kops/k8s/crds/kops.k8s.io_keysets.yaml

---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.18.0
  name: keysets.kops.k8s.io
spec:
  group: kops.k8s.io
  names:
    kind: Keyset
    listKind: KeysetList
    plural: keysets
    singular: keyset
  scope: Namespaced
  versions:
  - name: v1alpha2
    schema:
      openAPIV3Schema:
        description: |-
          Keyset is a set of system keypairs, or other secret material.
          It is a set to support credential rotation etc.          
        properties:
          apiVersion:
            description: |-
              APIVersion defines the versioned schema of this representation of an object.
              Servers should convert recognized schemas to the latest internal value, and
              may reject unrecognized values.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources              
            type: string
          kind:
            description: |-
              Kind is a string value representing the REST resource this object represents.
              Servers may infer this from the endpoint the client submits requests to.
              Cannot be updated.
              In CamelCase.
              More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds              
            type: string
          metadata:
            type: object
          spec:
            description: KeysetSpec is the spec for a Keyset
            properties:
              keys:
                description: Keys is the set of keys that make up the keyset
                items:
                  description: KeysetItem is an item (keypair or other secret material)
                    in a Keyset
                  properties:
                    distrustTimestamp:
                      description: |-
                        DistrustTimestamp is RFC 3339 date and time at which this keypair was distrusted.
                        If not set, keypair is trusted or is not a keypair.                        
                      format: date-time
                      type: string
                    id:
                      description: Id is the unique identifier for this key in the
                        keyset
                      type: string
                    privateMaterial:
                      description: PrivateMaterial holds secret material (e.g. a private
                        key, or symmetric token)
                      format: byte
                      type: string
                    publicMaterial:
                      description: PublicMaterial holds non-secret material (e.g.
                        a certificate)
                      format: byte
                      type: string
                  type: object
                type: array
              primaryId:
                description: PrimaryID is the id of the key used to make new signatures.
                type: string
              type:
                description: Type is the type of the Keyset (PKI keypair, or secret
                  token)
                type: string
            type: object
        type: object
    served: true
    storage: true