PocketIDUser
pocketid.internal / v1alpha1
apiVersion: pocketid.internal/v1alpha1
kind: PocketIDUser
metadata:
name: example
apiVersion
string
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
kind
string
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
metadata
object
spec object
spec defines the desired state of PocketIDUser
admin
boolean
Flag whether a user is an admin or not
apiKeys []object
APIKeys is a list of API keys to create for this user
description
string
Description of the API key
expiresAt
string
ExpiresAt is the expiration time in RFC3339 format (e.g., "2030-01-01T00:00:00Z")
Defaults to 1 year in the future
name
string required
Name of the API key (3-50 characters)
minLength:
3maxLength:
50secretRef object
SecretRef references an existing Secret containing the API key token
If set, the operator will use this secret instead of creating a new one
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
disabled
boolean
Disabled indicates whether the user account is disabled
displayName object
DisplayName of the user
Defaults to "spec.FirstName spec.LastName"
value
string
Plain text value
valueFrom object
Source for the value from a secret
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
email object
Email of the user
Can be a plain value or reference a secret
Required unless email is disabled in pocket-id
value
string
Plain text value
valueFrom object
Source for the value from a secret
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
firstName object
First name of the user
Can be a plain value or reference a secret
Defaults to metadata.name of the Resource
value
string
Plain text value
valueFrom object
Source for the value from a secret
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
instanceSelector object
InstanceSelector selects the PocketIDInstance to reconcile against.
If omitted, the controller expects exactly one instance in the cluster.
matchExpressions []object
matchExpressions is a list of label selector requirements. The requirements are ANDed.
key
string required
key is the label key that the selector applies to.
operator
string required
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
values
[]string
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
matchLabels
object
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
lastName object
Last name of the user
Can be a plain value or reference a secret
value
string
Plain text value
valueFrom object
Source for the value from a secret
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
locale
string
Locale is the user's preferred locale (e.g., "en", "de", "fr")
userInfoSecretRef object
UserInfoSecretRef references a single Secret containing sensitive user profile fields.
Values from the secret are evaluated last, so spec.username will override the username key in this secret
Keys: username, firstName, lastName, email, displayName
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
username object
Username of the user. Defaults to the metadata.name
Can be a plain value or reference a secret
value
string
Plain text value
valueFrom object
Source for the value from a secret
key
string required
The key of the secret to select from. Must be a valid secret key.
name
string
Name of the referent.
This field is effectively required, but due to backwards compatibility is
allowed to be empty. Instances of this type with an empty value here are
almost certainly wrong.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
optional
boolean
Specify whether the Secret or its key must be defined
status object
status defines the observed state of PocketIDUser
apiKeys []object
APIKeys reflects the observed state of each API key
createdAt
string
CreatedAt timestamp from Pocket-ID
expiresAt
string
ExpiresAt timestamp from Pocket-ID
id
string
ID assigned by Pocket-ID
lastUsedAt
string
LastUsedAt timestamp from Pocket-ID
name
string required
Name of the API key (matches spec)
secretKey
string
SecretKey within the secret containing the token
secretName
string
SecretName where the API key token is stored
conditions []object
Conditions represent the current state of the PocketIDUser resource.
lastTransitionTime
string required
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format:
date-time
message
string required
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength:
32768
observedGeneration
integer
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format:
int64minimum:
0
reason
string required
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
pattern:
^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$minLength:
1maxLength:
1024
status
string required
status of the condition, one of True, False, Unknown.
enum:
True, False, Unknown
type
string required
type of condition in CamelCase or in foo.example.com/CamelCase.
pattern:
^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$maxLength:
316
disabled
boolean
Disabled reflects whether the user is disabled in Pocket-ID
emailVerified
boolean
EmailVerified reflects whether the user's email has been verified in Pocket-ID.
isAdmin
boolean
IsAdmin reflects whether the user is an admin in Pocket-ID
locale
string
Locale of the user from Pocket-ID
oneTimeLoginExpiresAt
string
OneTimeLoginExpiresAt is the RFC3339 timestamp when the login token expires
oneTimeLoginToken
string
OneTimeLoginToken is the one-time login token for a newly created user
oneTimeLoginURL
string
OneTimeLoginURL is the login URL built from the one-time login token
userID
string
UserID is the ID assigned by Pocket-ID
userInfoSecretName
string
UserInfoSecretName is the name of the Secret storing user profile fields.
The operator writes to "<name>-user-data".
No matches. Try .spec.admin for an exact path