StaticSecrets#
- pydantic model phalanx.models.secrets.StaticSecrets#
Model for the YAML file containing static secrets.
This doubles as the model used to pass static secrets around internally, in which case the description fields of the
StaticSecretmembers are ignored.- Parameters:
data (
Any) –
Show JSON schema
{ "title": "StaticSecrets", "description": "Model for the YAML file containing static secrets.\n\nThis doubles as the model used to pass static secrets around internally,\nin which case the description fields of the `StaticSecret` members are\nignored.", "type": "object", "properties": { "applications": { "title": "Secrets by application and key", "description": "Mapping of application to secret key to that static secret", "default": {}, "type": "object", "additionalProperties": { "type": "object", "additionalProperties": { "$ref": "#/definitions/StaticSecret" } } }, "pull-secret": { "title": "Pull secret", "description": "Pull secret for this environment, if any is needed", "allOf": [ { "$ref": "#/definitions/PullSecret" } ] } }, "additionalProperties": false, "definitions": { "StaticSecret": { "title": "StaticSecret", "description": "Value of a static secret provided in a YAML file.", "type": "object", "properties": { "description": { "title": "Description of secret", "description": "Intended for human writers and ignored by tools", "type": "string" }, "value": { "title": "Value of secret", "description": "Value of the secret, or `None` if it's not known", "type": "string", "writeOnly": true, "format": "password" } }, "additionalProperties": false }, "RegistryPullSecret": { "title": "RegistryPullSecret", "description": "Pull secret for a specific Docker Repository.", "type": "object", "properties": { "username": { "title": "Username", "description": "HTTP Basic Auth username", "type": "string" }, "password": { "title": "Password", "description": "HTTP Basic Auth password", "type": "string", "writeOnly": true, "format": "password" } }, "required": [ "username", "password" ], "additionalProperties": false }, "PullSecret": { "title": "PullSecret", "description": "Specification for a Docker pull secret.", "type": "object", "properties": { "description": { "title": "Description of pull secret", "description": "Description of the pull secret for humans reading the YAML file", "default": "Pull secrets for Docker registries. Each key under registries is the name of a Docker registry that needs a pull secret. The value should have two keys, username and password, that provide the HTTP Basic Auth credentials for that registry.", "type": "string" }, "registries": { "title": "Pull secret by registry", "description": "Pull secrets for each registry that needs one", "default": {}, "type": "object", "additionalProperties": { "$ref": "#/definitions/RegistryPullSecret" } } }, "additionalProperties": false } } }
- Config:
allow_population_by_field_name: bool = True
extra: Extra = Extra.forbid
- Fields:
-
field applications:
dict[str,dict[str,StaticSecret]] = {}# Mapping of application to secret key to that static secret
-
field pull_secret:
Optional[PullSecret] = None (alias 'pull-secret')# Pull secret for this environment, if any is needed
- for_application(application)#
Return any known secrets for an application.
- Parameters:
application (
str) – Name of the application.- Returns:
Mapping of secret keys to StaticSecret objects. If the application has no static secrets, returns an empty dictionary.
- Return type:
dict of StaticSecret