Skip to search

GitlabDeployToken

generators.external-secrets.io / v1alpha1

apiVersion: generators.external-secrets.io/v1alpha1 kind: GitlabDeployToken metadata: name: example
View raw schema
apiVersion string
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind string
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata object
spec object
GitlabDeployTokenSpec defines the desired state to generate a GitLab deploy token.
auth object required
Auth configures how ESO authenticates with the GitLab API.
token object required
Token references a secret containing a GitLab access token (personal, group, or project) with the api scope and at least the Maintainer role on the target.
secretRef object required
SecretKeySelector is a reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field.
key string
A key in the referenced Secret. Some instances of this field may be defaulted, in others it may be required.
pattern: ^[-._a-zA-Z0-9]+$
minLength: 1
maxLength: 253
name string
The name of the Secret resource being referred to.
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
minLength: 1
maxLength: 253
namespace string
The namespace of the Secret resource being referred to. Ignored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
minLength: 1
maxLength: 63
expiresAt string
ExpiresAt is an optional expiry for the deploy token. If omitted the token does not expire on the GitLab side and is revoked only when the generator state is cleaned up (on regeneration or when the consuming ExternalSecret is deleted).
format: date-time
groupID string
GroupID is the numeric ID or unescaped path (e.g. parent/group) of the group to create the deploy token in. The generator URL-escapes paths before calling the GitLab API, so do not pre-encode. Mutually exclusive with projectID.
minLength: 1
name string required
Name of the deploy token.
minLength: 1
projectID string
ProjectID is the numeric ID or unescaped path (e.g. group/project) of the project to create the deploy token in. The generator URL-escapes paths before calling the GitLab API, so do not pre-encode. Mutually exclusive with groupID.
minLength: 1
scopes []string required
Scopes granted to the deploy token. At least one scope is required.
minItems: 1
url string
URL configures the GitLab instance URL. Defaults to https://gitlab.com.
username string
Username is an optional username for the deploy token. GitLab defaults it to gitlab+deploy-token-{n} when omitted.

No matches. Try .spec.auth for an exact path