--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.17.2 name: managedcertificates.approuting.kubernetes.azure.com spec: group: approuting.kubernetes.azure.com names: kind: ManagedCertificate listKind: ManagedCertificateList plural: managedcertificates singular: managedcertificate scope: Namespaced versions: - name: v1alpha1 schema: openAPIV3Schema: description: ManagedCertificate is the Schema for the managedcertificates API. properties: apiVersion: description: |- APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: description: |- Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: description: ManagedCertificateSpec defines the desired state of ManagedCertificate. properties: dnsZone: description: DnsZone defines the DNS Zone that the ManagedCertificate will be applied to. properties: activeDirectoryAuthorityHost: description: ActiveDirectoryApplicationId is the base URL of the cloud's Azure Active Directory. type: string resourceId: description: ResourceId is the Azure Resource ID of the DNS Zone. Can be retrieved with `az network dns zone show -g <resource-group> -n <zone-name> --query id -o tsv`. type: string tenantId: description: TenantId is the Azure Tenant ID of the DNS Zone. type: string type: object domainNames: description: DomainNames is a list of domain names that the Certificate will be issued for. items: type: string minItems: 1 type: array x-kubernetes-list-type: set serviceAccount: description: ServiceAccount is the name of the ServiceAccount that will be used to connect to the Azure DNS Zone. type: string target: description: Target defines the targets that the Certificate will be bound to. maxProperties: 1 minProperties: 1 properties: secret: description: Secret is the name of the Secret that will contain the Certificate. type: string type: object required: - dnsZone - domainNames - serviceAccount - target type: object status: description: ManagedCertificateStatus defines the observed state of ManagedCertificate. properties: conditions: description: Conditions represent the latest available observations of the ManagedCertificate's current state. items: description: Condition contains details for one aspect of the current state of this API Resource. properties: lastTransitionTime: description: |- lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: description: |- message is a human readable message indicating details about the transition. This may be an empty string. maxLength: 32768 type: string observedGeneration: description: |- observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: description: |- reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ type: string status: description: status of the condition, one of True, False, Unknown. enum: - "True" - "False" - Unknown type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string required: - lastTransitionTime - message - reason - status - type type: object type: array x-kubernetes-list-map-keys: - type x-kubernetes-list-type: map dnsVerificationStart: description: DnsVerificationStart is the time when the DNS verification process started. format: date-time type: string expireTime: description: ExpireTime is the time when the Certificate will expire. The Certificate will be automatically renewed before this time. format: date-time type: string lastRotationTime: description: LastRotationTime is the time when the Certificate was last rotated. format: date-time type: string type: object required: - spec type: object served: true storage: true subresources: status: {}