2017-02-01 00:45:59 +00:00
|
|
|
/*
|
|
|
|
Copyright 2017 The Kubernetes Authors.
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
// This file was autogenerated by go-to-protobuf. Do not edit it manually!
|
|
|
|
|
|
|
|
syntax = 'proto2';
|
|
|
|
|
2017-02-03 13:41:32 +00:00
|
|
|
package k8s.io.kubernetes.pkg.apis.certificates.v1beta1;
|
2017-02-01 00:45:59 +00:00
|
|
|
|
|
|
|
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
|
|
|
|
import "k8s.io/apimachinery/pkg/runtime/generated.proto";
|
|
|
|
import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
|
|
|
|
import "k8s.io/kubernetes/pkg/api/resource/generated.proto";
|
|
|
|
import "k8s.io/kubernetes/pkg/api/v1/generated.proto";
|
|
|
|
import "k8s.io/kubernetes/pkg/util/intstr/generated.proto";
|
|
|
|
|
|
|
|
// Package-wide variables from generator "generated".
|
2017-02-03 13:41:32 +00:00
|
|
|
option go_package = "v1beta1";
|
2017-02-01 00:45:59 +00:00
|
|
|
|
|
|
|
// Describes a certificate signing request
|
|
|
|
message CertificateSigningRequest {
|
|
|
|
// +optional
|
2017-02-03 13:41:32 +00:00
|
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ObjectMeta metadata = 1;
|
2017-02-01 00:45:59 +00:00
|
|
|
|
|
|
|
// The certificate request itself and any additional information.
|
|
|
|
// +optional
|
|
|
|
optional CertificateSigningRequestSpec spec = 2;
|
|
|
|
|
|
|
|
// Derived information about the request.
|
|
|
|
// +optional
|
|
|
|
optional CertificateSigningRequestStatus status = 3;
|
|
|
|
}
|
|
|
|
|
|
|
|
message CertificateSigningRequestCondition {
|
|
|
|
// request approval state, currently Approved or Denied.
|
|
|
|
optional string type = 1;
|
|
|
|
|
|
|
|
// brief reason for the request state
|
|
|
|
// +optional
|
|
|
|
optional string reason = 2;
|
|
|
|
|
|
|
|
// human readable message with details about the request state
|
|
|
|
// +optional
|
|
|
|
optional string message = 3;
|
|
|
|
|
|
|
|
// timestamp for the last update to this condition
|
|
|
|
// +optional
|
|
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastUpdateTime = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
message CertificateSigningRequestList {
|
|
|
|
// +optional
|
|
|
|
optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 1;
|
|
|
|
|
|
|
|
repeated CertificateSigningRequest items = 2;
|
|
|
|
}
|
|
|
|
|
|
|
|
// This information is immutable after the request is created. Only the Request
|
|
|
|
// and ExtraInfo fields can be set on creation, other fields are derived by
|
|
|
|
// Kubernetes and cannot be modified by users.
|
|
|
|
message CertificateSigningRequestSpec {
|
|
|
|
// Base64-encoded PKCS#10 CSR data
|
|
|
|
optional bytes request = 1;
|
|
|
|
|
|
|
|
// allowedUsages specifies a set of usage contexts the key will be
|
|
|
|
// valid for.
|
|
|
|
// See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
|
|
|
|
// https://tools.ietf.org/html/rfc5280#section-4.2.1.12
|
|
|
|
repeated string keyUsage = 5;
|
|
|
|
|
|
|
|
// Information about the requesting user (if relevant)
|
|
|
|
// See user.Info interface for details
|
|
|
|
// +optional
|
|
|
|
optional string username = 2;
|
|
|
|
|
|
|
|
// +optional
|
|
|
|
optional string uid = 3;
|
|
|
|
|
|
|
|
// +optional
|
|
|
|
repeated string groups = 4;
|
|
|
|
}
|
|
|
|
|
|
|
|
message CertificateSigningRequestStatus {
|
|
|
|
// Conditions applied to the request, such as approval or denial.
|
|
|
|
// +optional
|
|
|
|
repeated CertificateSigningRequestCondition conditions = 1;
|
|
|
|
|
|
|
|
// If request was approved, the controller will place the issued certificate here.
|
|
|
|
// +optional
|
|
|
|
optional bytes certificate = 2;
|
|
|
|
}
|
|
|
|
|