summaryrefslogtreecommitdiff
path: root/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml')
-rw-r--r--vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml123
1 files changed, 0 insertions, 123 deletions
diff --git a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml b/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml
deleted file mode 100644
index f21ac7ea8..000000000
--- a/vendor/github.com/openshift/api/config/v1/0000_10_config-operator_01_authentication.crd.yaml
+++ /dev/null
@@ -1,123 +0,0 @@
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
- name: authentications.config.openshift.io
-spec:
- group: config.openshift.io
- names:
- kind: Authentication
- listKind: AuthenticationList
- plural: authentications
- singular: authentication
- scope: Cluster
- preserveUnknownFields: false
- subresources:
- status: {}
- versions:
- - name: v1
- served: true
- storage: true
- "validation":
- "openAPIV3Schema":
- description: Authentication specifies cluster-wide settings for authentication
- (like OAuth and webhook token authenticators). The canonical name of an instance
- is `cluster`.
- type: object
- required:
- - spec
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: spec holds user settable values for configuration
- type: object
- properties:
- oauthMetadata:
- description: 'oauthMetadata contains the discovery endpoint data for
- OAuth 2.0 Authorization Server Metadata for an external OAuth server.
- This discovery document can be viewed from its served location: oc
- get --raw ''/.well-known/oauth-authorization-server'' For further
- details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2
- If oauthMetadata.name is non-empty, this value has precedence over
- any metadata reference stored in status. The key "oauthMetadata" is
- used to locate the data. If specified and the config map or expected
- key is not found, no metadata is served. If the specified metadata
- is not valid, no metadata is served. The namespace for this config
- map is openshift-config.'
- type: object
- required:
- - name
- properties:
- name:
- description: name is the metadata.name of the referenced config
- map
- type: string
- type:
- description: type identifies the cluster managed, user facing authentication
- mode in use. Specifically, it manages the component that responds
- to login attempts. The default is IntegratedOAuth.
- type: string
- webhookTokenAuthenticators:
- description: webhookTokenAuthenticators configures remote token reviewers.
- These remote authentication webhooks can be used to verify bearer
- tokens via the tokenreviews.authentication.k8s.io REST API. This
- is required to honor bearer tokens that are provisioned by an external
- authentication service. The namespace for these secrets is openshift-config.
- type: array
- items:
- description: webhookTokenAuthenticator holds the necessary configuration
- options for a remote token authenticator
- type: object
- properties:
- kubeConfig:
- description: 'kubeConfig contains kube config file data which
- describes how to access the remote webhook service. For further
- details, see: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#webhook-token-authentication
- The key "kubeConfig" is used to locate the data. If the secret
- or expected key is not found, the webhook is not honored. If
- the specified kube config data is not valid, the webhook is
- not honored. The namespace for this secret is determined by
- the point of use.'
- type: object
- required:
- - name
- properties:
- name:
- description: name is the metadata.name of the referenced secret
- type: string
- status:
- description: status holds observed values from the cluster. They may not
- be overridden.
- type: object
- properties:
- integratedOAuthMetadata:
- description: 'integratedOAuthMetadata contains the discovery endpoint
- data for OAuth 2.0 Authorization Server Metadata for the in-cluster
- integrated OAuth server. This discovery document can be viewed from
- its served location: oc get --raw ''/.well-known/oauth-authorization-server''
- For further details, see the IETF Draft: https://tools.ietf.org/html/draft-ietf-oauth-discovery-04#section-2
- This contains the observed value based on cluster state. An explicitly
- set value in spec.oauthMetadata has precedence over this field. This
- field has no meaning if authentication spec.type is not set to IntegratedOAuth.
- The key "oauthMetadata" is used to locate the data. If the config
- map or expected key is not found, no metadata is served. If the specified
- metadata is not valid, no metadata is served. The namespace for this
- config map is openshift-config-managed.'
- type: object
- required:
- - name
- properties:
- name:
- description: name is the metadata.name of the referenced config
- map
- type: string
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-10-21 01:51:16 +0000