mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-03 11:45:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

improve api docs for TLSSpec in authenticator and IDP specs

Browse Source 
Signed-off-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
Co-authored-by: Ashish Amarnath <ashish.amarnath@broadcom.com>
This commit is contained in:
Ryan Richard
2024-08-03 17:37:34 -07:00
parent 4eb9a09385
commit 59c2295dfd
2 changed files with 32 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
apis/concierge/authentication/v1alpha1/types_tls.go.tmpl
View File

@@ -3,12 +3,26 @@
package v1alpha1
// CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles.
//
// +kubebuilder:validation:Enum=Secret;ConfigMap
type CertificateAuthorityDataSourceKind string
const (
// CertificateAuthorityDataSourceKindConfigMap uses a Kubernetes configmap to source CA Bundles.
CertificateAuthorityDataSourceKindConfigMap = CertificateAuthorityDataSourceKind("ConfigMap")
// CertificateAuthorityDataSourceKindSecret uses a Kubernetes secret to source CA Bundles.
// Secrets used to source CA Bundles must be of type kubernetes.io/tls or Opaque.
CertificateAuthorityDataSourceKindSecret = CertificateAuthorityDataSourceKind("Secret")
)
// CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification.
type CertificateAuthorityDataSourceSpec struct {
// Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap.
// Secrets must be of type kubernetes.io/tls or Opaque.
// Allowed values are "Secret" or "ConfigMap".
// +kubebuilder:validation:Enum=Secret;ConfigMap
// "ConfigMap" uses a Kubernetes configmap to source CA Bundles.
// "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles.
Kind string `json:"kind"`
// Name is the resource name of the secret or configmap from which to read the CA bundle.
// The referenced secret or configmap must be created in the same namespace where Pinniped Concierge is installed.

18
apis/supervisor/idp/v1alpha1/types_tls.go.tmpl
View File

@@ -3,12 +3,26 @@
package v1alpha1
// CertificateAuthorityDataSourceKind enumerates the sources for CA Bundles.
//
// +kubebuilder:validation:Enum=Secret;ConfigMap
type CertificateAuthorityDataSourceKind string
const (
// CertificateAuthorityDataSourceKindConfigMap uses a Kubernetes configmap to source CA Bundles.
CertificateAuthorityDataSourceKindConfigMap = CertificateAuthorityDataSourceKind("ConfigMap")
// CertificateAuthorityDataSourceKindSecret uses a Kubernetes secret to source CA Bundles.
// Secrets used to source CA Bundles must be of type kubernetes.io/tls or Opaque.
CertificateAuthorityDataSourceKindSecret = CertificateAuthorityDataSourceKind("Secret")
)
// CertificateAuthorityDataSourceSpec provides a source for CA bundle used for client-side TLS verification.
type CertificateAuthorityDataSourceSpec struct {
// Kind configures whether the CA bundle is being sourced from a Kubernetes secret or a configmap.
// Secrets must be of type kubernetes.io/tls or Opaque.
// Allowed values are "Secret" or "ConfigMap".
// +kubebuilder:validation:Enum=Secret;ConfigMap
// "ConfigMap" uses a Kubernetes configmap to source CA Bundles.
// "Secret" uses Kubernetes secrets of type kubernetes.io/tls or Opaque to source CA Bundles.
Kind string `json:"kind"`
// Name is the resource name of the secret or configmap from which to read the CA bundle.
// The referenced secret or configmap must be created in the same namespace where Pinniped Supervisor is installed.