Authentication provides information to configure an operator to manage authentication. Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
Authentication provides information to configure an operator to manage authentication. Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
object
spec
Property | Type | Description |
---|---|---|
|
|
APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources |
|
|
Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds |
|
Standard object’s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata |
|
|
|
|
|
|
object
Property | Type | Description |
---|---|---|
|
|
logLevel is an intent based logging for an overall component. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for their operands. Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". |
|
|
managementState indicates whether and how the operator should manage the component |
|
`` |
observedConfig holds a sparse config that controller has observed from the cluster state. It exists in spec because it is an input to the level for the operator |
|
|
operatorLogLevel is an intent based logging for the operator itself. It does not give fine grained control, but it is a simple way to manage coarse grained logging choices that operators have to interpret for themselves. Valid values are: "Normal", "Debug", "Trace", "TraceAll". Defaults to "Normal". |
|
`` |
unsupportedConfigOverrides holds a sparse config that will override any previously set options. It only needs to be the fields to override it will end up overlaying in the following order: 1. hardcoded defaults 2. observedConfig 3. unsupportedConfigOverrides |
object
Property | Type | Description |
---|---|---|
|
|
conditions is a list of conditions and their status |
|
|
OperatorCondition is just the standard condition fields. |
|
|
generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction. |
|
|
GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made. |
|
|
OAuthAPIServer holds status specific only to oauth-apiserver |
|
|
observedGeneration is the last generation change you’ve dealt with |
|
|
readyReplicas indicates how many replicas are ready and at the desired state |
|
|
version is the level this availability applies to |
OperatorCondition is just the standard condition fields.
object
Property | Type | Description |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
generations are used to determine when an item needs to be reconciled or has changed in a way that needs a reaction.
array
GenerationStatus keeps track of the generation for a given resource so that decisions about forced updates can be made.
object
Property | Type | Description |
---|---|---|
|
|
group is the group of the thing you’re tracking |
|
|
hash is an optional field set for resources without generation that are content sensitive like secrets and configmaps |
|
|
lastGeneration is the last generation of the workload controller involved |
|
|
name is the name of the thing you’re tracking |
|
|
namespace is where the thing you’re tracking is |
|
|
resource is the resource type of the thing you’re tracking |
OAuthAPIServer holds status specific only to oauth-apiserver
object
Property | Type | Description |
---|---|---|
|
|
LatestAvailableRevision is the latest revision used as suffix of revisioned secrets like encryption-config. A new revision causes a new deployment of pods. |
The following API endpoints are available:
/apis/operator.openshift.io/v1/authentications
DELETE
: delete collection of Authentication
GET
: list objects of kind Authentication
POST
: create an Authentication
/apis/operator.openshift.io/v1/authentications/{name}
DELETE
: delete an Authentication
GET
: read the specified Authentication
PATCH
: partially update the specified Authentication
PUT
: replace the specified Authentication
/apis/operator.openshift.io/v1/authentications/{name}/status
GET
: read status of the specified Authentication
PATCH
: partially update status of the specified Authentication
PUT
: replace status of the specified Authentication
Parameter | Type | Description |
---|---|---|
|
|
If 'true', then the output is pretty printed. |
DELETE
delete collection of Authentication
Parameter | Type | Description |
---|---|---|
|
|
allowWatchBookmarks requests watch events with type "BOOKMARK". Servers that do not implement bookmarks may ignore this flag and bookmarks are sent at the server's discretion. Clients should not assume bookmarks are returned at any specific interval, nor may they assume the server will send any BOOKMARK event during a session. If this is not a watch, this field is ignored. |
|
|
The continue option should be set when retrieving more results from the server. Since this value is server defined, clients may only use the continue value from a previous query result with identical query parameters (except for the value of continue) and the server may reject a continue value it does not recognize. If the specified continue value is no longer valid whether due to expiration (generally five to fifteen minutes) or a configuration change on the server, the server will respond with a 410 ResourceExpired error together with a continue token. If the client needs a consistent list, it must restart their list without the continue field. Otherwise, the client may send another list request with the token received with the 410 error, the server will respond with a list starting from the next key, but from the latest snapshot, which is inconsistent from the previous list results - objects that are created, modified, or deleted after the first list request will be included in the response, as long as their keys are after the "next key". This field is not supported when watch is true. Clients may start a watch from the last resourceVersion value returned by the server and not miss any modifications. |
|
|
A selector to restrict the list of returned objects by their fields. Defaults to everything. |
|
|
A selector to restrict the list of returned objects by their labels. Defaults to everything. |
|
|
limit is a maximum number of responses to return for a list call. If more items exist, the server will set the `continue` field on the list metadata to a value that can be used with the same initial query to retrieve the next set of results. Setting a limit may return fewer than the requested amount of items (up to zero items) in the event all requested objects are filtered out and clients should only use the presence of the continue field to determine whether more results are avai |