adobe-platform · eadasiak · May 14, 2025 · May 13, 2025 · May 13, 2025
diff --git a/master-standalone-strict/acraccesstoken-generators-v1alpha1.json b/master-standalone-strict/acraccesstoken-generators-v1alpha1.json
@@ -1,5 +1,5 @@
 {
-  "description": "ACRAccessToken returns a Azure Container Registry token\nthat can be used for pushing/pulling images.\nNote: by default it will return an ACR Refresh Token with full access\n(depending on the identity).\nThis can be scoped down to the repository level using .spec.scope.\nIn case scope is defined it will return an ACR Access Token.\n\n\nSee docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md",
+  "description": "ACRAccessToken returns an Azure Container Registry token\nthat can be used for pushing/pulling images.\nNote: by default it will return an ACR Refresh Token with full access\n(depending on the identity).\nThis can be scoped down to the repository level using .spec.scope.\nIn case scope is defined it will return an ACR Access Token.\n\nSee docs: https://github.com/Azure/acr/blob/main/docs/AAD-OAuth.md",
   "properties": {
     "apiVersion": {
       "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
@@ -38,15 +38,24 @@
                       "description": "The Azure clientId of the service principle used for authentication.",
                       "properties": {
                         "key": {
-                          "description": "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required.",
+                          "description": "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required.",
+                          "maxLength": 253,
+                          "minLength": 1,
+                          "pattern": "^[-._a-zA-Z0-9]+$",
                           "type": "string"
                         },
                         "name": {
                           "description": "The name of the Secret resource being referred to.",
+                          "maxLength": 253,
+                          "minLength": 1,
+                          "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$",
                           "type": "string"
                         },
                         "namespace": {
-                          "description": "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent.",
+                          "description": "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
+                          "maxLength": 63,
+                          "minLength": 1,
+                          "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$",
                           "type": "string"
                         }
                       },
@@ -57,15 +66,24 @@
                       "description": "The Azure ClientSecret of the service principle used for authentication.",
                       "properties": {
                         "key": {
-                          "description": "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required.",
+                          "description": "A key in the referenced Secret.\nSome instances of this field may be defaulted, in others it may be required.",
+                          "maxLength": 253,
+                          "minLength": 1,
+                          "pattern": "^[-._a-zA-Z0-9]+$",
                           "type": "string"
                         },
                         "name": {
                           "description": "The name of the Secret resource being referred to.",
+                          "maxLength": 253,
+                          "minLength": 1,
+                          "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$",
                           "type": "string"
                         },
                         "namespace": {
-                          "description": "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent.",
+                          "description": "The namespace of the Secret resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
+                          "maxLength": 63,
+                          "minLength": 1,
+                          "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$",
                           "type": "string"
                         }
                       },
@@ -98,10 +116,16 @@
                     },
                     "name": {
                       "description": "The name of the ServiceAccount resource being referred to.",
+                      "maxLength": 253,
+                      "minLength": 1,
+                      "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$",
                       "type": "string"
                     },
                     "namespace": {
-                      "description": "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent.",
+                      "description": "Namespace of the resource being referred to.\nIgnored if referent is not cluster-scoped, otherwise defaults to the namespace of the referent.",
+                      "maxLength": 63,
+                      "minLength": 1,
+                      "pattern": "^[a-z0-9]([-a-z0-9]*[a-z0-9])?$",
                       "type": "string"
                     }
                   },
@@ -135,7 +159,7 @@
           "type": "string"
         },
         "scope": {
-          "description": "Define the scope for the access token, e.g. pull/push access for a repository.\nif not provided it will return a refresh token that has full scope.\nNote: you need to pin it down to the repository level, there is no wildcard available.\n\n\nexamples:\nrepository:my-repository:pull,push\nrepository:my-repository:pull\n\n\nsee docs for details: https://docs.docker.com/registry/spec/auth/scope/",
+          "description": "Define the scope for the access token, e.g. pull/push access for a repository.\nif not provided it will return a refresh token that has full scope.\nNote: you need to pin it down to the repository level, there is no wildcard available.\n\nexamples:\nrepository:my-repository:pull,push\nrepository:my-repository:pull\n\nsee docs for details: https://docs.docker.com/registry/spec/auth/scope/",
           "type": "string"
         },
         "tenantId": {