GitlabDeployToken
generators.external-secrets.io / v1alpha1
apiVersion: generators.external-secrets.io/v1alpha1
kind: GitlabDeployToken
metadata:
name: example
apiVersion
string
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind
string
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata
object
spec object
GitlabDeployTokenSpec defines the desired state to generate a GitLab deploy token.
auth object required
Auth configures how ESO authenticates with the GitLab API.
token object required
Token references a secret containing a GitLab access token (personal, group, or
project) with the api scope and at least the Maintainer role on the target.
secretRef object required
SecretKeySelector is a reference to a specific 'key' within a Secret resource.
In some instances, `key` is a required field.
key
string
A key in the referenced Secret.
Some instances of this field may be defaulted, in others it may be required.
pattern:
^[-._a-zA-Z0-9]+$minLength:
1maxLength:
253
name
string
The name of the Secret resource being referred to.
pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$minLength:
1maxLength:
253
namespace
string
The namespace of the Secret resource being referred to.
Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
pattern:
^[a-z0-9]([-a-z0-9]*[a-z0-9])?$minLength:
1maxLength:
63
expiresAt
string
ExpiresAt is an optional expiry for the deploy token. If omitted the token does
not expire on the GitLab side and is revoked only when the generator state is
cleaned up (on regeneration or when the consuming ExternalSecret is deleted).
format:
date-time
groupID
string
GroupID is the numeric ID or unescaped path (e.g. parent/group) of the group to
create the deploy token in. The generator URL-escapes paths before calling the
GitLab API, so do not pre-encode. Mutually exclusive with projectID.
minLength:
1
name
string required
Name of the deploy token.
minLength:
1
projectID
string
ProjectID is the numeric ID or unescaped path (e.g. group/project) of the
project to create the deploy token in. The generator URL-escapes paths before
calling the GitLab API, so do not pre-encode. Mutually exclusive with groupID.
minLength:
1
scopes
[]string required
Scopes granted to the deploy token. At least one scope is required.
minItems:
1
url
string
URL configures the GitLab instance URL. Defaults to https://gitlab.com.
username
string
Username is an optional username for the deploy token. GitLab defaults it to
gitlab+deploy-token-{n} when omitted.
No matches. Try .spec.auth for an exact path