serde(rename = "tls-pkcs12")]
    TlsPkcs12,
    #[serde(rename = "kerberos")]
    Kerberos,
}

/// A [TrustStore](<https://docs.stackable.tech/home/nightly/secret-operator/truststore)> requests information about how to validate secrets issued by a [SecretClass](<https://docs.stackable.tech/home/nightly/secret-operator/secretclass).>
/// 
/// The requested information is written to a ConfigMap with the same name as the TrustStore.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum TrustStoreTargetKind {
    Secret,
    ConfigMap,
}