ConditionalSecretConfig#

pydantic model phalanx.models.secrets.ConditionalSecretConfig#

Possibly conditional specification for an application secret.

Parameters:

data (Any) –

Show JSON schema
{
   "title": "ConditionalSecretConfig",
   "description": "Possibly conditional specification for an application secret.",
   "type": "object",
   "properties": {
      "if": {
         "anyOf": [
            {
               "type": "string"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Configuration only applies if this Helm chart setting is set to a true value",
         "title": "Condition"
      },
      "description": {
         "description": "Description of the secret",
         "title": "Description",
         "type": "string"
      },
      "copy": {
         "anyOf": [
            {
               "$ref": "#/$defs/ConditionalSecretCopyRules"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Rules for where the secret should be copied from",
         "title": "Copy rules"
      },
      "generate": {
         "anyOf": [
            {
               "$ref": "#/$defs/ConditionalSimpleSecretGenerateRules"
            },
            {
               "$ref": "#/$defs/ConditionalSourceSecretGenerateRules"
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Rules for how the secret should be generated",
         "title": "Generation rules"
      },
      "onepassword": {
         "allOf": [
            {
               "$ref": "#/$defs/SecretOnepasswordConfig"
            }
         ],
         "description": "Configuration for how the secret is stored in 1Password",
         "title": "1Password configuration"
      },
      "value": {
         "anyOf": [
            {
               "format": "password",
               "type": "string",
               "writeOnly": true
            },
            {
               "type": "null"
            }
         ],
         "default": null,
         "description": "Fixed value of secret",
         "title": "Value"
      }
   },
   "$defs": {
      "ConditionalSecretCopyRules": {
         "additionalProperties": false,
         "description": "Possibly conditional rules for copying a secret value from another.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "application": {
               "description": "Application from which the secret should be copied",
               "title": "Application",
               "type": "string"
            },
            "key": {
               "description": "Secret key from which the secret should be copied",
               "title": "Key",
               "type": "string"
            }
         },
         "required": [
            "application",
            "key"
         ],
         "title": "ConditionalSecretCopyRules",
         "type": "object"
      },
      "ConditionalSimpleSecretGenerateRules": {
         "additionalProperties": false,
         "description": "Conditional rules for generating a secret value with no source.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "type": {
               "description": "Type of secret",
               "enum": [
                  "password",
                  "gafaelfawr-token",
                  "fernet-key",
                  "rsa-private-key"
               ],
               "title": "Secret type",
               "type": "string"
            }
         },
         "required": [
            "type"
         ],
         "title": "ConditionalSimpleSecretGenerateRules",
         "type": "object"
      },
      "ConditionalSourceSecretGenerateRules": {
         "description": "Conditional rules for generating a secret from another secret.",
         "properties": {
            "if": {
               "anyOf": [
                  {
                     "type": "string"
                  },
                  {
                     "type": "null"
                  }
               ],
               "default": null,
               "description": "Configuration only applies if this Helm chart setting is set to a true value",
               "title": "Condition"
            },
            "type": {
               "description": "Type of secret",
               "enum": [
                  "bcrypt-password-hash",
                  "mtime"
               ],
               "title": "Secret type",
               "type": "string"
            },
            "source": {
               "description": "Key of secret on which this secret is based. This may only be set by secrets of type ``bcrypt-password-hash`` or ``mtime``.",
               "title": "Source key",
               "type": "string"
            }
         },
         "required": [
            "type",
            "source"
         ],
         "title": "ConditionalSourceSecretGenerateRules",
         "type": "object"
      },
      "SecretOnepasswordConfig": {
         "description": "Configuration for how a static secret is stored in 1Password.",
         "properties": {
            "encoded": {
               "default": false,
               "description": "Whether the 1Password copy of the secret is encoded in base64. 1Password doesn't support newlines in secrets, so secrets that contain significant newlines have to be encoded when storing them in 1Password. This flag indicates that this has been done, and therefore when retrieving the secret from 1Password, its base64-encoding must be undone.",
               "title": "Is base64-encoded",
               "type": "boolean"
            }
         },
         "title": "SecretOnepasswordConfig",
         "type": "object"
      }
   },
   "additionalProperties": false,
   "required": [
      "description"
   ]
}

Config:
  • populate_by_name: bool = True

  • extra: str = forbid

Fields:
Validators:
  • _validate_generate » all fields

field condition: str | None = None (alias 'if')#

Configuration only applies if this Helm chart setting is set to a true value

Validated by:
  • _validate_generate

field copy_rules: ConditionalSecretCopyRules | None = None (alias 'copy')#

Rules for where the secret should be copied from

Validated by:
  • _validate_generate

field description: str [Required]#

Description of the secret

Validated by:
  • _validate_generate

field generate: ConditionalSecretGenerateRules | None = None#

Rules for how the secret should be generated

Validated by:
  • _validate_generate

field onepassword: SecretOnepasswordConfig [Optional]#

Configuration for how the secret is stored in 1Password

Validated by:
  • _validate_generate

field value: SecretStr | None = None#

Fixed value of secret

Validated by:
  • _validate_generate