UNPKG

@pulumi/kubernetes

Version:

[![Actions Status](https://github.com/pulumi/pulumi-kubernetes/workflows/main/badge.svg)](https://github.com/pulumi/pulumi-kubernetes/actions) [![Slack](http://www.pulumi.com/images/docs/badges/slack.svg)](https://slack.pulumi.com) [![NPM version](https:/

pulumi.com

pulumi/pulumi-kubernetes

116 lines (115 loc) 7.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../../types/input"; import * as outputs from "../../types/output"; /** * Patch resources are used to modify existing Kubernetes resources by using * Server-Side Apply updates. The name of the resource must be specified, but all other properties are optional. More than * one patch may be applied to the same resource, and a random FieldManager name will be used for each Patch resource. * Conflicts will result in an error by default, but can be forced using the "pulumi.com/patchForce" annotation. See the * [Server-Side Apply Docs](https://www.pulumi.com/registry/packages/kubernetes/how-to-guides/managing-resources-with-server-side-apply/) for * additional information about using Server-Side Apply to manage Kubernetes resources with Pulumi. * Secret holds secret data of a certain type. The total bytes of the values in the Data field must be less than MaxSecretSize bytes. * * Note: While Pulumi automatically encrypts the 'data' and 'stringData' * fields, this encryption only applies to Pulumi's context, including the state file, * the Service, the CLI, etc. Kubernetes does not encrypt Secret resources by default, * and the contents are visible to users with access to the Secret in Kubernetes using * tools like 'kubectl'. * * For more information on securing Kubernetes Secrets, see the following links: * https://kubernetes.io/docs/concepts/configuration/secret/#security-properties * https://kubernetes.io/docs/concepts/configuration/secret/#risks */ export declare class SecretPatch extends pulumi.CustomResource { /** * Get an existing SecretPatch resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): SecretPatch; /** * Returns true if the given object is an instance of SecretPatch. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is SecretPatch; /** * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ readonly apiVersion: pulumi.Output<"v1">; /** * Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 */ readonly data: pulumi.Output<{ [key: string]: string; }>; /** * Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil. */ readonly immutable: pulumi.Output<boolean>; /** * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ readonly kind: pulumi.Output<"Secret">; /** * Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata */ readonly metadata: pulumi.Output<outputs.meta.v1.ObjectMetaPatch>; /** * stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. */ readonly stringData: pulumi.Output<{ [key: string]: string; }>; /** * Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types */ readonly type: pulumi.Output<string>; /** * Create a SecretPatch resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: SecretPatchArgs, opts?: pulumi.CustomResourceOptions); } /** * The set of arguments for constructing a SecretPatch resource. */ export interface SecretPatchArgs { /** * APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion?: pulumi.Input<"v1">; /** * Data contains the secret data. Each key must consist of alphanumeric characters, '-', '_' or '.'. The serialized form of the secret data is a base64 encoded string, representing the arbitrary (possibly non-string) data value here. Described in https://tools.ietf.org/html/rfc4648#section-4 */ data?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Immutable, if set to true, ensures that data stored in the Secret cannot be updated (only object metadata can be modified). If not set to true, the field can be modified at any time. Defaulted to nil. */ immutable?: pulumi.Input<boolean>; /** * Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind?: pulumi.Input<"Secret">; /** * Standard object's metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata */ metadata?: pulumi.Input<inputs.meta.v1.ObjectMetaPatch>; /** * stringData allows specifying non-binary secret data in string form. It is provided as a write-only input field for convenience. All keys and values are merged into the data field on write, overwriting any existing values. The stringData field is never output when reading from the API. */ stringData?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Used to facilitate programmatic handling of secret data. More info: https://kubernetes.io/docs/concepts/configuration/secret/#secret-types */ type?: pulumi.Input<string>; }