{ "description": "SopsSecret is the Schema for the sopssecrets API", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "sops": { "description": "SopsSecret metadata", "properties": { "azure_kv": { "description": "Azure KMS configuration", "items": { "description": "AzureKmsItem defines Azure Keyvault Key specific encryption details", "properties": { "created_at": { "description": "Object creation date", "type": "string" }, "enc": { "type": "string" }, "name": { "type": "string" }, "vault_url": { "description": "Azure KMS vault URL", "type": "string" }, "version": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "encrypted_suffix": { "description": "Suffix used to encrypt SopsSecret resource", "type": "string" }, "gcp_kms": { "description": "Gcp KMS configuration", "items": { "description": "GcpKmsDataItem defines GCP KMS Key specific encryption details", "properties": { "created_at": { "description": "Object creation date", "type": "string" }, "enc": { "type": "string" }, "resource_id": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "kms": { "description": "Aws KMS configuration", "items": { "description": "KmsDataItem defines AWS KMS specific encryption details", "properties": { "arn": { "description": "Arn - KMS key ARN to use", "type": "string" }, "aws_profile": { "type": "string" }, "created_at": { "description": "Object creation date", "type": "string" }, "enc": { "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "lastmodified": { "description": "LastModified date when SopsSecret was last modified", "type": "string" }, "mac": { "description": "Mac - sops setting", "type": "string" }, "pgp": { "description": "PGP configuration", "items": { "description": "PgpDataItem defines PGP specific encryption details", "properties": { "created_at": { "description": "Object creation date", "type": "string" }, "enc": { "type": "string" }, "fp": { "description": "PGP FingerPrint of the key which can be used for decryption", "type": "string" } }, "type": "object", "additionalProperties": false }, "type": "array" }, "version": { "description": "Version of the sops tool used to encrypt SopsSecret", "type": "string" } }, "type": "object", "additionalProperties": false }, "spec": { "description": "SopsSecret Spec definition", "properties": { "secret_templates": { "description": "Secrets template is a list of definitions to create Kubernetes Secrets", "items": { "description": "SopsSecretTemplate defines the map of secrets to create", "properties": { "annotations": { "additionalProperties": { "type": "string" }, "description": "Annotations to apply to Kubernetes secret", "type": "object" }, "data": { "additionalProperties": { "type": "string" }, "description": "Data map to use in Kubernetes secret (equivalent to Kubernetes Secret object stringData, please see for more\ninformation: https://kubernetes.io/docs/concepts/configuration/secret/#overview-of-secrets)", "type": "object" }, "labels": { "additionalProperties": { "type": "string" }, "description": "Labels to apply to Kubernetes secret", "type": "object" }, "name": { "description": "Name of the Kubernetes secret to create", "type": "string" }, "type": { "description": "Kubernetes secret type. Default: Opauqe. Possible values: Opauqe,\nkubernetes.io/service-account-token, kubernetes.io/dockercfg,\nkubernetes.io/dockerconfigjson, kubernetes.io/basic-auth,\nkubernetes.io/ssh-auth, kubernetes.io/tls, bootstrap.kubernetes.io/token", "type": "string" } }, "required": [ "data", "name" ], "type": "object", "additionalProperties": false }, "minItems": 1, "type": "array" } }, "required": [ "secret_templates" ], "type": "object", "additionalProperties": false }, "status": { "description": "SopsSecret Status information", "type": "object" } }, "type": "object" }