github.com/wmuizelaar/kpt@v0.0.0-20221018115725-bd564717b2ed/package-examples/cert-manager-basic/crds/customresourcedefinition-orders-acme-cert-manager-io.yaml (about) 1 # Source: cert-manager/templates/crd-templates.yaml 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 name: orders.acme.cert-manager.io 6 annotations: 7 cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' 8 labels: 9 app: 'cert-manager' 10 app.kubernetes.io/name: 'cert-manager' 11 app.kubernetes.io/instance: 'cert-manager' 12 # Generated labels 13 app.kubernetes.io/version: "v1.8.2" 14 spec: 15 group: acme.cert-manager.io 16 names: 17 kind: Order 18 listKind: OrderList 19 plural: orders 20 singular: order 21 categories: 22 - cert-manager 23 - cert-manager-acme 24 scope: Namespaced 25 versions: 26 - name: v1 27 subresources: 28 status: {} 29 additionalPrinterColumns: 30 - jsonPath: .status.state 31 name: State 32 type: string 33 - jsonPath: .spec.issuerRef.name 34 name: Issuer 35 priority: 1 36 type: string 37 - jsonPath: .status.reason 38 name: Reason 39 priority: 1 40 type: string 41 - jsonPath: .metadata.creationTimestamp 42 description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. 43 name: Age 44 type: date 45 schema: 46 openAPIV3Schema: 47 description: Order is a type to represent an Order with an ACME server 48 type: object 49 required: 50 - metadata 51 - spec 52 properties: 53 apiVersion: 54 description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' 55 type: string 56 kind: 57 description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' 58 type: string 59 metadata: 60 type: object 61 spec: 62 type: object 63 required: 64 - issuerRef 65 - request 66 properties: 67 commonName: 68 description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. 69 type: string 70 dnsNames: 71 description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. 72 type: array 73 items: 74 type: string 75 duration: 76 description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. 77 type: string 78 ipAddresses: 79 description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. 80 type: array 81 items: 82 type: string 83 issuerRef: 84 description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. 85 type: object 86 required: 87 - name 88 properties: 89 group: 90 description: Group of the resource being referred to. 91 type: string 92 kind: 93 description: Kind of the resource being referred to. 94 type: string 95 name: 96 description: Name of the resource being referred to. 97 type: string 98 request: 99 description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. 100 type: string 101 format: byte 102 status: 103 type: object 104 properties: 105 authorizations: 106 description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. 107 type: array 108 items: 109 description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. 110 type: object 111 required: 112 - url 113 properties: 114 challenges: 115 description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. 116 type: array 117 items: 118 description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. 119 type: object 120 required: 121 - token 122 - type 123 - url 124 properties: 125 token: 126 description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. 127 type: string 128 type: 129 description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. 130 type: string 131 url: 132 description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. 133 type: string 134 identifier: 135 description: Identifier is the DNS name to be validated as part of this authorization 136 type: string 137 initialState: 138 description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. 139 type: string 140 enum: 141 - valid 142 - ready 143 - pending 144 - processing 145 - invalid 146 - expired 147 - errored 148 url: 149 description: URL is the URL of the Authorization that must be completed 150 type: string 151 wildcard: 152 description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. 153 type: boolean 154 certificate: 155 description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. 156 type: string 157 format: byte 158 failureTime: 159 description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. 160 type: string 161 format: date-time 162 finalizeURL: 163 description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. 164 type: string 165 reason: 166 description: Reason optionally provides more information about a why the order is in the current state. 167 type: string 168 state: 169 description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' 170 type: string 171 enum: 172 - valid 173 - ready 174 - pending 175 - processing 176 - invalid 177 - expired 178 - errored 179 url: 180 description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. 181 type: string 182 served: true 183 storage: true 184