@soft-stech/keda
Version:
KEDA(Kubernetes Event-driven Autoscaling) models
105 lines (104 loc) • 4.24 kB
JavaScript
import { z } from "zod";
import { iObjectMetaSchema } from "@soft-stech/apimachinery/apis/meta/v1/ObjectMeta.schema";
/**
* TriggerAuthentication defines how a trigger can authenticate
*/
export const ITriggerAuthenticationSchema = z.object({
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
"apiVersion": z.literal("keda.sh/v1alpha1"),
/**
* Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
"kind": z.literal("TriggerAuthentication"),
"metadata": iObjectMetaSchema.optional(),
/**
* TriggerAuthenticationSpec defines the various ways to authenticate
*/
"spec": z.object({
/**
* AzureKeyVault is used to authenticate using Azure Key Vault
*/
"azureKeyVault": z.object({
"cloud": z.object({
"activeDirectoryEndpoint": z.string().optional(),
"keyVaultResourceURL": z.string().optional(),
"type": z.string()
}).optional(),
"credentials": z.object({
"clientId": z.string(),
"clientSecret": z.object({
"valueFrom": z.object({
"secretKeyRef": z.object({
"key": z.string(),
"name": z.string()
})
})
}),
"tenantId": z.string()
}).optional(),
/**
* AuthPodIdentity allows users to select the platform native identity mechanism
*/
"podIdentity": z.object({
"identityId": z.string().optional(),
/**
* PodIdentityProvider contains the list of providers
*/
"provider": z.string()
}).optional(),
"secrets": z.array(z.object({
"name": z.string(),
"parameter": z.string(),
"version": z.string().optional()
})),
"vaultUri": z.string()
}).optional(),
"env": z.array(z.object({
"containerName": z.string().optional(),
"name": z.string(),
"parameter": z.string()
})).optional(),
/**
* HashiCorpVault is used to authenticate using Hashicorp Vault
*/
"hashiCorpVault": z.object({
"address": z.string(),
/**
* VaultAuthentication contains the list of Hashicorp Vault authentication methods
*/
"authentication": z.string(),
/**
* Credential defines the Hashicorp Vault credentials depending on the authentication method
*/
"credential": z.object({
"serviceAccount": z.string().optional(),
"token": z.string().optional()
}).optional(),
"mount": z.string().optional(),
"namespace": z.string().optional(),
"role": z.string().optional(),
"secrets": z.array(z.object({
"key": z.string(),
"parameter": z.string(),
"path": z.string()
}))
}).optional(),
/**
* AuthPodIdentity allows users to select the platform native identity mechanism
*/
"podIdentity": z.object({
"identityId": z.string().optional(),
/**
* PodIdentityProvider contains the list of providers
*/
"provider": z.string()
}).optional(),
"secretTargetRef": z.array(z.object({
"key": z.string(),
"name": z.string(),
"parameter": z.string()
})).optional()
})
});