UNPKG

@soft-stech/keda

Version:
294 lines (293 loc) 11.6 kB
import { IObjectMeta } from "@soft-stech/apimachinery/apis/meta/v1/ObjectMeta"; import { Model, ModelData } from "@soft-stech/base"; /** * ClusterTriggerAuthentication defines how a trigger can authenticate globally */ export interface IClusterTriggerAuthentication { /** * APIVersion defines the versioned schema of this representation of an object. * Servers should convert recognized schemas to the latest internal value, and * may reject unrecognized values. * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ "apiVersion": "keda.sh/v1alpha1"; /** * Kind is a string value representing the REST resource this object represents. * Servers may infer this from the endpoint the client submits requests to. * Cannot be updated. * In CamelCase. * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ "kind": "ClusterTriggerAuthentication"; "metadata"?: IObjectMeta; /** * TriggerAuthenticationSpec defines the various ways to authenticate */ "spec": { /** * AwsSecretManager is used to authenticate using AwsSecretManager */ "awsSecretManager"?: { "credentials"?: { "accessKey": { "valueFrom": { "secretKeyRef": { "key": string; "name": string; }; }; }; "accessSecretKey": { "valueFrom": { "secretKeyRef": { "key": string; "name": string; }; }; }; "accessToken"?: { "valueFrom": { "secretKeyRef": { "key": string; "name": string; }; }; }; }; /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ "podIdentity"?: { /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ "identityAuthorityHost"?: string; "identityId"?: string; /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ "identityOwner"?: "keda" | "workload"; /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ "identityTenantId"?: string; /** * PodIdentityProvider contains the list of providers */ "provider": "azure-workload" | "gcp" | "aws" | "aws-eks" | "none"; /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ "roleArn"?: string; }; "region"?: string; "secrets": Array<{ "name": string; "parameter": string; "versionId"?: string; "versionStage"?: string; }>; }; /** * AzureKeyVault is used to authenticate using Azure Key Vault */ "azureKeyVault"?: { "cloud"?: { "activeDirectoryEndpoint"?: string; "keyVaultResourceURL"?: string; "type": string; }; "credentials"?: { "clientId": string; "clientSecret": { "valueFrom": { "secretKeyRef": { "key": string; "name": string; }; }; }; "tenantId": string; }; /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ "podIdentity"?: { /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ "identityAuthorityHost"?: string; "identityId"?: string; /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ "identityOwner"?: "keda" | "workload"; /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ "identityTenantId"?: string; /** * PodIdentityProvider contains the list of providers */ "provider": "azure-workload" | "gcp" | "aws" | "aws-eks" | "none"; /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ "roleArn"?: string; }; "secrets": Array<{ "name": string; "parameter": string; "version"?: string; }>; "vaultUri": string; }; "configMapTargetRef"?: Array<{ "key": string; "name": string; "parameter": string; }>; "env"?: Array<{ "containerName"?: string; "name": string; "parameter": string; }>; "gcpSecretManager"?: { "credentials"?: { "clientSecret": { "valueFrom": { "secretKeyRef": { "key": string; "name": string; }; }; }; }; /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ "podIdentity"?: { /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ "identityAuthorityHost"?: string; "identityId"?: string; /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ "identityOwner"?: "keda" | "workload"; /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ "identityTenantId"?: string; /** * PodIdentityProvider contains the list of providers */ "provider": "azure-workload" | "gcp" | "aws" | "aws-eks" | "none"; /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ "roleArn"?: string; }; "secrets": Array<{ "id": string; "parameter": string; "version"?: string; }>; }; /** * HashiCorpVault is used to authenticate using Hashicorp Vault */ "hashiCorpVault"?: { "address": string; /** * VaultAuthentication contains the list of Hashicorp Vault authentication methods */ "authentication": string; /** * Credential defines the Hashicorp Vault credentials depending on the authentication method */ "credential"?: { "serviceAccount"?: string; "token"?: string; }; "mount"?: string; "namespace"?: string; "role"?: string; "secrets": Array<{ "key": string; "parameter": string; "path": string; "pkiData"?: { "altNames"?: string; "commonName"?: string; "format"?: string; "ipSans"?: string; "otherSans"?: string; "ttl"?: string; "uriSans"?: string; }; /** * VaultSecretType defines the type of vault secret */ "type"?: string; }>; }; /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ "podIdentity"?: { /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ "identityAuthorityHost"?: string; "identityId"?: string; /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ "identityOwner"?: "keda" | "workload"; /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ "identityTenantId"?: string; /** * PodIdentityProvider contains the list of providers */ "provider": "azure-workload" | "gcp" | "aws" | "aws-eks" | "none"; /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ "roleArn"?: string; }; "secretTargetRef"?: Array<{ "key": string; "name": string; "parameter": string; }>; }; /** * TriggerAuthenticationStatus defines the observed state of TriggerAuthentication */ "status"?: { "scaledjobs"?: string; "scaledobjects"?: string; }; } /** * ClusterTriggerAuthentication defines how a trigger can authenticate globally */ export declare class ClusterTriggerAuthentication extends Model<IClusterTriggerAuthentication> implements IClusterTriggerAuthentication { "apiVersion": IClusterTriggerAuthentication["apiVersion"]; "kind": IClusterTriggerAuthentication["kind"]; "metadata"?: IClusterTriggerAuthentication["metadata"]; "spec": IClusterTriggerAuthentication["spec"]; "status"?: IClusterTriggerAuthentication["status"]; static apiVersion: IClusterTriggerAuthentication["apiVersion"]; static kind: IClusterTriggerAuthentication["kind"]; static is: import("@soft-stech/base").TypeMetaGuard<IClusterTriggerAuthentication>; constructor(data?: ModelData<IClusterTriggerAuthentication>); }