openstack-k8s-operators
diff --git a/‎api/bases/barbican.openstack.org_barbicanapis.yaml‎
Lines changed: 18 additions & 13 deletions b/‎api/bases/barbican.openstack.org_barbicanapis.yaml‎
Lines changed: 18 additions & 13 deletions
diff --git a/‎api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml‎
Lines changed: 18 additions & 13 deletions b/‎api/bases/barbican.openstack.org_barbicankeystonelisteners.yaml‎
Lines changed: 18 additions & 13 deletions
@@ -300,13 +300,13 @@ spec:
               pkcs11:
                 description: BarbicanPKCS11Template - Includes all common HSM properties
                 properties:
-                  hsmCertificates:
-                    additionalProperties:
-                      type: string
-                    description: 'The HSM certificates. The map''s key is the OpenShift
-                      secret storing the certificate, and the value is the mounting
-                      point (e.g., "luna-certificates": "/usr/local/luna/config/certs").'
-                    type: object
+                  hsmCertificatesMountPoint:
+                    description: The mounting point where the certificates will be
+                      copied to (e.g., /usr/local/luna/config/certs).
+                    type: string
+                  hsmCertificatesSecret:
+                    description: The OpenShift secret that stores the HSM certificates.
+                    type: string
                   hsmClientAddress:
                     description: The IP address of the client connecting to the HSM
                       (X.Y.Z.K)
@@ -331,9 +331,9 @@ spec:
                     maximum: 7
                     minimum: 0
                     type: integer
-                  hsmLogin:
-                    description: OpenShift secret storing the password to login to
-                      PKCS11 session
+                  hsmLoginSecret:
+                    description: OpenShift secret that stores the password to login
+                      to the PKCS11 session
                     type: string
                   hsmMKEKLabel:
                     description: Label to identify master KEK in the HSM (must not
@@ -344,16 +344,14 @@ spec:
                     description: Length in bytes of master KEK
                     type: integer
                   hsmSlotId:
-                    default: 1
                     description: HSM Slot ID that contains the token device to be
                       used
-                    type: integer
+                    type: string
                   hsmTokenLabel:
                     description: Token label used to identify the token to be used.
                       Required when token_serial_number is not specified.
                     type: string
                   hsmTokenSerialNumber:
-                    default: "12345678"
                     description: Token serial number used to identify the token to
                       be used. Required when the device has multiple tokens with the
                       same label.
@@ -362,6 +360,13 @@ spec:
                     description: 'A string containing the HSM type (currently supported:
                       "trustway", "luna", "ncipher").'
                     type: string
+                required:
+                - hsmHMACLabel
+                - hsmIpAddress
+                - hsmLibraryPath
+                - hsmLoginSecret
+                - hsmMKEKLabel
+                - hsmType
                 type: object
               rabbitMqClusterName:
                 default: rabbitmq
 
@@ -122,13 +122,13 @@ spec:
               pkcs11:
                 description: BarbicanPKCS11Template - Includes all common HSM properties
                 properties:
-                  hsmCertificates:
-                    additionalProperties:
-                      type: string
-                    description: 'The HSM certificates. The map''s key is the OpenShift
-                      secret storing the certificate, and the value is the mounting
-                      point (e.g., "luna-certificates": "/usr/local/luna/config/certs").'
-                    type: object
+                  hsmCertificatesMountPoint:
+                    description: The mounting point where the certificates will be
+                      copied to (e.g., /usr/local/luna/config/certs).
+                    type: string
+                  hsmCertificatesSecret:
+                    description: The OpenShift secret that stores the HSM certificates.
+                    type: string
                   hsmClientAddress:
                     description: The IP address of the client connecting to the HSM
                       (X.Y.Z.K)
@@ -153,9 +153,9 @@ spec:
                     maximum: 7
                     minimum: 0
                     type: integer
-                  hsmLogin:
-                    description: OpenShift secret storing the password to login to
-                      PKCS11 session
+                  hsmLoginSecret:
+                    description: OpenShift secret that stores the password to login
+                      to the PKCS11 session
                     type: string
                   hsmMKEKLabel:
                     description: Label to identify master KEK in the HSM (must not
@@ -166,16 +166,14 @@ spec:
                     description: Length in bytes of master KEK
                     type: integer
                   hsmSlotId:
-                    default: 1
                     description: HSM Slot ID that contains the token device to be
                       used
-                    type: integer
+                    type: string
                   hsmTokenLabel:
                     description: Token label used to identify the token to be used.
                       Required when token_serial_number is not specified.
                     type: string
                   hsmTokenSerialNumber:
-                    default: "12345678"
                     description: Token serial number used to identify the token to
                       be used. Required when the device has multiple tokens with the
                       same label.
@@ -184,6 +182,13 @@ spec:
                     description: 'A string containing the HSM type (currently supported:
                       "trustway", "luna", "ncipher").'
                     type: string
+                required:
+                - hsmHMACLabel
+                - hsmIpAddress
+                - hsmLibraryPath
+                - hsmLoginSecret
+                - hsmMKEKLabel
+                - hsmType
                 type: object
               rabbitMqClusterName:
                 default: rabbitmq