You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jun 7, 2024. It is now read-only.
description: AccessControlPolicy defines an access control policy.
21
21
properties:
22
22
apiVersion:
23
-
description: 'APIVersion defines the versioned schema of this representation
24
-
of an object. Servers should convert recognized schemas to the latest
25
-
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
23
+
description: |-
24
+
APIVersion defines the versioned schema of this representation of an object.
25
+
Servers should convert recognized schemas to the latest internal value, and
26
+
may reject unrecognized values.
27
+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
26
28
type: string
27
29
kind:
28
-
description: 'Kind is a string value representing the REST resource this
29
-
object represents. Servers may infer this from the endpoint the client
30
-
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
30
+
description: |-
31
+
Kind is a string value representing the REST resource this object represents.
32
+
Servers may infer this from the endpoint the client submits requests to.
33
+
Cannot be updated.
34
+
In CamelCase.
35
+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
31
36
type: string
32
37
metadata:
33
38
type: object
@@ -54,10 +59,9 @@ spec:
54
59
description: Header is the name of a header.
55
60
type: string
56
61
headerAuthScheme:
57
-
description: HeaderAuthScheme sets an optional auth scheme
58
-
when Header is set to "Authorization". If set, this scheme
59
-
is removed from the token, and all requests not including
60
-
it are dropped.
62
+
description: |-
63
+
HeaderAuthScheme sets an optional auth scheme when Header is set to "Authorization".
64
+
If set, this scheme is removed from the token, and all requests not including it are dropped.
61
65
type: string
62
66
query:
63
67
description: Query is the name of a query parameter.
@@ -165,15 +169,15 @@ spec:
165
169
Server certificate.
166
170
type: string
167
171
insecureSkipVerify:
168
-
description: InsecureSkipVerify skips the Authorization
169
-
Server certificate validation. For testing purposes
170
-
only, do not use in production.
172
+
description: |-
173
+
InsecureSkipVerify skips the Authorization Server certificate validation.
174
+
For testing purposes only, do not use in production.
171
175
type: boolean
172
176
type: object
173
177
tokenTypeHint:
174
-
description: TokenTypeHint is a hint to pass to the Authorization
175
-
Server. See https://tools.ietf.org/html/rfc7662#section-2.1
176
-
for more information.
178
+
description: |-
179
+
TokenTypeHint is a hint to pass to the Authorization Server.
180
+
See https://tools.ietf.org/html/rfc7662#section-2.1 for more information.
177
181
type: string
178
182
url:
179
183
description: URL of the Authorization Server.
@@ -186,9 +190,9 @@ spec:
186
190
type: string
187
191
type: object
188
192
tokenSource:
189
-
description: 'TokenSource describes how to extract tokens from
190
-
HTTP requests. If multiple sources are set, the order is the
191
-
following: header > query > cookie.'
193
+
description: |-
194
+
TokenSource describes how to extract tokens from HTTP requests.
195
+
If multiple sources are set, the order is the following: header > query > cookie.
192
196
properties:
193
197
cookie:
194
198
description: Cookie is the name of a cookie.
@@ -197,10 +201,9 @@ spec:
197
201
description: Header is the name of a header.
198
202
type: string
199
203
headerAuthScheme:
200
-
description: HeaderAuthScheme sets an optional auth scheme
201
-
when Header is set to "Authorization". If set, this scheme
202
-
is removed from the token, and all requests not including
203
-
it are dropped.
204
+
description: |-
205
+
HeaderAuthScheme sets an optional auth scheme when Header is set to "Authorization".
206
+
If set, this scheme is removed from the token, and all requests not including it are dropped.
204
207
type: string
205
208
query:
206
209
description: Query is the name of a query parameter.
@@ -241,8 +244,9 @@ spec:
241
244
type: string
242
245
type: array
243
246
secret:
244
-
description: SecretReference represents a Secret Reference. It
245
-
has enough information to retrieve secret in any namespace
247
+
description: |-
248
+
SecretReference represents a Secret Reference. It has enough information to retrieve secret
249
+
in any namespace
246
250
properties:
247
251
name:
248
252
description: name is unique within a namespace to reference
@@ -306,8 +310,9 @@ spec:
306
310
redirectUrl:
307
311
type: string
308
312
secret:
309
-
description: SecretReference represents a Secret Reference. It
310
-
has enough information to retrieve secret in any namespace
313
+
description: |-
314
+
SecretReference represents a Secret Reference. It has enough information to retrieve secret
315
+
in any namespace
311
316
properties:
312
317
name:
313
318
description: name is unique within a namespace to reference
description: APIAccess defines who can access to a set of APIs.
21
21
properties:
22
22
apiVersion:
23
-
description: 'APIVersion defines the versioned schema of this representation
24
-
of an object. Servers should convert recognized schemas to the latest
25
-
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
23
+
description: |-
24
+
APIVersion defines the versioned schema of this representation of an object.
25
+
Servers should convert recognized schemas to the latest internal value, and
26
+
may reject unrecognized values.
27
+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
26
28
type: string
27
29
kind:
28
-
description: 'Kind is a string value representing the REST resource this
29
-
object represents. Servers may infer this from the endpoint the client
30
-
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
30
+
description: |-
31
+
Kind is a string value representing the REST resource this object represents.
32
+
Servers may infer this from the endpoint the client submits requests to.
33
+
Cannot be updated.
34
+
In CamelCase.
35
+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
31
36
type: string
32
37
metadata:
33
38
type: object
34
39
spec:
35
40
description: The desired behavior of this APIAccess.
36
41
properties:
37
42
apiSelector:
38
-
description: APISelector selects the APIs that will be accessible
39
-
to the configured audience. Multiple APIAccesses can select the
40
-
same set of APIs. This field is optional and follows standard label
41
-
selector semantics. An empty APISelector matches any API.
43
+
description: |-
44
+
APISelector selects the APIs that will be accessible to the configured audience.
45
+
Multiple APIAccesses can select the same set of APIs.
46
+
This field is optional and follows standard label selector semantics.
47
+
An empty APISelector matches any API.
42
48
properties:
43
49
matchExpressions:
44
50
description: matchExpressions is a list of label selector requirements.
45
51
The requirements are ANDed.
46
52
items:
47
-
description: A label selector requirement is a selector that
48
-
contains values, a key, and an operator that relates the key
49
-
and values.
53
+
description: |-
54
+
A label selector requirement is a selector that contains values, a key, and an operator that
55
+
relates the key and values.
50
56
properties:
51
57
key:
52
58
description: key is the label key that the selector applies
53
59
to.
54
60
type: string
55
61
operator:
56
-
description: operator represents a key's relationship to
57
-
a set of values. Valid operators are In, NotIn, Exists
58
-
and DoesNotExist.
62
+
description: |-
63
+
operator represents a key's relationship to a set of values.
64
+
Valid operators are In, NotIn, Exists and DoesNotExist.
59
65
type: string
60
66
values:
61
-
description: values is an array of string values. If the
62
-
operator is In or NotIn, the values array must be non-empty.
63
-
If the operator is Exists or DoesNotExist, the values
64
-
array must be empty. This array is replaced during a strategic
67
+
description: |-
68
+
values is an array of string values. If the operator is In or NotIn,
69
+
the values array must be non-empty. If the operator is Exists or DoesNotExist,
70
+
the values array must be empty. This array is replaced during a strategic
65
71
merge patch.
66
72
items:
67
73
type: string
@@ -74,19 +80,18 @@ spec:
74
80
matchLabels:
75
81
additionalProperties:
76
82
type: string
77
-
description: matchLabels is a map of {key,value} pairs. A single
78
-
{key,value} in the matchLabels map is equivalent to an element
79
-
of matchExpressions, whose key field is "key", the operator
80
-
is "In", and the values array contains only "value". The requirements
81
-
are ANDed.
83
+
description: |-
84
+
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
85
+
map is equivalent to an element of matchExpressions, whose key field is "key", the
86
+
operator is "In", and the values array contains only "value". The requirements are ANDed.
82
87
type: object
83
88
type: object
84
89
x-kubernetes-map-type: atomic
85
90
apis:
86
-
description: APIs defines a set of APIs that will be accessible to
87
-
the configured audience. Multiple APIAccesses can select the same
88
-
APIs. When combined with APISelector, this set of APIs is appended
89
-
to the matching APIs.
91
+
description: |-
92
+
APIs defines a set of APIs that will be accessible to the configured audience.
93
+
Multiple APIAccesses can select the same APIs.
94
+
When combined with APISelector, this set of APIs is appended to the matching APIs.
90
95
items:
91
96
description: APIReference references an API.
92
97
properties:
@@ -113,9 +118,10 @@ spec:
113
118
type: string
114
119
type: array
115
120
operationFilter:
116
-
description: OperationFilter specifies the allowed operations on APIs
117
-
and APIVersions. If not set, all operations are available. An empty
118
-
OperationFilter prohibits all operations.
121
+
description: |-
122
+
OperationFilter specifies the allowed operations on APIs and APIVersions.
123
+
If not set, all operations are available.
124
+
An empty OperationFilter prohibits all operations.
119
125
properties:
120
126
include:
121
127
description: Include defines the names of OperationSets that will
description: APIPortal defines a developer portal for accessing the documentation
25
21
of APIs.
26
22
properties:
27
23
apiVersion:
28
-
description: 'APIVersion defines the versioned schema of this representation
29
-
of an object. Servers should convert recognized schemas to the latest
30
-
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
24
+
description: |-
25
+
APIVersion defines the versioned schema of this representation of an object.
26
+
Servers should convert recognized schemas to the latest internal value, and
27
+
may reject unrecognized values.
28
+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
31
29
type: string
32
30
kind:
33
-
description: 'Kind is a string value representing the REST resource this
34
-
object represents. Servers may infer this from the endpoint the client
35
-
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
31
+
description: |-
32
+
Kind is a string value representing the REST resource this object represents.
33
+
Servers may infer this from the endpoint the client submits requests to.
34
+
Cannot be updated.
35
+
In CamelCase.
36
+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
36
37
type: string
37
38
metadata:
38
39
type: object
@@ -45,14 +46,17 @@ spec:
45
46
title:
46
47
description: Title is the public facing name of the APIPortal.
47
48
type: string
48
-
trustedDomains:
49
-
description: TrustedDomains are the domains that are trusted by the
50
-
OAuth 2.0 authorization server.
49
+
trustedUrls:
50
+
description: TrustedURLs are the urls that are trusted by the OAuth
51
+
2.0 authorization server.
51
52
items:
52
53
type: string
53
-
maxItems: 20
54
+
maxItems: 1
54
55
minItems: 1
55
56
type: array
57
+
x-kubernetes-validations:
58
+
- message: must be a valid URLs
59
+
rule: self.all(x, isURL(x))
56
60
ui:
57
61
description: UI holds the UI customization options.
58
62
properties:
@@ -61,7 +65,7 @@ spec:
61
65
type: string
62
66
type: object
63
67
required:
64
-
- trustedDomains
68
+
- trustedUrls
65
69
type: object
66
70
status:
67
71
description: The current status of this APIPortal.
0 commit comments