@soft-stech/keda
Version:
KEDA(Kubernetes Event-driven Autoscaling) models
354 lines (353 loc) • 14.5 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.IClusterTriggerAuthenticationSchema = void 0;
// Generated by ts-to-zod
const zod_1 = require("zod");
const ObjectMeta_schema_1 = require("@soft-stech/apimachinery/apis/meta/v1/ObjectMeta.schema");
/**
* ClusterTriggerAuthentication defines how a trigger can authenticate globally
*/
exports.IClusterTriggerAuthenticationSchema = zod_1.z.object({
/**
* APIVersion defines the versioned schema of this representation of an object.
* Servers should convert recognized schemas to the latest internal value, and
* may reject unrecognized values.
* More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
apiVersion: zod_1.z.literal("keda.sh/v1alpha1"),
/**
* Kind is a string value representing the REST resource this object represents.
* Servers may infer this from the endpoint the client submits requests to.
* Cannot be updated.
* In CamelCase.
* More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
kind: zod_1.z.literal("ClusterTriggerAuthentication"),
metadata: ObjectMeta_schema_1.iObjectMetaSchema.optional(),
/**
* TriggerAuthenticationSpec defines the various ways to authenticate
*/
spec: zod_1.z.object({
/**
* AwsSecretManager is used to authenticate using AwsSecretManager
*/
awsSecretManager: zod_1.z
.object({
credentials: zod_1.z
.object({
accessKey: zod_1.z.object({
valueFrom: zod_1.z.object({
secretKeyRef: zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string()
})
})
}),
accessSecretKey: zod_1.z.object({
valueFrom: zod_1.z.object({
secretKeyRef: zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string()
})
})
}),
accessToken: zod_1.z
.object({
valueFrom: zod_1.z.object({
secretKeyRef: zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string()
})
})
})
.optional()
})
.optional(),
/**
* AuthPodIdentity allows users to select the platform native identity
* mechanism
*/
podIdentity: zod_1.z
.object({
/**
* Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set
*/
identityAuthorityHost: zod_1.z.string().optional(),
identityId: zod_1.z.string().optional(),
/**
* IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn
*/
identityOwner: zod_1.z
.union([zod_1.z.literal("keda"), zod_1.z.literal("workload")])
.optional(),
/**
* Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set
*/
identityTenantId: zod_1.z.string().optional(),
/**
* PodIdentityProvider contains the list of providers
*/
provider: zod_1.z.union([
zod_1.z.literal("azure-workload"),
zod_1.z.literal("gcp"),
zod_1.z.literal("aws"),
zod_1.z.literal("aws-eks"),
zod_1.z.literal("none")
]),
/**
* RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner
*/
roleArn: zod_1.z.string().optional()
})
.optional(),
region: zod_1.z.string().optional(),
secrets: zod_1.z.array(zod_1.z.object({
name: zod_1.z.string(),
parameter: zod_1.z.string(),
versionId: zod_1.z.string().optional(),
versionStage: zod_1.z.string().optional()
}))
})
.optional(),
/**
* AzureKeyVault is used to authenticate using Azure Key Vault
*/
azureKeyVault: zod_1.z
.object({
cloud: zod_1.z
.object({
activeDirectoryEndpoint: zod_1.z.string().optional(),
keyVaultResourceURL: zod_1.z.string().optional(),
type: zod_1.z.string()
})
.optional(),
credentials: zod_1.z
.object({
clientId: zod_1.z.string(),
clientSecret: zod_1.z.object({
valueFrom: zod_1.z.object({
secretKeyRef: zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string()
})
})
}),
tenantId: zod_1.z.string()
})
.optional(),
/**
* AuthPodIdentity allows users to select the platform native identity
* mechanism
*/
podIdentity: zod_1.z
.object({
/**
* Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set
*/
identityAuthorityHost: zod_1.z.string().optional(),
identityId: zod_1.z.string().optional(),
/**
* IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn
*/
identityOwner: zod_1.z
.union([zod_1.z.literal("keda"), zod_1.z.literal("workload")])
.optional(),
/**
* Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set
*/
identityTenantId: zod_1.z.string().optional(),
/**
* PodIdentityProvider contains the list of providers
*/
provider: zod_1.z.union([
zod_1.z.literal("azure-workload"),
zod_1.z.literal("gcp"),
zod_1.z.literal("aws"),
zod_1.z.literal("aws-eks"),
zod_1.z.literal("none")
]),
/**
* RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner
*/
roleArn: zod_1.z.string().optional()
})
.optional(),
secrets: zod_1.z.array(zod_1.z.object({
name: zod_1.z.string(),
parameter: zod_1.z.string(),
version: zod_1.z.string().optional()
})),
vaultUri: zod_1.z.string()
})
.optional(),
configMapTargetRef: zod_1.z
.array(zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string(),
parameter: zod_1.z.string()
}))
.optional(),
env: zod_1.z
.array(zod_1.z.object({
containerName: zod_1.z.string().optional(),
name: zod_1.z.string(),
parameter: zod_1.z.string()
}))
.optional(),
gcpSecretManager: zod_1.z
.object({
credentials: zod_1.z
.object({
clientSecret: zod_1.z.object({
valueFrom: zod_1.z.object({
secretKeyRef: zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string()
})
})
})
})
.optional(),
/**
* AuthPodIdentity allows users to select the platform native identity
* mechanism
*/
podIdentity: zod_1.z
.object({
/**
* Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set
*/
identityAuthorityHost: zod_1.z.string().optional(),
identityId: zod_1.z.string().optional(),
/**
* IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn
*/
identityOwner: zod_1.z
.union([zod_1.z.literal("keda"), zod_1.z.literal("workload")])
.optional(),
/**
* Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set
*/
identityTenantId: zod_1.z.string().optional(),
/**
* PodIdentityProvider contains the list of providers
*/
provider: zod_1.z.union([
zod_1.z.literal("azure-workload"),
zod_1.z.literal("gcp"),
zod_1.z.literal("aws"),
zod_1.z.literal("aws-eks"),
zod_1.z.literal("none")
]),
/**
* RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner
*/
roleArn: zod_1.z.string().optional()
})
.optional(),
secrets: zod_1.z.array(zod_1.z.object({
id: zod_1.z.string(),
parameter: zod_1.z.string(),
version: zod_1.z.string().optional()
}))
})
.optional(),
/**
* HashiCorpVault is used to authenticate using Hashicorp Vault
*/
hashiCorpVault: zod_1.z
.object({
address: zod_1.z.string(),
/**
* VaultAuthentication contains the list of Hashicorp Vault authentication methods
*/
authentication: zod_1.z.string(),
/**
* Credential defines the Hashicorp Vault credentials depending on the authentication method
*/
credential: zod_1.z
.object({
serviceAccount: zod_1.z.string().optional(),
token: zod_1.z.string().optional()
})
.optional(),
mount: zod_1.z.string().optional(),
namespace: zod_1.z.string().optional(),
role: zod_1.z.string().optional(),
secrets: zod_1.z.array(zod_1.z.object({
key: zod_1.z.string(),
parameter: zod_1.z.string(),
path: zod_1.z.string(),
pkiData: zod_1.z
.object({
altNames: zod_1.z.string().optional(),
commonName: zod_1.z.string().optional(),
format: zod_1.z.string().optional(),
ipSans: zod_1.z.string().optional(),
otherSans: zod_1.z.string().optional(),
ttl: zod_1.z.string().optional(),
uriSans: zod_1.z.string().optional()
})
.optional(),
/**
* VaultSecretType defines the type of vault secret
*/
type: zod_1.z.string().optional()
}))
})
.optional(),
/**
* AuthPodIdentity allows users to select the platform native identity
* mechanism
*/
podIdentity: zod_1.z
.object({
/**
* Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set
*/
identityAuthorityHost: zod_1.z.string().optional(),
identityId: zod_1.z.string().optional(),
/**
* IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn
*/
identityOwner: zod_1.z
.union([zod_1.z.literal("keda"), zod_1.z.literal("workload")])
.optional(),
/**
* Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set
*/
identityTenantId: zod_1.z.string().optional(),
/**
* PodIdentityProvider contains the list of providers
*/
provider: zod_1.z.union([
zod_1.z.literal("azure-workload"),
zod_1.z.literal("gcp"),
zod_1.z.literal("aws"),
zod_1.z.literal("aws-eks"),
zod_1.z.literal("none")
]),
/**
* RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner
*/
roleArn: zod_1.z.string().optional()
})
.optional(),
secretTargetRef: zod_1.z
.array(zod_1.z.object({
key: zod_1.z.string(),
name: zod_1.z.string(),
parameter: zod_1.z.string()
}))
.optional()
}),
/**
* TriggerAuthenticationStatus defines the observed state of TriggerAuthentication
*/
status: zod_1.z
.object({
scaledjobs: zod_1.z.string().optional(),
scaledobjects: zod_1.z.string().optional()
})
.optional()
});