UNPKG

@soft-stech/keda

Version:
354 lines (353 loc) 14.5 kB
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.ITriggerAuthenticationSchema = void 0; // Generated by ts-to-zod const zod_1 = require("zod"); const ObjectMeta_schema_1 = require("@soft-stech/apimachinery/apis/meta/v1/ObjectMeta.schema"); /** * TriggerAuthentication defines how a trigger can authenticate */ exports.ITriggerAuthenticationSchema = zod_1.z.object({ /** * APIVersion defines the versioned schema of this representation of an object. * Servers should convert recognized schemas to the latest internal value, and * may reject unrecognized values. * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources */ apiVersion: zod_1.z.literal("keda.sh/v1alpha1"), /** * Kind is a string value representing the REST resource this object represents. * Servers may infer this from the endpoint the client submits requests to. * Cannot be updated. * In CamelCase. * More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds */ kind: zod_1.z.literal("TriggerAuthentication"), metadata: ObjectMeta_schema_1.iObjectMetaSchema.optional(), /** * TriggerAuthenticationSpec defines the various ways to authenticate */ spec: zod_1.z.object({ /** * AwsSecretManager is used to authenticate using AwsSecretManager */ awsSecretManager: zod_1.z .object({ credentials: zod_1.z .object({ accessKey: zod_1.z.object({ valueFrom: zod_1.z.object({ secretKeyRef: zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string() }) }) }), accessSecretKey: zod_1.z.object({ valueFrom: zod_1.z.object({ secretKeyRef: zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string() }) }) }), accessToken: zod_1.z .object({ valueFrom: zod_1.z.object({ secretKeyRef: zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string() }) }) }) .optional() }) .optional(), /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ podIdentity: zod_1.z .object({ /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ identityAuthorityHost: zod_1.z.string().optional(), identityId: zod_1.z.string().optional(), /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ identityOwner: zod_1.z .union([zod_1.z.literal("keda"), zod_1.z.literal("workload")]) .optional(), /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ identityTenantId: zod_1.z.string().optional(), /** * PodIdentityProvider contains the list of providers */ provider: zod_1.z.union([ zod_1.z.literal("azure-workload"), zod_1.z.literal("gcp"), zod_1.z.literal("aws"), zod_1.z.literal("aws-eks"), zod_1.z.literal("none") ]), /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ roleArn: zod_1.z.string().optional() }) .optional(), region: zod_1.z.string().optional(), secrets: zod_1.z.array(zod_1.z.object({ name: zod_1.z.string(), parameter: zod_1.z.string(), versionId: zod_1.z.string().optional(), versionStage: zod_1.z.string().optional() })) }) .optional(), /** * AzureKeyVault is used to authenticate using Azure Key Vault */ azureKeyVault: zod_1.z .object({ cloud: zod_1.z .object({ activeDirectoryEndpoint: zod_1.z.string().optional(), keyVaultResourceURL: zod_1.z.string().optional(), type: zod_1.z.string() }) .optional(), credentials: zod_1.z .object({ clientId: zod_1.z.string(), clientSecret: zod_1.z.object({ valueFrom: zod_1.z.object({ secretKeyRef: zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string() }) }) }), tenantId: zod_1.z.string() }) .optional(), /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ podIdentity: zod_1.z .object({ /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ identityAuthorityHost: zod_1.z.string().optional(), identityId: zod_1.z.string().optional(), /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ identityOwner: zod_1.z .union([zod_1.z.literal("keda"), zod_1.z.literal("workload")]) .optional(), /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ identityTenantId: zod_1.z.string().optional(), /** * PodIdentityProvider contains the list of providers */ provider: zod_1.z.union([ zod_1.z.literal("azure-workload"), zod_1.z.literal("gcp"), zod_1.z.literal("aws"), zod_1.z.literal("aws-eks"), zod_1.z.literal("none") ]), /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ roleArn: zod_1.z.string().optional() }) .optional(), secrets: zod_1.z.array(zod_1.z.object({ name: zod_1.z.string(), parameter: zod_1.z.string(), version: zod_1.z.string().optional() })), vaultUri: zod_1.z.string() }) .optional(), configMapTargetRef: zod_1.z .array(zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string(), parameter: zod_1.z.string() })) .optional(), env: zod_1.z .array(zod_1.z.object({ containerName: zod_1.z.string().optional(), name: zod_1.z.string(), parameter: zod_1.z.string() })) .optional(), gcpSecretManager: zod_1.z .object({ credentials: zod_1.z .object({ clientSecret: zod_1.z.object({ valueFrom: zod_1.z.object({ secretKeyRef: zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string() }) }) }) }) .optional(), /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ podIdentity: zod_1.z .object({ /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ identityAuthorityHost: zod_1.z.string().optional(), identityId: zod_1.z.string().optional(), /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ identityOwner: zod_1.z .union([zod_1.z.literal("keda"), zod_1.z.literal("workload")]) .optional(), /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ identityTenantId: zod_1.z.string().optional(), /** * PodIdentityProvider contains the list of providers */ provider: zod_1.z.union([ zod_1.z.literal("azure-workload"), zod_1.z.literal("gcp"), zod_1.z.literal("aws"), zod_1.z.literal("aws-eks"), zod_1.z.literal("none") ]), /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ roleArn: zod_1.z.string().optional() }) .optional(), secrets: zod_1.z.array(zod_1.z.object({ id: zod_1.z.string(), parameter: zod_1.z.string(), version: zod_1.z.string().optional() })) }) .optional(), /** * HashiCorpVault is used to authenticate using Hashicorp Vault */ hashiCorpVault: zod_1.z .object({ address: zod_1.z.string(), /** * VaultAuthentication contains the list of Hashicorp Vault authentication methods */ authentication: zod_1.z.string(), /** * Credential defines the Hashicorp Vault credentials depending on the authentication method */ credential: zod_1.z .object({ serviceAccount: zod_1.z.string().optional(), token: zod_1.z.string().optional() }) .optional(), mount: zod_1.z.string().optional(), namespace: zod_1.z.string().optional(), role: zod_1.z.string().optional(), secrets: zod_1.z.array(zod_1.z.object({ key: zod_1.z.string(), parameter: zod_1.z.string(), path: zod_1.z.string(), pkiData: zod_1.z .object({ altNames: zod_1.z.string().optional(), commonName: zod_1.z.string().optional(), format: zod_1.z.string().optional(), ipSans: zod_1.z.string().optional(), otherSans: zod_1.z.string().optional(), ttl: zod_1.z.string().optional(), uriSans: zod_1.z.string().optional() }) .optional(), /** * VaultSecretType defines the type of vault secret */ type: zod_1.z.string().optional() })) }) .optional(), /** * AuthPodIdentity allows users to select the platform native identity * mechanism */ podIdentity: zod_1.z .object({ /** * Set identityAuthorityHost to override the default Azure authority host. If this is set, then the IdentityTenantID must also be set */ identityAuthorityHost: zod_1.z.string().optional(), identityId: zod_1.z.string().optional(), /** * IdentityOwner configures which identity has to be used during auto discovery, keda or the scaled workload. Mutually exclusive with roleArn */ identityOwner: zod_1.z .union([zod_1.z.literal("keda"), zod_1.z.literal("workload")]) .optional(), /** * Set identityTenantId to override the default Azure tenant id. If this is set, then the IdentityID must also be set */ identityTenantId: zod_1.z.string().optional(), /** * PodIdentityProvider contains the list of providers */ provider: zod_1.z.union([ zod_1.z.literal("azure-workload"), zod_1.z.literal("gcp"), zod_1.z.literal("aws"), zod_1.z.literal("aws-eks"), zod_1.z.literal("none") ]), /** * RoleArn sets the AWS RoleArn to be used. Mutually exclusive with IdentityOwner */ roleArn: zod_1.z.string().optional() }) .optional(), secretTargetRef: zod_1.z .array(zod_1.z.object({ key: zod_1.z.string(), name: zod_1.z.string(), parameter: zod_1.z.string() })) .optional() }), /** * TriggerAuthenticationStatus defines the observed state of TriggerAuthentication */ status: zod_1.z .object({ scaledjobs: zod_1.z.string().optional(), scaledobjects: zod_1.z.string().optional() }) .optional() });