--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.13.0 name: originissuers.cert-manager.k8s.cloudflare.com spec: group: cert-manager.k8s.cloudflare.com names: kind: OriginIssuer listKind: OriginIssuerList plural: originissuers singular: originissuer scope: Namespaced versions: - name: v1 schema: openAPIV3Schema: description: An OriginIssuer represents the Cloudflare Origin CA as an external cert-manager issuer. It is scoped to a single namespace, so it can be used only by resources in the same namespace. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: Desired state of the OriginIssuer resource properties: auth: description: Auth configures how to authenticate with the Cloudflare API. properties: serviceKeyRef: description: ServiceKeyRef authenticates with an API Service Key. properties: key: description: Key of the secret to select from. Must be a valid secret key. type: string name: description: Name of the secret in the issuer's namespace to select. If a cluster-scoped issuer, the secret is selected from the "cluster resource namespace" configured on the controller. type: string required: - key - name type: object type: object requestType: description: RequestType is the signature algorithm Cloudflare should use to sign the certificate. enum: - OriginRSA - OriginECC type: string required: - auth - requestType type: object status: description: Status of the OriginIssuer. This is set and managed automatically. properties: conditions: description: List of status conditions to indicate the status of an OriginIssuer Known condition types are `Ready`. items: description: OriginIssuerCondition contains condition information for the OriginIssuer. properties: lastTransitionTime: description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. format: date-time type: string message: description: Message is a human readable description of the details of the last transition1, complementing reason. type: string reason: description: Reason is a brief machine readable explanation for the condition's last transition. type: string status: description: Status of the condition, one of ('True', 'False', 'Unknown') enum: - "True" - "False" - Unknown type: string type: description: Type of the condition, known values are ('Ready') enum: - Ready type: string required: - status - type type: object type: array type: object type: object served: true storage: true subresources: status: {}