k8ts 0.8.1 → 0.9.1

package/dist/_imports/source.toolkit.fluxcd.io.d.ts

@@ -1,4158 +0,0 @@
-import { ApiObject, ApiObjectMetadata, GroupVersionKind } from 'cdk8s';
-import { Construct } from 'constructs';
-/**
- * Bucket is the Schema for the buckets API.
- *
- * @schema Bucket
- */
-export declare class Bucket extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "Bucket"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "Bucket".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: BucketProps): any;
-    /**
-     * Defines a "Bucket" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: BucketProps);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * Bucket is the Schema for the buckets API.
- *
- * @schema Bucket
- */
-export interface BucketProps {
-    /**
-     * @schema Bucket#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * BucketSpec specifies the required configuration to produce an Artifact for
-     * an object storage bucket.
-     *
-     * @schema Bucket#spec
-     */
-    readonly spec?: BucketSpec;
-}
-/**
- * Converts an object of type 'BucketProps' to JSON representation.
- */
-export declare function toJson_BucketProps(obj: BucketProps | undefined): Record<string, any> | undefined;
-/**
- * BucketSpec specifies the required configuration to produce an Artifact for
- * an object storage bucket.
- *
- * @schema BucketSpec
- */
-export interface BucketSpec {
-    /**
-     * BucketName is the name of the object storage bucket.
-     *
-     * @schema BucketSpec#bucketName
-     */
-    readonly bucketName: string;
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * bucket. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * This field is only supported for the `generic` provider.
-     *
-     * @schema BucketSpec#certSecretRef
-     */
-    readonly certSecretRef?: BucketSpecCertSecretRef;
-    /**
-     * Endpoint is the object storage address the BucketName is located at.
-     *
-     * @schema BucketSpec#endpoint
-     */
-    readonly endpoint: string;
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema BucketSpec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Insecure allows connecting to a non-TLS HTTP Endpoint.
-     *
-     * @schema BucketSpec#insecure
-     */
-    readonly insecure?: boolean;
-    /**
-     * Interval at which the Bucket Endpoint is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema BucketSpec#interval
-     */
-    readonly interval: string;
-    /**
-     * Prefix to use for server-side filtering of files in the Bucket.
-     *
-     * @schema BucketSpec#prefix
-     */
-    readonly prefix?: string;
-    /**
-     * Provider of the object storage bucket.
-     * Defaults to 'generic', which expects an S3 (API) compatible object
-     * storage.
-     *
-     * @default generic', which expects an S3 (API) compatible object
-     * @schema BucketSpec#provider
-     */
-    readonly provider?: BucketSpecProvider;
-    /**
-     * ProxySecretRef specifies the Secret containing the proxy configuration
-     * to use while communicating with the Bucket server.
-     *
-     * @schema BucketSpec#proxySecretRef
-     */
-    readonly proxySecretRef?: BucketSpecProxySecretRef;
-    /**
-     * Region of the Endpoint where the BucketName is located in.
-     *
-     * @schema BucketSpec#region
-     */
-    readonly region?: string;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials
-     * for the Bucket.
-     *
-     * @schema BucketSpec#secretRef
-     */
-    readonly secretRef?: BucketSpecSecretRef;
-    /**
-     * STS specifies the required configuration to use a Security Token
-     * Service for fetching temporary credentials to authenticate in a
-     * Bucket provider.
-     *
-     * This field is only supported for the `aws` and `generic` providers.
-     *
-     * @schema BucketSpec#sts
-     */
-    readonly sts?: BucketSpecSts;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * Bucket.
-     *
-     * @schema BucketSpec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Timeout for fetch operations, defaults to 60s.
-     *
-     * @schema BucketSpec#timeout
-     */
-    readonly timeout?: string;
-}
-/**
- * Converts an object of type 'BucketSpec' to JSON representation.
- */
-export declare function toJson_BucketSpec(obj: BucketSpec | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * bucket. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * This field is only supported for the `generic` provider.
- *
- * @schema BucketSpecCertSecretRef
- */
-export interface BucketSpecCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketSpecCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketSpecCertSecretRef' to JSON representation.
- */
-export declare function toJson_BucketSpecCertSecretRef(obj: BucketSpecCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Provider of the object storage bucket.
- * Defaults to 'generic', which expects an S3 (API) compatible object
- * storage.
- *
- * @default generic', which expects an S3 (API) compatible object
- * @schema BucketSpecProvider
- */
-export declare enum BucketSpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** aws */
-    AWS = "aws",
-    /** gcp */
-    GCP = "gcp",
-    /** azure */
-    AZURE = "azure"
-}
-/**
- * ProxySecretRef specifies the Secret containing the proxy configuration
- * to use while communicating with the Bucket server.
- *
- * @schema BucketSpecProxySecretRef
- */
-export interface BucketSpecProxySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketSpecProxySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketSpecProxySecretRef' to JSON representation.
- */
-export declare function toJson_BucketSpecProxySecretRef(obj: BucketSpecProxySecretRef | undefined): Record<string, any> | undefined;
-/**
- * SecretRef specifies the Secret containing authentication credentials
- * for the Bucket.
- *
- * @schema BucketSpecSecretRef
- */
-export interface BucketSpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketSpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketSpecSecretRef' to JSON representation.
- */
-export declare function toJson_BucketSpecSecretRef(obj: BucketSpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * STS specifies the required configuration to use a Security Token
- * Service for fetching temporary credentials to authenticate in a
- * Bucket provider.
- *
- * This field is only supported for the `aws` and `generic` providers.
- *
- * @schema BucketSpecSts
- */
-export interface BucketSpecSts {
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * STS endpoint. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * This field is only supported for the `ldap` provider.
-     *
-     * @schema BucketSpecSts#certSecretRef
-     */
-    readonly certSecretRef?: BucketSpecStsCertSecretRef;
-    /**
-     * Endpoint is the HTTP/S endpoint of the Security Token Service from
-     * where temporary credentials will be fetched.
-     *
-     * @schema BucketSpecSts#endpoint
-     */
-    readonly endpoint: string;
-    /**
-     * Provider of the Security Token Service.
-     *
-     * @schema BucketSpecSts#provider
-     */
-    readonly provider: BucketSpecStsProvider;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials
-     * for the STS endpoint. This Secret must contain the fields `username`
-     * and `password` and is supported only for the `ldap` provider.
-     *
-     * @schema BucketSpecSts#secretRef
-     */
-    readonly secretRef?: BucketSpecStsSecretRef;
-}
-/**
- * Converts an object of type 'BucketSpecSts' to JSON representation.
- */
-export declare function toJson_BucketSpecSts(obj: BucketSpecSts | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * STS endpoint. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * This field is only supported for the `ldap` provider.
- *
- * @schema BucketSpecStsCertSecretRef
- */
-export interface BucketSpecStsCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketSpecStsCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketSpecStsCertSecretRef' to JSON representation.
- */
-export declare function toJson_BucketSpecStsCertSecretRef(obj: BucketSpecStsCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Provider of the Security Token Service.
- *
- * @schema BucketSpecStsProvider
- */
-export declare enum BucketSpecStsProvider {
-    /** aws */
-    AWS = "aws",
-    /** ldap */
-    LDAP = "ldap"
-}
-/**
- * SecretRef specifies the Secret containing authentication credentials
- * for the STS endpoint. This Secret must contain the fields `username`
- * and `password` and is supported only for the `ldap` provider.
- *
- * @schema BucketSpecStsSecretRef
- */
-export interface BucketSpecStsSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketSpecStsSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketSpecStsSecretRef' to JSON representation.
- */
-export declare function toJson_BucketSpecStsSecretRef(obj: BucketSpecStsSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Bucket is the Schema for the buckets API
- *
- * @schema BucketV1Beta1
- */
-export declare class BucketV1Beta1 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "BucketV1Beta1"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "BucketV1Beta1".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: BucketV1Beta1Props): any;
-    /**
-     * Defines a "BucketV1Beta1" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: BucketV1Beta1Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * Bucket is the Schema for the buckets API
- *
- * @schema BucketV1Beta1
- */
-export interface BucketV1Beta1Props {
-    /**
-     * @schema BucketV1Beta1#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * BucketSpec defines the desired state of an S3 compatible bucket
-     *
-     * @schema BucketV1Beta1#spec
-     */
-    readonly spec?: BucketV1Beta1Spec;
-}
-/**
- * Converts an object of type 'BucketV1Beta1Props' to JSON representation.
- */
-export declare function toJson_BucketV1Beta1Props(obj: BucketV1Beta1Props | undefined): Record<string, any> | undefined;
-/**
- * BucketSpec defines the desired state of an S3 compatible bucket
- *
- * @schema BucketV1Beta1Spec
- */
-export interface BucketV1Beta1Spec {
-    /**
-     * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
-     *
-     * @schema BucketV1Beta1Spec#accessFrom
-     */
-    readonly accessFrom?: BucketV1Beta1SpecAccessFrom;
-    /**
-     * The bucket name.
-     *
-     * @schema BucketV1Beta1Spec#bucketName
-     */
-    readonly bucketName: string;
-    /**
-     * The bucket endpoint address.
-     *
-     * @schema BucketV1Beta1Spec#endpoint
-     */
-    readonly endpoint: string;
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema BucketV1Beta1Spec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Insecure allows connecting to a non-TLS S3 HTTP endpoint.
-     *
-     * @schema BucketV1Beta1Spec#insecure
-     */
-    readonly insecure?: boolean;
-    /**
-     * The interval at which to check for bucket updates.
-     *
-     * @schema BucketV1Beta1Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * The S3 compatible storage provider name, default ('generic').
-     *
-     * @schema BucketV1Beta1Spec#provider
-     */
-    readonly provider?: BucketV1Beta1SpecProvider;
-    /**
-     * The bucket region.
-     *
-     * @schema BucketV1Beta1Spec#region
-     */
-    readonly region?: string;
-    /**
-     * The name of the secret containing authentication credentials
-     * for the Bucket.
-     *
-     * @schema BucketV1Beta1Spec#secretRef
-     */
-    readonly secretRef?: BucketV1Beta1SpecSecretRef;
-    /**
-     * This flag tells the controller to suspend the reconciliation of this source.
-     *
-     * @schema BucketV1Beta1Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * The timeout for download operations, defaults to 60s.
-     *
-     * @schema BucketV1Beta1Spec#timeout
-     */
-    readonly timeout?: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta1Spec' to JSON representation.
- */
-export declare function toJson_BucketV1Beta1Spec(obj: BucketV1Beta1Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
- *
- * @schema BucketV1Beta1SpecAccessFrom
- */
-export interface BucketV1Beta1SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema BucketV1Beta1SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: BucketV1Beta1SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'BucketV1Beta1SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_BucketV1Beta1SpecAccessFrom(obj: BucketV1Beta1SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * The S3 compatible storage provider name, default ('generic').
- *
- * @schema BucketV1Beta1SpecProvider
- */
-export declare enum BucketV1Beta1SpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** aws */
-    AWS = "aws",
-    /** gcp */
-    GCP = "gcp"
-}
-/**
- * The name of the secret containing authentication credentials
- * for the Bucket.
- *
- * @schema BucketV1Beta1SpecSecretRef
- */
-export interface BucketV1Beta1SpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketV1Beta1SpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta1SpecSecretRef' to JSON representation.
- */
-export declare function toJson_BucketV1Beta1SpecSecretRef(obj: BucketV1Beta1SpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema BucketV1Beta1SpecAccessFromNamespaceSelectors
- */
-export interface BucketV1Beta1SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema BucketV1Beta1SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'BucketV1Beta1SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_BucketV1Beta1SpecAccessFromNamespaceSelectors(obj: BucketV1Beta1SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * Bucket is the Schema for the buckets API.
- *
- * @schema BucketV1Beta2
- */
-export declare class BucketV1Beta2 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "BucketV1Beta2"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "BucketV1Beta2".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: BucketV1Beta2Props): any;
-    /**
-     * Defines a "BucketV1Beta2" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: BucketV1Beta2Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * Bucket is the Schema for the buckets API.
- *
- * @schema BucketV1Beta2
- */
-export interface BucketV1Beta2Props {
-    /**
-     * @schema BucketV1Beta2#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * BucketSpec specifies the required configuration to produce an Artifact for
-     * an object storage bucket.
-     *
-     * @schema BucketV1Beta2#spec
-     */
-    readonly spec?: BucketV1Beta2Spec;
-}
-/**
- * Converts an object of type 'BucketV1Beta2Props' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2Props(obj: BucketV1Beta2Props | undefined): Record<string, any> | undefined;
-/**
- * BucketSpec specifies the required configuration to produce an Artifact for
- * an object storage bucket.
- *
- * @schema BucketV1Beta2Spec
- */
-export interface BucketV1Beta2Spec {
-    /**
-     * AccessFrom specifies an Access Control List for allowing cross-namespace
-     * references to this object.
-     * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
-     *
-     * @schema BucketV1Beta2Spec#accessFrom
-     */
-    readonly accessFrom?: BucketV1Beta2SpecAccessFrom;
-    /**
-     * BucketName is the name of the object storage bucket.
-     *
-     * @schema BucketV1Beta2Spec#bucketName
-     */
-    readonly bucketName: string;
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * bucket. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * This field is only supported for the `generic` provider.
-     *
-     * @schema BucketV1Beta2Spec#certSecretRef
-     */
-    readonly certSecretRef?: BucketV1Beta2SpecCertSecretRef;
-    /**
-     * Endpoint is the object storage address the BucketName is located at.
-     *
-     * @schema BucketV1Beta2Spec#endpoint
-     */
-    readonly endpoint: string;
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema BucketV1Beta2Spec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Insecure allows connecting to a non-TLS HTTP Endpoint.
-     *
-     * @schema BucketV1Beta2Spec#insecure
-     */
-    readonly insecure?: boolean;
-    /**
-     * Interval at which the Bucket Endpoint is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema BucketV1Beta2Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * Prefix to use for server-side filtering of files in the Bucket.
-     *
-     * @schema BucketV1Beta2Spec#prefix
-     */
-    readonly prefix?: string;
-    /**
-     * Provider of the object storage bucket.
-     * Defaults to 'generic', which expects an S3 (API) compatible object
-     * storage.
-     *
-     * @default generic', which expects an S3 (API) compatible object
-     * @schema BucketV1Beta2Spec#provider
-     */
-    readonly provider?: BucketV1Beta2SpecProvider;
-    /**
-     * ProxySecretRef specifies the Secret containing the proxy configuration
-     * to use while communicating with the Bucket server.
-     *
-     * @schema BucketV1Beta2Spec#proxySecretRef
-     */
-    readonly proxySecretRef?: BucketV1Beta2SpecProxySecretRef;
-    /**
-     * Region of the Endpoint where the BucketName is located in.
-     *
-     * @schema BucketV1Beta2Spec#region
-     */
-    readonly region?: string;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials
-     * for the Bucket.
-     *
-     * @schema BucketV1Beta2Spec#secretRef
-     */
-    readonly secretRef?: BucketV1Beta2SpecSecretRef;
-    /**
-     * STS specifies the required configuration to use a Security Token
-     * Service for fetching temporary credentials to authenticate in a
-     * Bucket provider.
-     *
-     * This field is only supported for the `aws` and `generic` providers.
-     *
-     * @schema BucketV1Beta2Spec#sts
-     */
-    readonly sts?: BucketV1Beta2SpecSts;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * Bucket.
-     *
-     * @schema BucketV1Beta2Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Timeout for fetch operations, defaults to 60s.
-     *
-     * @schema BucketV1Beta2Spec#timeout
-     */
-    readonly timeout?: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta2Spec' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2Spec(obj: BucketV1Beta2Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom specifies an Access Control List for allowing cross-namespace
- * references to this object.
- * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- *
- * @schema BucketV1Beta2SpecAccessFrom
- */
-export interface BucketV1Beta2SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema BucketV1Beta2SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: BucketV1Beta2SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecAccessFrom(obj: BucketV1Beta2SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * bucket. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * This field is only supported for the `generic` provider.
- *
- * @schema BucketV1Beta2SpecCertSecretRef
- */
-export interface BucketV1Beta2SpecCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketV1Beta2SpecCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecCertSecretRef' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecCertSecretRef(obj: BucketV1Beta2SpecCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Provider of the object storage bucket.
- * Defaults to 'generic', which expects an S3 (API) compatible object
- * storage.
- *
- * @default generic', which expects an S3 (API) compatible object
- * @schema BucketV1Beta2SpecProvider
- */
-export declare enum BucketV1Beta2SpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** aws */
-    AWS = "aws",
-    /** gcp */
-    GCP = "gcp",
-    /** azure */
-    AZURE = "azure"
-}
-/**
- * ProxySecretRef specifies the Secret containing the proxy configuration
- * to use while communicating with the Bucket server.
- *
- * @schema BucketV1Beta2SpecProxySecretRef
- */
-export interface BucketV1Beta2SpecProxySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketV1Beta2SpecProxySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecProxySecretRef' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecProxySecretRef(obj: BucketV1Beta2SpecProxySecretRef | undefined): Record<string, any> | undefined;
-/**
- * SecretRef specifies the Secret containing authentication credentials
- * for the Bucket.
- *
- * @schema BucketV1Beta2SpecSecretRef
- */
-export interface BucketV1Beta2SpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketV1Beta2SpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecSecretRef' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecSecretRef(obj: BucketV1Beta2SpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * STS specifies the required configuration to use a Security Token
- * Service for fetching temporary credentials to authenticate in a
- * Bucket provider.
- *
- * This field is only supported for the `aws` and `generic` providers.
- *
- * @schema BucketV1Beta2SpecSts
- */
-export interface BucketV1Beta2SpecSts {
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * STS endpoint. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * This field is only supported for the `ldap` provider.
-     *
-     * @schema BucketV1Beta2SpecSts#certSecretRef
-     */
-    readonly certSecretRef?: BucketV1Beta2SpecStsCertSecretRef;
-    /**
-     * Endpoint is the HTTP/S endpoint of the Security Token Service from
-     * where temporary credentials will be fetched.
-     *
-     * @schema BucketV1Beta2SpecSts#endpoint
-     */
-    readonly endpoint: string;
-    /**
-     * Provider of the Security Token Service.
-     *
-     * @schema BucketV1Beta2SpecSts#provider
-     */
-    readonly provider: BucketV1Beta2SpecStsProvider;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials
-     * for the STS endpoint. This Secret must contain the fields `username`
-     * and `password` and is supported only for the `ldap` provider.
-     *
-     * @schema BucketV1Beta2SpecSts#secretRef
-     */
-    readonly secretRef?: BucketV1Beta2SpecStsSecretRef;
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecSts' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecSts(obj: BucketV1Beta2SpecSts | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema BucketV1Beta2SpecAccessFromNamespaceSelectors
- */
-export interface BucketV1Beta2SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema BucketV1Beta2SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecAccessFromNamespaceSelectors(obj: BucketV1Beta2SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * STS endpoint. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * This field is only supported for the `ldap` provider.
- *
- * @schema BucketV1Beta2SpecStsCertSecretRef
- */
-export interface BucketV1Beta2SpecStsCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketV1Beta2SpecStsCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecStsCertSecretRef' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecStsCertSecretRef(obj: BucketV1Beta2SpecStsCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Provider of the Security Token Service.
- *
- * @schema BucketV1Beta2SpecStsProvider
- */
-export declare enum BucketV1Beta2SpecStsProvider {
-    /** aws */
-    AWS = "aws",
-    /** ldap */
-    LDAP = "ldap"
-}
-/**
- * SecretRef specifies the Secret containing authentication credentials
- * for the STS endpoint. This Secret must contain the fields `username`
- * and `password` and is supported only for the `ldap` provider.
- *
- * @schema BucketV1Beta2SpecStsSecretRef
- */
-export interface BucketV1Beta2SpecStsSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema BucketV1Beta2SpecStsSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'BucketV1Beta2SpecStsSecretRef' to JSON representation.
- */
-export declare function toJson_BucketV1Beta2SpecStsSecretRef(obj: BucketV1Beta2SpecStsSecretRef | undefined): Record<string, any> | undefined;
-/**
- * GitRepository is the Schema for the gitrepositories API.
- *
- * @schema GitRepository
- */
-export declare class GitRepository extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "GitRepository"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "GitRepository".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: GitRepositoryProps): any;
-    /**
-     * Defines a "GitRepository" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: GitRepositoryProps);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * GitRepository is the Schema for the gitrepositories API.
- *
- * @schema GitRepository
- */
-export interface GitRepositoryProps {
-    /**
-     * @schema GitRepository#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * GitRepositorySpec specifies the required configuration to produce an
-     * Artifact for a Git repository.
-     *
-     * @schema GitRepository#spec
-     */
-    readonly spec?: GitRepositorySpec;
-}
-/**
- * Converts an object of type 'GitRepositoryProps' to JSON representation.
- */
-export declare function toJson_GitRepositoryProps(obj: GitRepositoryProps | undefined): Record<string, any> | undefined;
-/**
- * GitRepositorySpec specifies the required configuration to produce an
- * Artifact for a Git repository.
- *
- * @schema GitRepositorySpec
- */
-export interface GitRepositorySpec {
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema GitRepositorySpec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Include specifies a list of GitRepository resources which Artifacts
-     * should be included in the Artifact produced for this GitRepository.
-     *
-     * @schema GitRepositorySpec#include
-     */
-    readonly include?: GitRepositorySpecInclude[];
-    /**
-     * Interval at which the GitRepository URL is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema GitRepositorySpec#interval
-     */
-    readonly interval: string;
-    /**
-     * Provider used for authentication, can be 'azure', 'github', 'generic'.
-     * When not specified, defaults to 'generic'.
-     *
-     * @schema GitRepositorySpec#provider
-     */
-    readonly provider?: GitRepositorySpecProvider;
-    /**
-     * ProxySecretRef specifies the Secret containing the proxy configuration
-     * to use while communicating with the Git server.
-     *
-     * @schema GitRepositorySpec#proxySecretRef
-     */
-    readonly proxySecretRef?: GitRepositorySpecProxySecretRef;
-    /**
-     * RecurseSubmodules enables the initialization of all submodules within
-     * the GitRepository as cloned from the URL, using their default settings.
-     *
-     * @schema GitRepositorySpec#recurseSubmodules
-     */
-    readonly recurseSubmodules?: boolean;
-    /**
-     * Reference specifies the Git reference to resolve and monitor for
-     * changes, defaults to the 'master' branch.
-     *
-     * @schema GitRepositorySpec#ref
-     */
-    readonly ref?: GitRepositorySpecRef;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials for
-     * the GitRepository.
-     * For HTTPS repositories the Secret must contain 'username' and 'password'
-     * fields for basic auth or 'bearerToken' field for token auth.
-     * For SSH repositories the Secret must contain 'identity'
-     * and 'known_hosts' fields.
-     *
-     * @schema GitRepositorySpec#secretRef
-     */
-    readonly secretRef?: GitRepositorySpecSecretRef;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * GitRepository.
-     *
-     * @schema GitRepositorySpec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Timeout for Git operations like cloning, defaults to 60s.
-     *
-     * @schema GitRepositorySpec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * URL specifies the Git repository URL, it can be an HTTP/S or SSH address.
-     *
-     * @schema GitRepositorySpec#url
-     */
-    readonly url: string;
-    /**
-     * Verification specifies the configuration to verify the Git commit
-     * signature(s).
-     *
-     * @schema GitRepositorySpec#verify
-     */
-    readonly verify?: GitRepositorySpecVerify;
-}
-/**
- * Converts an object of type 'GitRepositorySpec' to JSON representation.
- */
-export declare function toJson_GitRepositorySpec(obj: GitRepositorySpec | undefined): Record<string, any> | undefined;
-/**
- * GitRepositoryInclude specifies a local reference to a GitRepository which
- * Artifact (sub-)contents must be included, and where they should be placed.
- *
- * @schema GitRepositorySpecInclude
- */
-export interface GitRepositorySpecInclude {
-    /**
-     * FromPath specifies the path to copy contents from, defaults to the root
-     * of the Artifact.
-     *
-     * @schema GitRepositorySpecInclude#fromPath
-     */
-    readonly fromPath?: string;
-    /**
-     * GitRepositoryRef specifies the GitRepository which Artifact contents
-     * must be included.
-     *
-     * @schema GitRepositorySpecInclude#repository
-     */
-    readonly repository: GitRepositorySpecIncludeRepository;
-    /**
-     * ToPath specifies the path to copy contents to, defaults to the name of
-     * the GitRepositoryRef.
-     *
-     * @schema GitRepositorySpecInclude#toPath
-     */
-    readonly toPath?: string;
-}
-/**
- * Converts an object of type 'GitRepositorySpecInclude' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecInclude(obj: GitRepositorySpecInclude | undefined): Record<string, any> | undefined;
-/**
- * Provider used for authentication, can be 'azure', 'github', 'generic'.
- * When not specified, defaults to 'generic'.
- *
- * @schema GitRepositorySpecProvider
- */
-export declare enum GitRepositorySpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** azure */
-    AZURE = "azure",
-    /** github */
-    GITHUB = "github"
-}
-/**
- * ProxySecretRef specifies the Secret containing the proxy configuration
- * to use while communicating with the Git server.
- *
- * @schema GitRepositorySpecProxySecretRef
- */
-export interface GitRepositorySpecProxySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositorySpecProxySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositorySpecProxySecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecProxySecretRef(obj: GitRepositorySpecProxySecretRef | undefined): Record<string, any> | undefined;
-/**
- * Reference specifies the Git reference to resolve and monitor for
- * changes, defaults to the 'master' branch.
- *
- * @schema GitRepositorySpecRef
- */
-export interface GitRepositorySpecRef {
-    /**
-     * Branch to check out, defaults to 'master' if no other field is defined.
-     *
-     * @schema GitRepositorySpecRef#branch
-     */
-    readonly branch?: string;
-    /**
-     * Commit SHA to check out, takes precedence over all reference fields.
-     *
-     * This can be combined with Branch to shallow clone the branch, in which
-     * the commit is expected to exist.
-     *
-     * @schema GitRepositorySpecRef#commit
-     */
-    readonly commit?: string;
-    /**
-     * Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
-     *
-     * It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
-     * Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
-     *
-     * @schema GitRepositorySpecRef#name
-     */
-    readonly name?: string;
-    /**
-     * SemVer tag expression to check out, takes precedence over Tag.
-     *
-     * @schema GitRepositorySpecRef#semver
-     */
-    readonly semver?: string;
-    /**
-     * Tag to check out, takes precedence over Branch.
-     *
-     * @schema GitRepositorySpecRef#tag
-     */
-    readonly tag?: string;
-}
-/**
- * Converts an object of type 'GitRepositorySpecRef' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecRef(obj: GitRepositorySpecRef | undefined): Record<string, any> | undefined;
-/**
- * SecretRef specifies the Secret containing authentication credentials for
- * the GitRepository.
- * For HTTPS repositories the Secret must contain 'username' and 'password'
- * fields for basic auth or 'bearerToken' field for token auth.
- * For SSH repositories the Secret must contain 'identity'
- * and 'known_hosts' fields.
- *
- * @schema GitRepositorySpecSecretRef
- */
-export interface GitRepositorySpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositorySpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositorySpecSecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecSecretRef(obj: GitRepositorySpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Verification specifies the configuration to verify the Git commit
- * signature(s).
- *
- * @schema GitRepositorySpecVerify
- */
-export interface GitRepositorySpecVerify {
-    /**
-     * Mode specifies which Git object(s) should be verified.
-     *
-     * The variants "head" and "HEAD" both imply the same thing, i.e. verify
-     * the commit that the HEAD of the Git repository points to. The variant
-     * "head" solely exists to ensure backwards compatibility.
-     *
-     * @schema GitRepositorySpecVerify#mode
-     */
-    readonly mode?: GitRepositorySpecVerifyMode;
-    /**
-     * SecretRef specifies the Secret containing the public keys of trusted Git
-     * authors.
-     *
-     * @schema GitRepositorySpecVerify#secretRef
-     */
-    readonly secretRef: GitRepositorySpecVerifySecretRef;
-}
-/**
- * Converts an object of type 'GitRepositorySpecVerify' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecVerify(obj: GitRepositorySpecVerify | undefined): Record<string, any> | undefined;
-/**
- * GitRepositoryRef specifies the GitRepository which Artifact contents
- * must be included.
- *
- * @schema GitRepositorySpecIncludeRepository
- */
-export interface GitRepositorySpecIncludeRepository {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositorySpecIncludeRepository#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositorySpecIncludeRepository' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecIncludeRepository(obj: GitRepositorySpecIncludeRepository | undefined): Record<string, any> | undefined;
-/**
- * Mode specifies which Git object(s) should be verified.
- *
- * The variants "head" and "HEAD" both imply the same thing, i.e. verify
- * the commit that the HEAD of the Git repository points to. The variant
- * "head" solely exists to ensure backwards compatibility.
- *
- * @schema GitRepositorySpecVerifyMode
- */
-export declare enum GitRepositorySpecVerifyMode {
-    /** head */
-    HEAD = "head",
-    /** Tag */
-    TAG = "Tag",
-    /** TagAndHEAD */
-    TAG_AND_HEAD = "TagAndHEAD"
-}
-/**
- * SecretRef specifies the Secret containing the public keys of trusted Git
- * authors.
- *
- * @schema GitRepositorySpecVerifySecretRef
- */
-export interface GitRepositorySpecVerifySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositorySpecVerifySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositorySpecVerifySecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositorySpecVerifySecretRef(obj: GitRepositorySpecVerifySecretRef | undefined): Record<string, any> | undefined;
-/**
- * GitRepository is the Schema for the gitrepositories API
- *
- * @schema GitRepositoryV1Beta1
- */
-export declare class GitRepositoryV1Beta1 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "GitRepositoryV1Beta1"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "GitRepositoryV1Beta1".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: GitRepositoryV1Beta1Props): any;
-    /**
-     * Defines a "GitRepositoryV1Beta1" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: GitRepositoryV1Beta1Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * GitRepository is the Schema for the gitrepositories API
- *
- * @schema GitRepositoryV1Beta1
- */
-export interface GitRepositoryV1Beta1Props {
-    /**
-     * @schema GitRepositoryV1Beta1#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * GitRepositorySpec defines the desired state of a Git repository.
-     *
-     * @schema GitRepositoryV1Beta1#spec
-     */
-    readonly spec?: GitRepositoryV1Beta1Spec;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1Props' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1Props(obj: GitRepositoryV1Beta1Props | undefined): Record<string, any> | undefined;
-/**
- * GitRepositorySpec defines the desired state of a Git repository.
- *
- * @schema GitRepositoryV1Beta1Spec
- */
-export interface GitRepositoryV1Beta1Spec {
-    /**
-     * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
-     *
-     * @schema GitRepositoryV1Beta1Spec#accessFrom
-     */
-    readonly accessFrom?: GitRepositoryV1Beta1SpecAccessFrom;
-    /**
-     * Determines which git client library to use.
-     * Defaults to go-git, valid values are ('go-git', 'libgit2').
-     *
-     * @default go-git, valid values are ('go-git', 'libgit2').
-     * @schema GitRepositoryV1Beta1Spec#gitImplementation
-     */
-    readonly gitImplementation?: GitRepositoryV1Beta1SpecGitImplementation;
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema GitRepositoryV1Beta1Spec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Extra git repositories to map into the repository
-     *
-     * @schema GitRepositoryV1Beta1Spec#include
-     */
-    readonly include?: GitRepositoryV1Beta1SpecInclude[];
-    /**
-     * The interval at which to check for repository updates.
-     *
-     * @schema GitRepositoryV1Beta1Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * When enabled, after the clone is created, initializes all submodules within,
-     * using their default settings.
-     * This option is available only when using the 'go-git' GitImplementation.
-     *
-     * @schema GitRepositoryV1Beta1Spec#recurseSubmodules
-     */
-    readonly recurseSubmodules?: boolean;
-    /**
-     * The Git reference to checkout and monitor for changes, defaults to
-     * master branch.
-     *
-     * @schema GitRepositoryV1Beta1Spec#ref
-     */
-    readonly ref?: GitRepositoryV1Beta1SpecRef;
-    /**
-     * The secret name containing the Git credentials.
-     * For HTTPS repositories the secret must contain username and password
-     * fields.
-     * For SSH repositories the secret must contain identity and known_hosts
-     * fields.
-     *
-     * @schema GitRepositoryV1Beta1Spec#secretRef
-     */
-    readonly secretRef?: GitRepositoryV1Beta1SpecSecretRef;
-    /**
-     * This flag tells the controller to suspend the reconciliation of this source.
-     *
-     * @schema GitRepositoryV1Beta1Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * The timeout for remote Git operations like cloning, defaults to 60s.
-     *
-     * @schema GitRepositoryV1Beta1Spec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * The repository URL, can be a HTTP/S or SSH address.
-     *
-     * @schema GitRepositoryV1Beta1Spec#url
-     */
-    readonly url: string;
-    /**
-     * Verify OpenPGP signature for the Git commit HEAD points to.
-     *
-     * @schema GitRepositoryV1Beta1Spec#verify
-     */
-    readonly verify?: GitRepositoryV1Beta1SpecVerify;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1Spec' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1Spec(obj: GitRepositoryV1Beta1Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
- *
- * @schema GitRepositoryV1Beta1SpecAccessFrom
- */
-export interface GitRepositoryV1Beta1SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema GitRepositoryV1Beta1SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecAccessFrom(obj: GitRepositoryV1Beta1SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * Determines which git client library to use.
- * Defaults to go-git, valid values are ('go-git', 'libgit2').
- *
- * @default go-git, valid values are ('go-git', 'libgit2').
- * @schema GitRepositoryV1Beta1SpecGitImplementation
- */
-export declare enum GitRepositoryV1Beta1SpecGitImplementation {
-    /** go-git */
-    GO_HYPHEN_GIT = "go-git",
-    /** libgit2 */
-    LIBGIT2 = "libgit2"
-}
-/**
- * GitRepositoryInclude defines a source with a from and to path.
- *
- * @schema GitRepositoryV1Beta1SpecInclude
- */
-export interface GitRepositoryV1Beta1SpecInclude {
-    /**
-     * The path to copy contents from, defaults to the root directory.
-     *
-     * @schema GitRepositoryV1Beta1SpecInclude#fromPath
-     */
-    readonly fromPath?: string;
-    /**
-     * Reference to a GitRepository to include.
-     *
-     * @schema GitRepositoryV1Beta1SpecInclude#repository
-     */
-    readonly repository: GitRepositoryV1Beta1SpecIncludeRepository;
-    /**
-     * The path to copy contents to, defaults to the name of the source ref.
-     *
-     * @schema GitRepositoryV1Beta1SpecInclude#toPath
-     */
-    readonly toPath?: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecInclude' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecInclude(obj: GitRepositoryV1Beta1SpecInclude | undefined): Record<string, any> | undefined;
-/**
- * The Git reference to checkout and monitor for changes, defaults to
- * master branch.
- *
- * @schema GitRepositoryV1Beta1SpecRef
- */
-export interface GitRepositoryV1Beta1SpecRef {
-    /**
-     * The Git branch to checkout, defaults to master.
-     *
-     * @schema GitRepositoryV1Beta1SpecRef#branch
-     */
-    readonly branch?: string;
-    /**
-     * The Git commit SHA to checkout, if specified Tag filters will be ignored.
-     *
-     * @schema GitRepositoryV1Beta1SpecRef#commit
-     */
-    readonly commit?: string;
-    /**
-     * The Git tag semver expression, takes precedence over Tag.
-     *
-     * @schema GitRepositoryV1Beta1SpecRef#semver
-     */
-    readonly semver?: string;
-    /**
-     * The Git tag to checkout, takes precedence over Branch.
-     *
-     * @schema GitRepositoryV1Beta1SpecRef#tag
-     */
-    readonly tag?: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecRef' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecRef(obj: GitRepositoryV1Beta1SpecRef | undefined): Record<string, any> | undefined;
-/**
- * The secret name containing the Git credentials.
- * For HTTPS repositories the secret must contain username and password
- * fields.
- * For SSH repositories the secret must contain identity and known_hosts
- * fields.
- *
- * @schema GitRepositoryV1Beta1SpecSecretRef
- */
-export interface GitRepositoryV1Beta1SpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositoryV1Beta1SpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecSecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecSecretRef(obj: GitRepositoryV1Beta1SpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Verify OpenPGP signature for the Git commit HEAD points to.
- *
- * @schema GitRepositoryV1Beta1SpecVerify
- */
-export interface GitRepositoryV1Beta1SpecVerify {
-    /**
-     * Mode describes what git object should be verified, currently ('head').
-     *
-     * @schema GitRepositoryV1Beta1SpecVerify#mode
-     */
-    readonly mode: GitRepositoryV1Beta1SpecVerifyMode;
-    /**
-     * The secret name containing the public keys of all trusted Git authors.
-     *
-     * @schema GitRepositoryV1Beta1SpecVerify#secretRef
-     */
-    readonly secretRef?: GitRepositoryV1Beta1SpecVerifySecretRef;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecVerify' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecVerify(obj: GitRepositoryV1Beta1SpecVerify | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors
- */
-export interface GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors(obj: GitRepositoryV1Beta1SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * Reference to a GitRepository to include.
- *
- * @schema GitRepositoryV1Beta1SpecIncludeRepository
- */
-export interface GitRepositoryV1Beta1SpecIncludeRepository {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositoryV1Beta1SpecIncludeRepository#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecIncludeRepository' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecIncludeRepository(obj: GitRepositoryV1Beta1SpecIncludeRepository | undefined): Record<string, any> | undefined;
-/**
- * Mode describes what git object should be verified, currently ('head').
- *
- * @schema GitRepositoryV1Beta1SpecVerifyMode
- */
-export declare enum GitRepositoryV1Beta1SpecVerifyMode {
-    /** head */
-    HEAD = "head"
-}
-/**
- * The secret name containing the public keys of all trusted Git authors.
- *
- * @schema GitRepositoryV1Beta1SpecVerifySecretRef
- */
-export interface GitRepositoryV1Beta1SpecVerifySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositoryV1Beta1SpecVerifySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta1SpecVerifySecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta1SpecVerifySecretRef(obj: GitRepositoryV1Beta1SpecVerifySecretRef | undefined): Record<string, any> | undefined;
-/**
- * GitRepository is the Schema for the gitrepositories API.
- *
- * @schema GitRepositoryV1Beta2
- */
-export declare class GitRepositoryV1Beta2 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "GitRepositoryV1Beta2"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "GitRepositoryV1Beta2".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: GitRepositoryV1Beta2Props): any;
-    /**
-     * Defines a "GitRepositoryV1Beta2" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: GitRepositoryV1Beta2Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * GitRepository is the Schema for the gitrepositories API.
- *
- * @schema GitRepositoryV1Beta2
- */
-export interface GitRepositoryV1Beta2Props {
-    /**
-     * @schema GitRepositoryV1Beta2#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * GitRepositorySpec specifies the required configuration to produce an
-     * Artifact for a Git repository.
-     *
-     * @schema GitRepositoryV1Beta2#spec
-     */
-    readonly spec?: GitRepositoryV1Beta2Spec;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2Props' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2Props(obj: GitRepositoryV1Beta2Props | undefined): Record<string, any> | undefined;
-/**
- * GitRepositorySpec specifies the required configuration to produce an
- * Artifact for a Git repository.
- *
- * @schema GitRepositoryV1Beta2Spec
- */
-export interface GitRepositoryV1Beta2Spec {
-    /**
-     * AccessFrom specifies an Access Control List for allowing cross-namespace
-     * references to this object.
-     * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
-     *
-     * @schema GitRepositoryV1Beta2Spec#accessFrom
-     */
-    readonly accessFrom?: GitRepositoryV1Beta2SpecAccessFrom;
-    /**
-     * GitImplementation specifies which Git client library implementation to
-     * use. Defaults to 'go-git', valid values are ('go-git', 'libgit2').
-     * Deprecated: gitImplementation is deprecated now that 'go-git' is the
-     * only supported implementation.
-     *
-     * @default go-git', valid values are ('go-git', 'libgit2').
-     * @schema GitRepositoryV1Beta2Spec#gitImplementation
-     */
-    readonly gitImplementation?: GitRepositoryV1Beta2SpecGitImplementation;
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema GitRepositoryV1Beta2Spec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Include specifies a list of GitRepository resources which Artifacts
-     * should be included in the Artifact produced for this GitRepository.
-     *
-     * @schema GitRepositoryV1Beta2Spec#include
-     */
-    readonly include?: GitRepositoryV1Beta2SpecInclude[];
-    /**
-     * Interval at which to check the GitRepository for updates.
-     *
-     * @schema GitRepositoryV1Beta2Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * RecurseSubmodules enables the initialization of all submodules within
-     * the GitRepository as cloned from the URL, using their default settings.
-     *
-     * @schema GitRepositoryV1Beta2Spec#recurseSubmodules
-     */
-    readonly recurseSubmodules?: boolean;
-    /**
-     * Reference specifies the Git reference to resolve and monitor for
-     * changes, defaults to the 'master' branch.
-     *
-     * @schema GitRepositoryV1Beta2Spec#ref
-     */
-    readonly ref?: GitRepositoryV1Beta2SpecRef;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials for
-     * the GitRepository.
-     * For HTTPS repositories the Secret must contain 'username' and 'password'
-     * fields for basic auth or 'bearerToken' field for token auth.
-     * For SSH repositories the Secret must contain 'identity'
-     * and 'known_hosts' fields.
-     *
-     * @schema GitRepositoryV1Beta2Spec#secretRef
-     */
-    readonly secretRef?: GitRepositoryV1Beta2SpecSecretRef;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * GitRepository.
-     *
-     * @schema GitRepositoryV1Beta2Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Timeout for Git operations like cloning, defaults to 60s.
-     *
-     * @schema GitRepositoryV1Beta2Spec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * URL specifies the Git repository URL, it can be an HTTP/S or SSH address.
-     *
-     * @schema GitRepositoryV1Beta2Spec#url
-     */
-    readonly url: string;
-    /**
-     * Verification specifies the configuration to verify the Git commit
-     * signature(s).
-     *
-     * @schema GitRepositoryV1Beta2Spec#verify
-     */
-    readonly verify?: GitRepositoryV1Beta2SpecVerify;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2Spec' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2Spec(obj: GitRepositoryV1Beta2Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom specifies an Access Control List for allowing cross-namespace
- * references to this object.
- * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- *
- * @schema GitRepositoryV1Beta2SpecAccessFrom
- */
-export interface GitRepositoryV1Beta2SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema GitRepositoryV1Beta2SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecAccessFrom(obj: GitRepositoryV1Beta2SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * GitImplementation specifies which Git client library implementation to
- * use. Defaults to 'go-git', valid values are ('go-git', 'libgit2').
- * Deprecated: gitImplementation is deprecated now that 'go-git' is the
- * only supported implementation.
- *
- * @default go-git', valid values are ('go-git', 'libgit2').
- * @schema GitRepositoryV1Beta2SpecGitImplementation
- */
-export declare enum GitRepositoryV1Beta2SpecGitImplementation {
-    /** go-git */
-    GO_HYPHEN_GIT = "go-git",
-    /** libgit2 */
-    LIBGIT2 = "libgit2"
-}
-/**
- * GitRepositoryInclude specifies a local reference to a GitRepository which
- * Artifact (sub-)contents must be included, and where they should be placed.
- *
- * @schema GitRepositoryV1Beta2SpecInclude
- */
-export interface GitRepositoryV1Beta2SpecInclude {
-    /**
-     * FromPath specifies the path to copy contents from, defaults to the root
-     * of the Artifact.
-     *
-     * @schema GitRepositoryV1Beta2SpecInclude#fromPath
-     */
-    readonly fromPath?: string;
-    /**
-     * GitRepositoryRef specifies the GitRepository which Artifact contents
-     * must be included.
-     *
-     * @schema GitRepositoryV1Beta2SpecInclude#repository
-     */
-    readonly repository: GitRepositoryV1Beta2SpecIncludeRepository;
-    /**
-     * ToPath specifies the path to copy contents to, defaults to the name of
-     * the GitRepositoryRef.
-     *
-     * @schema GitRepositoryV1Beta2SpecInclude#toPath
-     */
-    readonly toPath?: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecInclude' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecInclude(obj: GitRepositoryV1Beta2SpecInclude | undefined): Record<string, any> | undefined;
-/**
- * Reference specifies the Git reference to resolve and monitor for
- * changes, defaults to the 'master' branch.
- *
- * @schema GitRepositoryV1Beta2SpecRef
- */
-export interface GitRepositoryV1Beta2SpecRef {
-    /**
-     * Branch to check out, defaults to 'master' if no other field is defined.
-     *
-     * @schema GitRepositoryV1Beta2SpecRef#branch
-     */
-    readonly branch?: string;
-    /**
-     * Commit SHA to check out, takes precedence over all reference fields.
-     *
-     * This can be combined with Branch to shallow clone the branch, in which
-     * the commit is expected to exist.
-     *
-     * @schema GitRepositoryV1Beta2SpecRef#commit
-     */
-    readonly commit?: string;
-    /**
-     * Name of the reference to check out; takes precedence over Branch, Tag and SemVer.
-     *
-     * It must be a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
-     * Examples: "refs/heads/main", "refs/tags/v0.1.0", "refs/pull/420/head", "refs/merge-requests/1/head"
-     *
-     * @schema GitRepositoryV1Beta2SpecRef#name
-     */
-    readonly name?: string;
-    /**
-     * SemVer tag expression to check out, takes precedence over Tag.
-     *
-     * @schema GitRepositoryV1Beta2SpecRef#semver
-     */
-    readonly semver?: string;
-    /**
-     * Tag to check out, takes precedence over Branch.
-     *
-     * @schema GitRepositoryV1Beta2SpecRef#tag
-     */
-    readonly tag?: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecRef' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecRef(obj: GitRepositoryV1Beta2SpecRef | undefined): Record<string, any> | undefined;
-/**
- * SecretRef specifies the Secret containing authentication credentials for
- * the GitRepository.
- * For HTTPS repositories the Secret must contain 'username' and 'password'
- * fields for basic auth or 'bearerToken' field for token auth.
- * For SSH repositories the Secret must contain 'identity'
- * and 'known_hosts' fields.
- *
- * @schema GitRepositoryV1Beta2SpecSecretRef
- */
-export interface GitRepositoryV1Beta2SpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositoryV1Beta2SpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecSecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecSecretRef(obj: GitRepositoryV1Beta2SpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Verification specifies the configuration to verify the Git commit
- * signature(s).
- *
- * @schema GitRepositoryV1Beta2SpecVerify
- */
-export interface GitRepositoryV1Beta2SpecVerify {
-    /**
-     * Mode specifies what Git object should be verified, currently ('head').
-     *
-     * @schema GitRepositoryV1Beta2SpecVerify#mode
-     */
-    readonly mode: GitRepositoryV1Beta2SpecVerifyMode;
-    /**
-     * SecretRef specifies the Secret containing the public keys of trusted Git
-     * authors.
-     *
-     * @schema GitRepositoryV1Beta2SpecVerify#secretRef
-     */
-    readonly secretRef: GitRepositoryV1Beta2SpecVerifySecretRef;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecVerify' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecVerify(obj: GitRepositoryV1Beta2SpecVerify | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors
- */
-export interface GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors(obj: GitRepositoryV1Beta2SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * GitRepositoryRef specifies the GitRepository which Artifact contents
- * must be included.
- *
- * @schema GitRepositoryV1Beta2SpecIncludeRepository
- */
-export interface GitRepositoryV1Beta2SpecIncludeRepository {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositoryV1Beta2SpecIncludeRepository#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecIncludeRepository' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecIncludeRepository(obj: GitRepositoryV1Beta2SpecIncludeRepository | undefined): Record<string, any> | undefined;
-/**
- * Mode specifies what Git object should be verified, currently ('head').
- *
- * @schema GitRepositoryV1Beta2SpecVerifyMode
- */
-export declare enum GitRepositoryV1Beta2SpecVerifyMode {
-    /** head */
-    HEAD = "head"
-}
-/**
- * SecretRef specifies the Secret containing the public keys of trusted Git
- * authors.
- *
- * @schema GitRepositoryV1Beta2SpecVerifySecretRef
- */
-export interface GitRepositoryV1Beta2SpecVerifySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema GitRepositoryV1Beta2SpecVerifySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'GitRepositoryV1Beta2SpecVerifySecretRef' to JSON representation.
- */
-export declare function toJson_GitRepositoryV1Beta2SpecVerifySecretRef(obj: GitRepositoryV1Beta2SpecVerifySecretRef | undefined): Record<string, any> | undefined;
-/**
- * HelmChart is the Schema for the helmcharts API.
- *
- * @schema HelmChart
- */
-export declare class HelmChart extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "HelmChart"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "HelmChart".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: HelmChartProps): any;
-    /**
-     * Defines a "HelmChart" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: HelmChartProps);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * HelmChart is the Schema for the helmcharts API.
- *
- * @schema HelmChart
- */
-export interface HelmChartProps {
-    /**
-     * @schema HelmChart#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * HelmChartSpec specifies the desired state of a Helm chart.
-     *
-     * @schema HelmChart#spec
-     */
-    readonly spec?: HelmChartSpec;
-}
-/**
- * Converts an object of type 'HelmChartProps' to JSON representation.
- */
-export declare function toJson_HelmChartProps(obj: HelmChartProps | undefined): Record<string, any> | undefined;
-/**
- * HelmChartSpec specifies the desired state of a Helm chart.
- *
- * @schema HelmChartSpec
- */
-export interface HelmChartSpec {
-    /**
-     * Chart is the name or path the Helm chart is available at in the
-     * SourceRef.
-     *
-     * @schema HelmChartSpec#chart
-     */
-    readonly chart: string;
-    /**
-     * IgnoreMissingValuesFiles controls whether to silently ignore missing values
-     * files rather than failing.
-     *
-     * @schema HelmChartSpec#ignoreMissingValuesFiles
-     */
-    readonly ignoreMissingValuesFiles?: boolean;
-    /**
-     * Interval at which the HelmChart SourceRef is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema HelmChartSpec#interval
-     */
-    readonly interval: string;
-    /**
-     * ReconcileStrategy determines what enables the creation of a new artifact.
-     * Valid values are ('ChartVersion', 'Revision').
-     * See the documentation of the values for an explanation on their behavior.
-     * Defaults to ChartVersion when omitted.
-     *
-     * @default ChartVersion when omitted.
-     * @schema HelmChartSpec#reconcileStrategy
-     */
-    readonly reconcileStrategy?: HelmChartSpecReconcileStrategy;
-    /**
-     * SourceRef is the reference to the Source the chart is available at.
-     *
-     * @schema HelmChartSpec#sourceRef
-     */
-    readonly sourceRef: HelmChartSpecSourceRef;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * source.
-     *
-     * @schema HelmChartSpec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * ValuesFiles is an alternative list of values files to use as the chart
-     * values (values.yaml is not included by default), expected to be a
-     * relative path in the SourceRef.
-     * Values files are merged in the order of this list with the last file
-     * overriding the first. Ignored when omitted.
-     *
-     * @schema HelmChartSpec#valuesFiles
-     */
-    readonly valuesFiles?: string[];
-    /**
-     * Verify contains the secret name containing the trusted public keys
-     * used to verify the signature and specifies which provider to use to check
-     * whether OCI image is authentic.
-     * This field is only supported when using HelmRepository source with spec.type 'oci'.
-     * Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
-     *
-     * @schema HelmChartSpec#verify
-     */
-    readonly verify?: HelmChartSpecVerify;
-    /**
-     * Version is the chart version semver expression, ignored for charts from
-     * GitRepository and Bucket sources. Defaults to latest when omitted.
-     *
-     * @default latest when omitted.
-     * @schema HelmChartSpec#version
-     */
-    readonly version?: string;
-}
-/**
- * Converts an object of type 'HelmChartSpec' to JSON representation.
- */
-export declare function toJson_HelmChartSpec(obj: HelmChartSpec | undefined): Record<string, any> | undefined;
-/**
- * ReconcileStrategy determines what enables the creation of a new artifact.
- * Valid values are ('ChartVersion', 'Revision').
- * See the documentation of the values for an explanation on their behavior.
- * Defaults to ChartVersion when omitted.
- *
- * @default ChartVersion when omitted.
- * @schema HelmChartSpecReconcileStrategy
- */
-export declare enum HelmChartSpecReconcileStrategy {
-    /** ChartVersion */
-    CHART_VERSION = "ChartVersion",
-    /** Revision */
-    REVISION = "Revision"
-}
-/**
- * SourceRef is the reference to the Source the chart is available at.
- *
- * @schema HelmChartSpecSourceRef
- */
-export interface HelmChartSpecSourceRef {
-    /**
-     * APIVersion of the referent.
-     *
-     * @schema HelmChartSpecSourceRef#apiVersion
-     */
-    readonly apiVersion?: string;
-    /**
-     * Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
-     * 'Bucket').
-     *
-     * @schema HelmChartSpecSourceRef#kind
-     */
-    readonly kind: HelmChartSpecSourceRefKind;
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmChartSpecSourceRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmChartSpecSourceRef' to JSON representation.
- */
-export declare function toJson_HelmChartSpecSourceRef(obj: HelmChartSpecSourceRef | undefined): Record<string, any> | undefined;
-/**
- * Verify contains the secret name containing the trusted public keys
- * used to verify the signature and specifies which provider to use to check
- * whether OCI image is authentic.
- * This field is only supported when using HelmRepository source with spec.type 'oci'.
- * Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
- *
- * @schema HelmChartSpecVerify
- */
-export interface HelmChartSpecVerify {
-    /**
-     * MatchOIDCIdentity specifies the identity matching criteria to use
-     * while verifying an OCI artifact which was signed using Cosign keyless
-     * signing. The artifact's identity is deemed to be verified if any of the
-     * specified matchers match against the identity.
-     *
-     * @schema HelmChartSpecVerify#matchOIDCIdentity
-     */
-    readonly matchOidcIdentity?: HelmChartSpecVerifyMatchOidcIdentity[];
-    /**
-     * Provider specifies the technology used to sign the OCI Artifact.
-     *
-     * @schema HelmChartSpecVerify#provider
-     */
-    readonly provider: HelmChartSpecVerifyProvider;
-    /**
-     * SecretRef specifies the Kubernetes Secret containing the
-     * trusted public keys.
-     *
-     * @schema HelmChartSpecVerify#secretRef
-     */
-    readonly secretRef?: HelmChartSpecVerifySecretRef;
-}
-/**
- * Converts an object of type 'HelmChartSpecVerify' to JSON representation.
- */
-export declare function toJson_HelmChartSpecVerify(obj: HelmChartSpecVerify | undefined): Record<string, any> | undefined;
-/**
- * Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- * 'Bucket').
- *
- * @schema HelmChartSpecSourceRefKind
- */
-export declare enum HelmChartSpecSourceRefKind {
-    /** HelmRepository */
-    HELM_REPOSITORY = "HelmRepository",
-    /** GitRepository */
-    GIT_REPOSITORY = "GitRepository",
-    /** Bucket */
-    BUCKET = "Bucket"
-}
-/**
- * OIDCIdentityMatch specifies options for verifying the certificate identity,
- * i.e. the issuer and the subject of the certificate.
- *
- * @schema HelmChartSpecVerifyMatchOidcIdentity
- */
-export interface HelmChartSpecVerifyMatchOidcIdentity {
-    /**
-     * Issuer specifies the regex pattern to match against to verify
-     * the OIDC issuer in the Fulcio certificate. The pattern must be a
-     * valid Go regular expression.
-     *
-     * @schema HelmChartSpecVerifyMatchOidcIdentity#issuer
-     */
-    readonly issuer: string;
-    /**
-     * Subject specifies the regex pattern to match against to verify
-     * the identity subject in the Fulcio certificate. The pattern must
-     * be a valid Go regular expression.
-     *
-     * @schema HelmChartSpecVerifyMatchOidcIdentity#subject
-     */
-    readonly subject: string;
-}
-/**
- * Converts an object of type 'HelmChartSpecVerifyMatchOidcIdentity' to JSON representation.
- */
-export declare function toJson_HelmChartSpecVerifyMatchOidcIdentity(obj: HelmChartSpecVerifyMatchOidcIdentity | undefined): Record<string, any> | undefined;
-/**
- * Provider specifies the technology used to sign the OCI Artifact.
- *
- * @schema HelmChartSpecVerifyProvider
- */
-export declare enum HelmChartSpecVerifyProvider {
-    /** cosign */
-    COSIGN = "cosign",
-    /** notation */
-    NOTATION = "notation"
-}
-/**
- * SecretRef specifies the Kubernetes Secret containing the
- * trusted public keys.
- *
- * @schema HelmChartSpecVerifySecretRef
- */
-export interface HelmChartSpecVerifySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmChartSpecVerifySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmChartSpecVerifySecretRef' to JSON representation.
- */
-export declare function toJson_HelmChartSpecVerifySecretRef(obj: HelmChartSpecVerifySecretRef | undefined): Record<string, any> | undefined;
-/**
- * HelmChart is the Schema for the helmcharts API
- *
- * @schema HelmChartV1Beta1
- */
-export declare class HelmChartV1Beta1 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "HelmChartV1Beta1"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "HelmChartV1Beta1".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: HelmChartV1Beta1Props): any;
-    /**
-     * Defines a "HelmChartV1Beta1" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: HelmChartV1Beta1Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * HelmChart is the Schema for the helmcharts API
- *
- * @schema HelmChartV1Beta1
- */
-export interface HelmChartV1Beta1Props {
-    /**
-     * @schema HelmChartV1Beta1#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * HelmChartSpec defines the desired state of a Helm chart.
-     *
-     * @schema HelmChartV1Beta1#spec
-     */
-    readonly spec?: HelmChartV1Beta1Spec;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta1Props' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta1Props(obj: HelmChartV1Beta1Props | undefined): Record<string, any> | undefined;
-/**
- * HelmChartSpec defines the desired state of a Helm chart.
- *
- * @schema HelmChartV1Beta1Spec
- */
-export interface HelmChartV1Beta1Spec {
-    /**
-     * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
-     *
-     * @schema HelmChartV1Beta1Spec#accessFrom
-     */
-    readonly accessFrom?: HelmChartV1Beta1SpecAccessFrom;
-    /**
-     * The name or path the Helm chart is available at in the SourceRef.
-     *
-     * @schema HelmChartV1Beta1Spec#chart
-     */
-    readonly chart: string;
-    /**
-     * The interval at which to check the Source for updates.
-     *
-     * @schema HelmChartV1Beta1Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * Determines what enables the creation of a new artifact. Valid values are
-     * ('ChartVersion', 'Revision').
-     * See the documentation of the values for an explanation on their behavior.
-     * Defaults to ChartVersion when omitted.
-     *
-     * @default ChartVersion when omitted.
-     * @schema HelmChartV1Beta1Spec#reconcileStrategy
-     */
-    readonly reconcileStrategy?: HelmChartV1Beta1SpecReconcileStrategy;
-    /**
-     * The reference to the Source the chart is available at.
-     *
-     * @schema HelmChartV1Beta1Spec#sourceRef
-     */
-    readonly sourceRef: HelmChartV1Beta1SpecSourceRef;
-    /**
-     * This flag tells the controller to suspend the reconciliation of this source.
-     *
-     * @schema HelmChartV1Beta1Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Alternative values file to use as the default chart values, expected to
-     * be a relative path in the SourceRef. Deprecated in favor of ValuesFiles,
-     * for backwards compatibility the file defined here is merged before the
-     * ValuesFiles items. Ignored when omitted.
-     *
-     * @schema HelmChartV1Beta1Spec#valuesFile
-     */
-    readonly valuesFile?: string;
-    /**
-     * Alternative list of values files to use as the chart values (values.yaml
-     * is not included by default), expected to be a relative path in the SourceRef.
-     * Values files are merged in the order of this list with the last file overriding
-     * the first. Ignored when omitted.
-     *
-     * @schema HelmChartV1Beta1Spec#valuesFiles
-     */
-    readonly valuesFiles?: string[];
-    /**
-     * The chart version semver expression, ignored for charts from GitRepository
-     * and Bucket sources. Defaults to latest when omitted.
-     *
-     * @default latest when omitted.
-     * @schema HelmChartV1Beta1Spec#version
-     */
-    readonly version?: string;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta1Spec' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta1Spec(obj: HelmChartV1Beta1Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
- *
- * @schema HelmChartV1Beta1SpecAccessFrom
- */
-export interface HelmChartV1Beta1SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema HelmChartV1Beta1SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: HelmChartV1Beta1SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'HelmChartV1Beta1SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta1SpecAccessFrom(obj: HelmChartV1Beta1SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * Determines what enables the creation of a new artifact. Valid values are
- * ('ChartVersion', 'Revision').
- * See the documentation of the values for an explanation on their behavior.
- * Defaults to ChartVersion when omitted.
- *
- * @default ChartVersion when omitted.
- * @schema HelmChartV1Beta1SpecReconcileStrategy
- */
-export declare enum HelmChartV1Beta1SpecReconcileStrategy {
-    /** ChartVersion */
-    CHART_VERSION = "ChartVersion",
-    /** Revision */
-    REVISION = "Revision"
-}
-/**
- * The reference to the Source the chart is available at.
- *
- * @schema HelmChartV1Beta1SpecSourceRef
- */
-export interface HelmChartV1Beta1SpecSourceRef {
-    /**
-     * APIVersion of the referent.
-     *
-     * @schema HelmChartV1Beta1SpecSourceRef#apiVersion
-     */
-    readonly apiVersion?: string;
-    /**
-     * Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
-     * 'Bucket').
-     *
-     * @schema HelmChartV1Beta1SpecSourceRef#kind
-     */
-    readonly kind: HelmChartV1Beta1SpecSourceRefKind;
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmChartV1Beta1SpecSourceRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta1SpecSourceRef' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta1SpecSourceRef(obj: HelmChartV1Beta1SpecSourceRef | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema HelmChartV1Beta1SpecAccessFromNamespaceSelectors
- */
-export interface HelmChartV1Beta1SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema HelmChartV1Beta1SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'HelmChartV1Beta1SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta1SpecAccessFromNamespaceSelectors(obj: HelmChartV1Beta1SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- * 'Bucket').
- *
- * @schema HelmChartV1Beta1SpecSourceRefKind
- */
-export declare enum HelmChartV1Beta1SpecSourceRefKind {
-    /** HelmRepository */
-    HELM_REPOSITORY = "HelmRepository",
-    /** GitRepository */
-    GIT_REPOSITORY = "GitRepository",
-    /** Bucket */
-    BUCKET = "Bucket"
-}
-/**
- * HelmChart is the Schema for the helmcharts API.
- *
- * @schema HelmChartV1Beta2
- */
-export declare class HelmChartV1Beta2 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "HelmChartV1Beta2"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "HelmChartV1Beta2".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: HelmChartV1Beta2Props): any;
-    /**
-     * Defines a "HelmChartV1Beta2" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: HelmChartV1Beta2Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * HelmChart is the Schema for the helmcharts API.
- *
- * @schema HelmChartV1Beta2
- */
-export interface HelmChartV1Beta2Props {
-    /**
-     * @schema HelmChartV1Beta2#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * HelmChartSpec specifies the desired state of a Helm chart.
-     *
-     * @schema HelmChartV1Beta2#spec
-     */
-    readonly spec?: HelmChartV1Beta2Spec;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2Props' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2Props(obj: HelmChartV1Beta2Props | undefined): Record<string, any> | undefined;
-/**
- * HelmChartSpec specifies the desired state of a Helm chart.
- *
- * @schema HelmChartV1Beta2Spec
- */
-export interface HelmChartV1Beta2Spec {
-    /**
-     * AccessFrom specifies an Access Control List for allowing cross-namespace
-     * references to this object.
-     * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
-     *
-     * @schema HelmChartV1Beta2Spec#accessFrom
-     */
-    readonly accessFrom?: HelmChartV1Beta2SpecAccessFrom;
-    /**
-     * Chart is the name or path the Helm chart is available at in the
-     * SourceRef.
-     *
-     * @schema HelmChartV1Beta2Spec#chart
-     */
-    readonly chart: string;
-    /**
-     * IgnoreMissingValuesFiles controls whether to silently ignore missing values
-     * files rather than failing.
-     *
-     * @schema HelmChartV1Beta2Spec#ignoreMissingValuesFiles
-     */
-    readonly ignoreMissingValuesFiles?: boolean;
-    /**
-     * Interval at which the HelmChart SourceRef is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema HelmChartV1Beta2Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * ReconcileStrategy determines what enables the creation of a new artifact.
-     * Valid values are ('ChartVersion', 'Revision').
-     * See the documentation of the values for an explanation on their behavior.
-     * Defaults to ChartVersion when omitted.
-     *
-     * @default ChartVersion when omitted.
-     * @schema HelmChartV1Beta2Spec#reconcileStrategy
-     */
-    readonly reconcileStrategy?: HelmChartV1Beta2SpecReconcileStrategy;
-    /**
-     * SourceRef is the reference to the Source the chart is available at.
-     *
-     * @schema HelmChartV1Beta2Spec#sourceRef
-     */
-    readonly sourceRef: HelmChartV1Beta2SpecSourceRef;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * source.
-     *
-     * @schema HelmChartV1Beta2Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * ValuesFile is an alternative values file to use as the default chart
-     * values, expected to be a relative path in the SourceRef. Deprecated in
-     * favor of ValuesFiles, for backwards compatibility the file specified here
-     * is merged before the ValuesFiles items. Ignored when omitted.
-     *
-     * @schema HelmChartV1Beta2Spec#valuesFile
-     */
-    readonly valuesFile?: string;
-    /**
-     * ValuesFiles is an alternative list of values files to use as the chart
-     * values (values.yaml is not included by default), expected to be a
-     * relative path in the SourceRef.
-     * Values files are merged in the order of this list with the last file
-     * overriding the first. Ignored when omitted.
-     *
-     * @schema HelmChartV1Beta2Spec#valuesFiles
-     */
-    readonly valuesFiles?: string[];
-    /**
-     * Verify contains the secret name containing the trusted public keys
-     * used to verify the signature and specifies which provider to use to check
-     * whether OCI image is authentic.
-     * This field is only supported when using HelmRepository source with spec.type 'oci'.
-     * Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
-     *
-     * @schema HelmChartV1Beta2Spec#verify
-     */
-    readonly verify?: HelmChartV1Beta2SpecVerify;
-    /**
-     * Version is the chart version semver expression, ignored for charts from
-     * GitRepository and Bucket sources. Defaults to latest when omitted.
-     *
-     * @default latest when omitted.
-     * @schema HelmChartV1Beta2Spec#version
-     */
-    readonly version?: string;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2Spec' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2Spec(obj: HelmChartV1Beta2Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom specifies an Access Control List for allowing cross-namespace
- * references to this object.
- * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- *
- * @schema HelmChartV1Beta2SpecAccessFrom
- */
-export interface HelmChartV1Beta2SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema HelmChartV1Beta2SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: HelmChartV1Beta2SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2SpecAccessFrom(obj: HelmChartV1Beta2SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * ReconcileStrategy determines what enables the creation of a new artifact.
- * Valid values are ('ChartVersion', 'Revision').
- * See the documentation of the values for an explanation on their behavior.
- * Defaults to ChartVersion when omitted.
- *
- * @default ChartVersion when omitted.
- * @schema HelmChartV1Beta2SpecReconcileStrategy
- */
-export declare enum HelmChartV1Beta2SpecReconcileStrategy {
-    /** ChartVersion */
-    CHART_VERSION = "ChartVersion",
-    /** Revision */
-    REVISION = "Revision"
-}
-/**
- * SourceRef is the reference to the Source the chart is available at.
- *
- * @schema HelmChartV1Beta2SpecSourceRef
- */
-export interface HelmChartV1Beta2SpecSourceRef {
-    /**
-     * APIVersion of the referent.
-     *
-     * @schema HelmChartV1Beta2SpecSourceRef#apiVersion
-     */
-    readonly apiVersion?: string;
-    /**
-     * Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
-     * 'Bucket').
-     *
-     * @schema HelmChartV1Beta2SpecSourceRef#kind
-     */
-    readonly kind: HelmChartV1Beta2SpecSourceRefKind;
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmChartV1Beta2SpecSourceRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2SpecSourceRef' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2SpecSourceRef(obj: HelmChartV1Beta2SpecSourceRef | undefined): Record<string, any> | undefined;
-/**
- * Verify contains the secret name containing the trusted public keys
- * used to verify the signature and specifies which provider to use to check
- * whether OCI image is authentic.
- * This field is only supported when using HelmRepository source with spec.type 'oci'.
- * Chart dependencies, which are not bundled in the umbrella chart artifact, are not verified.
- *
- * @schema HelmChartV1Beta2SpecVerify
- */
-export interface HelmChartV1Beta2SpecVerify {
-    /**
-     * MatchOIDCIdentity specifies the identity matching criteria to use
-     * while verifying an OCI artifact which was signed using Cosign keyless
-     * signing. The artifact's identity is deemed to be verified if any of the
-     * specified matchers match against the identity.
-     *
-     * @schema HelmChartV1Beta2SpecVerify#matchOIDCIdentity
-     */
-    readonly matchOidcIdentity?: HelmChartV1Beta2SpecVerifyMatchOidcIdentity[];
-    /**
-     * Provider specifies the technology used to sign the OCI Artifact.
-     *
-     * @schema HelmChartV1Beta2SpecVerify#provider
-     */
-    readonly provider: HelmChartV1Beta2SpecVerifyProvider;
-    /**
-     * SecretRef specifies the Kubernetes Secret containing the
-     * trusted public keys.
-     *
-     * @schema HelmChartV1Beta2SpecVerify#secretRef
-     */
-    readonly secretRef?: HelmChartV1Beta2SpecVerifySecretRef;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2SpecVerify' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2SpecVerify(obj: HelmChartV1Beta2SpecVerify | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema HelmChartV1Beta2SpecAccessFromNamespaceSelectors
- */
-export interface HelmChartV1Beta2SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema HelmChartV1Beta2SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2SpecAccessFromNamespaceSelectors(obj: HelmChartV1Beta2SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * Kind of the referent, valid values are ('HelmRepository', 'GitRepository',
- * 'Bucket').
- *
- * @schema HelmChartV1Beta2SpecSourceRefKind
- */
-export declare enum HelmChartV1Beta2SpecSourceRefKind {
-    /** HelmRepository */
-    HELM_REPOSITORY = "HelmRepository",
-    /** GitRepository */
-    GIT_REPOSITORY = "GitRepository",
-    /** Bucket */
-    BUCKET = "Bucket"
-}
-/**
- * OIDCIdentityMatch specifies options for verifying the certificate identity,
- * i.e. the issuer and the subject of the certificate.
- *
- * @schema HelmChartV1Beta2SpecVerifyMatchOidcIdentity
- */
-export interface HelmChartV1Beta2SpecVerifyMatchOidcIdentity {
-    /**
-     * Issuer specifies the regex pattern to match against to verify
-     * the OIDC issuer in the Fulcio certificate. The pattern must be a
-     * valid Go regular expression.
-     *
-     * @schema HelmChartV1Beta2SpecVerifyMatchOidcIdentity#issuer
-     */
-    readonly issuer: string;
-    /**
-     * Subject specifies the regex pattern to match against to verify
-     * the identity subject in the Fulcio certificate. The pattern must
-     * be a valid Go regular expression.
-     *
-     * @schema HelmChartV1Beta2SpecVerifyMatchOidcIdentity#subject
-     */
-    readonly subject: string;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2SpecVerifyMatchOidcIdentity' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2SpecVerifyMatchOidcIdentity(obj: HelmChartV1Beta2SpecVerifyMatchOidcIdentity | undefined): Record<string, any> | undefined;
-/**
- * Provider specifies the technology used to sign the OCI Artifact.
- *
- * @schema HelmChartV1Beta2SpecVerifyProvider
- */
-export declare enum HelmChartV1Beta2SpecVerifyProvider {
-    /** cosign */
-    COSIGN = "cosign",
-    /** notation */
-    NOTATION = "notation"
-}
-/**
- * SecretRef specifies the Kubernetes Secret containing the
- * trusted public keys.
- *
- * @schema HelmChartV1Beta2SpecVerifySecretRef
- */
-export interface HelmChartV1Beta2SpecVerifySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmChartV1Beta2SpecVerifySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmChartV1Beta2SpecVerifySecretRef' to JSON representation.
- */
-export declare function toJson_HelmChartV1Beta2SpecVerifySecretRef(obj: HelmChartV1Beta2SpecVerifySecretRef | undefined): Record<string, any> | undefined;
-/**
- * HelmRepository is the Schema for the helmrepositories API.
- *
- * @schema HelmRepository
- */
-export declare class HelmRepository extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "HelmRepository"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "HelmRepository".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: HelmRepositoryProps): any;
-    /**
-     * Defines a "HelmRepository" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: HelmRepositoryProps);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * HelmRepository is the Schema for the helmrepositories API.
- *
- * @schema HelmRepository
- */
-export interface HelmRepositoryProps {
-    /**
-     * @schema HelmRepository#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * HelmRepositorySpec specifies the required configuration to produce an
-     * Artifact for a Helm repository index YAML.
-     *
-     * @schema HelmRepository#spec
-     */
-    readonly spec?: HelmRepositorySpec;
-}
-/**
- * Converts an object of type 'HelmRepositoryProps' to JSON representation.
- */
-export declare function toJson_HelmRepositoryProps(obj: HelmRepositoryProps | undefined): Record<string, any> | undefined;
-/**
- * HelmRepositorySpec specifies the required configuration to produce an
- * Artifact for a Helm repository index YAML.
- *
- * @schema HelmRepositorySpec
- */
-export interface HelmRepositorySpec {
-    /**
-     * AccessFrom specifies an Access Control List for allowing cross-namespace
-     * references to this object.
-     * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
-     *
-     * @schema HelmRepositorySpec#accessFrom
-     */
-    readonly accessFrom?: HelmRepositorySpecAccessFrom;
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * registry. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * It takes precedence over the values specified in the Secret referred
-     * to by `.spec.secretRef`.
-     *
-     * @schema HelmRepositorySpec#certSecretRef
-     */
-    readonly certSecretRef?: HelmRepositorySpecCertSecretRef;
-    /**
-     * Insecure allows connecting to a non-TLS HTTP container registry.
-     * This field is only taken into account if the .spec.type field is set to 'oci'.
-     *
-     * @schema HelmRepositorySpec#insecure
-     */
-    readonly insecure?: boolean;
-    /**
-     * Interval at which the HelmRepository URL is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema HelmRepositorySpec#interval
-     */
-    readonly interval?: string;
-    /**
-     * PassCredentials allows the credentials from the SecretRef to be passed
-     * on to a host that does not match the host as defined in URL.
-     * This may be required if the host of the advertised chart URLs in the
-     * index differ from the defined URL.
-     * Enabling this should be done with caution, as it can potentially result
-     * in credentials getting stolen in a MITM-attack.
-     *
-     * @schema HelmRepositorySpec#passCredentials
-     */
-    readonly passCredentials?: boolean;
-    /**
-     * Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
-     * This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
-     * When not specified, defaults to 'generic'.
-     *
-     * @schema HelmRepositorySpec#provider
-     */
-    readonly provider?: HelmRepositorySpecProvider;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials
-     * for the HelmRepository.
-     * For HTTP/S basic auth the secret must contain 'username' and 'password'
-     * fields.
-     * Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
-     * keys is deprecated. Please use `.spec.certSecretRef` instead.
-     *
-     * @schema HelmRepositorySpec#secretRef
-     */
-    readonly secretRef?: HelmRepositorySpecSecretRef;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * HelmRepository.
-     *
-     * @schema HelmRepositorySpec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Timeout is used for the index fetch operation for an HTTPS helm repository,
-     * and for remote OCI Repository operations like pulling for an OCI helm
-     * chart by the associated HelmChart.
-     * Its default value is 60s.
-     *
-     * @schema HelmRepositorySpec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * Type of the HelmRepository.
-     * When this field is set to  "oci", the URL field value must be prefixed with "oci://".
-     *
-     * @schema HelmRepositorySpec#type
-     */
-    readonly type?: HelmRepositorySpecType;
-    /**
-     * URL of the Helm repository, a valid URL contains at least a protocol and
-     * host.
-     *
-     * @schema HelmRepositorySpec#url
-     */
-    readonly url: string;
-}
-/**
- * Converts an object of type 'HelmRepositorySpec' to JSON representation.
- */
-export declare function toJson_HelmRepositorySpec(obj: HelmRepositorySpec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom specifies an Access Control List for allowing cross-namespace
- * references to this object.
- * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- *
- * @schema HelmRepositorySpecAccessFrom
- */
-export interface HelmRepositorySpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema HelmRepositorySpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: HelmRepositorySpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'HelmRepositorySpecAccessFrom' to JSON representation.
- */
-export declare function toJson_HelmRepositorySpecAccessFrom(obj: HelmRepositorySpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * registry. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * It takes precedence over the values specified in the Secret referred
- * to by `.spec.secretRef`.
- *
- * @schema HelmRepositorySpecCertSecretRef
- */
-export interface HelmRepositorySpecCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmRepositorySpecCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmRepositorySpecCertSecretRef' to JSON representation.
- */
-export declare function toJson_HelmRepositorySpecCertSecretRef(obj: HelmRepositorySpecCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- * This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
- * When not specified, defaults to 'generic'.
- *
- * @schema HelmRepositorySpecProvider
- */
-export declare enum HelmRepositorySpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** aws */
-    AWS = "aws",
-    /** azure */
-    AZURE = "azure",
-    /** gcp */
-    GCP = "gcp"
-}
-/**
- * SecretRef specifies the Secret containing authentication credentials
- * for the HelmRepository.
- * For HTTP/S basic auth the secret must contain 'username' and 'password'
- * fields.
- * Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
- * keys is deprecated. Please use `.spec.certSecretRef` instead.
- *
- * @schema HelmRepositorySpecSecretRef
- */
-export interface HelmRepositorySpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmRepositorySpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmRepositorySpecSecretRef' to JSON representation.
- */
-export declare function toJson_HelmRepositorySpecSecretRef(obj: HelmRepositorySpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Type of the HelmRepository.
- * When this field is set to  "oci", the URL field value must be prefixed with "oci://".
- *
- * @schema HelmRepositorySpecType
- */
-export declare enum HelmRepositorySpecType {
-    /** default */
-    DEFAULT = "default",
-    /** oci */
-    OCI = "oci"
-}
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema HelmRepositorySpecAccessFromNamespaceSelectors
- */
-export interface HelmRepositorySpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema HelmRepositorySpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'HelmRepositorySpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_HelmRepositorySpecAccessFromNamespaceSelectors(obj: HelmRepositorySpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * HelmRepository is the Schema for the helmrepositories API
- *
- * @schema HelmRepositoryV1Beta1
- */
-export declare class HelmRepositoryV1Beta1 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "HelmRepositoryV1Beta1"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "HelmRepositoryV1Beta1".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: HelmRepositoryV1Beta1Props): any;
-    /**
-     * Defines a "HelmRepositoryV1Beta1" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: HelmRepositoryV1Beta1Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * HelmRepository is the Schema for the helmrepositories API
- *
- * @schema HelmRepositoryV1Beta1
- */
-export interface HelmRepositoryV1Beta1Props {
-    /**
-     * @schema HelmRepositoryV1Beta1#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * HelmRepositorySpec defines the reference to a Helm repository.
-     *
-     * @schema HelmRepositoryV1Beta1#spec
-     */
-    readonly spec?: HelmRepositoryV1Beta1Spec;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta1Props' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta1Props(obj: HelmRepositoryV1Beta1Props | undefined): Record<string, any> | undefined;
-/**
- * HelmRepositorySpec defines the reference to a Helm repository.
- *
- * @schema HelmRepositoryV1Beta1Spec
- */
-export interface HelmRepositoryV1Beta1Spec {
-    /**
-     * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#accessFrom
-     */
-    readonly accessFrom?: HelmRepositoryV1Beta1SpecAccessFrom;
-    /**
-     * The interval at which to check the upstream for updates.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#interval
-     */
-    readonly interval: string;
-    /**
-     * PassCredentials allows the credentials from the SecretRef to be passed on to
-     * a host that does not match the host as defined in URL.
-     * This may be required if the host of the advertised chart URLs in the index
-     * differ from the defined URL.
-     * Enabling this should be done with caution, as it can potentially result in
-     * credentials getting stolen in a MITM-attack.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#passCredentials
-     */
-    readonly passCredentials?: boolean;
-    /**
-     * The name of the secret containing authentication credentials for the Helm
-     * repository.
-     * For HTTP/S basic auth the secret must contain username and
-     * password fields.
-     * For TLS the secret must contain a certFile and keyFile, and/or
-     * caFile fields.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#secretRef
-     */
-    readonly secretRef?: HelmRepositoryV1Beta1SpecSecretRef;
-    /**
-     * This flag tells the controller to suspend the reconciliation of this source.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * The timeout of index downloading, defaults to 60s.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * The Helm repository URL, a valid URL contains at least a protocol and host.
-     *
-     * @schema HelmRepositoryV1Beta1Spec#url
-     */
-    readonly url: string;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta1Spec' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta1Spec(obj: HelmRepositoryV1Beta1Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom defines an Access Control List for allowing cross-namespace references to this object.
- *
- * @schema HelmRepositoryV1Beta1SpecAccessFrom
- */
-export interface HelmRepositoryV1Beta1SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema HelmRepositoryV1Beta1SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta1SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta1SpecAccessFrom(obj: HelmRepositoryV1Beta1SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * The name of the secret containing authentication credentials for the Helm
- * repository.
- * For HTTP/S basic auth the secret must contain username and
- * password fields.
- * For TLS the secret must contain a certFile and keyFile, and/or
- * caFile fields.
- *
- * @schema HelmRepositoryV1Beta1SpecSecretRef
- */
-export interface HelmRepositoryV1Beta1SpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmRepositoryV1Beta1SpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta1SpecSecretRef' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta1SpecSecretRef(obj: HelmRepositoryV1Beta1SpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors
- */
-export interface HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors(obj: HelmRepositoryV1Beta1SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * HelmRepository is the Schema for the helmrepositories API.
- *
- * @schema HelmRepositoryV1Beta2
- */
-export declare class HelmRepositoryV1Beta2 extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "HelmRepositoryV1Beta2"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "HelmRepositoryV1Beta2".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: HelmRepositoryV1Beta2Props): any;
-    /**
-     * Defines a "HelmRepositoryV1Beta2" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: HelmRepositoryV1Beta2Props);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * HelmRepository is the Schema for the helmrepositories API.
- *
- * @schema HelmRepositoryV1Beta2
- */
-export interface HelmRepositoryV1Beta2Props {
-    /**
-     * @schema HelmRepositoryV1Beta2#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * HelmRepositorySpec specifies the required configuration to produce an
-     * Artifact for a Helm repository index YAML.
-     *
-     * @schema HelmRepositoryV1Beta2#spec
-     */
-    readonly spec?: HelmRepositoryV1Beta2Spec;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta2Props' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta2Props(obj: HelmRepositoryV1Beta2Props | undefined): Record<string, any> | undefined;
-/**
- * HelmRepositorySpec specifies the required configuration to produce an
- * Artifact for a Helm repository index YAML.
- *
- * @schema HelmRepositoryV1Beta2Spec
- */
-export interface HelmRepositoryV1Beta2Spec {
-    /**
-     * AccessFrom specifies an Access Control List for allowing cross-namespace
-     * references to this object.
-     * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
-     *
-     * @schema HelmRepositoryV1Beta2Spec#accessFrom
-     */
-    readonly accessFrom?: HelmRepositoryV1Beta2SpecAccessFrom;
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * registry. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * It takes precedence over the values specified in the Secret referred
-     * to by `.spec.secretRef`.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#certSecretRef
-     */
-    readonly certSecretRef?: HelmRepositoryV1Beta2SpecCertSecretRef;
-    /**
-     * Insecure allows connecting to a non-TLS HTTP container registry.
-     * This field is only taken into account if the .spec.type field is set to 'oci'.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#insecure
-     */
-    readonly insecure?: boolean;
-    /**
-     * Interval at which the HelmRepository URL is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#interval
-     */
-    readonly interval?: string;
-    /**
-     * PassCredentials allows the credentials from the SecretRef to be passed
-     * on to a host that does not match the host as defined in URL.
-     * This may be required if the host of the advertised chart URLs in the
-     * index differ from the defined URL.
-     * Enabling this should be done with caution, as it can potentially result
-     * in credentials getting stolen in a MITM-attack.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#passCredentials
-     */
-    readonly passCredentials?: boolean;
-    /**
-     * Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
-     * This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
-     * When not specified, defaults to 'generic'.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#provider
-     */
-    readonly provider?: HelmRepositoryV1Beta2SpecProvider;
-    /**
-     * SecretRef specifies the Secret containing authentication credentials
-     * for the HelmRepository.
-     * For HTTP/S basic auth the secret must contain 'username' and 'password'
-     * fields.
-     * Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
-     * keys is deprecated. Please use `.spec.certSecretRef` instead.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#secretRef
-     */
-    readonly secretRef?: HelmRepositoryV1Beta2SpecSecretRef;
-    /**
-     * Suspend tells the controller to suspend the reconciliation of this
-     * HelmRepository.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * Timeout is used for the index fetch operation for an HTTPS helm repository,
-     * and for remote OCI Repository operations like pulling for an OCI helm
-     * chart by the associated HelmChart.
-     * Its default value is 60s.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * Type of the HelmRepository.
-     * When this field is set to  "oci", the URL field value must be prefixed with "oci://".
-     *
-     * @schema HelmRepositoryV1Beta2Spec#type
-     */
-    readonly type?: HelmRepositoryV1Beta2SpecType;
-    /**
-     * URL of the Helm repository, a valid URL contains at least a protocol and
-     * host.
-     *
-     * @schema HelmRepositoryV1Beta2Spec#url
-     */
-    readonly url: string;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta2Spec' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta2Spec(obj: HelmRepositoryV1Beta2Spec | undefined): Record<string, any> | undefined;
-/**
- * AccessFrom specifies an Access Control List for allowing cross-namespace
- * references to this object.
- * NOTE: Not implemented, provisional as of https://github.com/fluxcd/flux2/pull/2092
- *
- * @schema HelmRepositoryV1Beta2SpecAccessFrom
- */
-export interface HelmRepositoryV1Beta2SpecAccessFrom {
-    /**
-     * NamespaceSelectors is the list of namespace selectors to which this ACL applies.
-     * Items in this list are evaluated using a logical OR operation.
-     *
-     * @schema HelmRepositoryV1Beta2SpecAccessFrom#namespaceSelectors
-     */
-    readonly namespaceSelectors: HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors[];
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta2SpecAccessFrom' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta2SpecAccessFrom(obj: HelmRepositoryV1Beta2SpecAccessFrom | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * registry. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * It takes precedence over the values specified in the Secret referred
- * to by `.spec.secretRef`.
- *
- * @schema HelmRepositoryV1Beta2SpecCertSecretRef
- */
-export interface HelmRepositoryV1Beta2SpecCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmRepositoryV1Beta2SpecCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta2SpecCertSecretRef' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta2SpecCertSecretRef(obj: HelmRepositoryV1Beta2SpecCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- * This field is optional, and only taken into account if the .spec.type field is set to 'oci'.
- * When not specified, defaults to 'generic'.
- *
- * @schema HelmRepositoryV1Beta2SpecProvider
- */
-export declare enum HelmRepositoryV1Beta2SpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** aws */
-    AWS = "aws",
-    /** azure */
-    AZURE = "azure",
-    /** gcp */
-    GCP = "gcp"
-}
-/**
- * SecretRef specifies the Secret containing authentication credentials
- * for the HelmRepository.
- * For HTTP/S basic auth the secret must contain 'username' and 'password'
- * fields.
- * Support for TLS auth using the 'certFile' and 'keyFile', and/or 'caFile'
- * keys is deprecated. Please use `.spec.certSecretRef` instead.
- *
- * @schema HelmRepositoryV1Beta2SpecSecretRef
- */
-export interface HelmRepositoryV1Beta2SpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema HelmRepositoryV1Beta2SpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta2SpecSecretRef' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta2SpecSecretRef(obj: HelmRepositoryV1Beta2SpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Type of the HelmRepository.
- * When this field is set to  "oci", the URL field value must be prefixed with "oci://".
- *
- * @schema HelmRepositoryV1Beta2SpecType
- */
-export declare enum HelmRepositoryV1Beta2SpecType {
-    /** default */
-    DEFAULT = "default",
-    /** oci */
-    OCI = "oci"
-}
-/**
- * NamespaceSelector selects the namespaces to which this ACL applies.
- * An empty map of MatchLabels matches all namespaces in a cluster.
- *
- * @schema HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors
- */
-export interface HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors {
-    /**
-     * MatchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
-     * map is equivalent to an element of matchExpressions, whose key field is "key", the
-     * operator is "In", and the values array contains only "value". The requirements are ANDed.
-     *
-     * @schema HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors#matchLabels
-     */
-    readonly matchLabels?: {
-        [key: string]: string;
-    };
-}
-/**
- * Converts an object of type 'HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors' to JSON representation.
- */
-export declare function toJson_HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors(obj: HelmRepositoryV1Beta2SpecAccessFromNamespaceSelectors | undefined): Record<string, any> | undefined;
-/**
- * OCIRepository is the Schema for the ocirepositories API
- *
- * @schema OCIRepository
- */
-export declare class OciRepository extends ApiObject {
-    /**
-     * Returns the apiVersion and kind for "OCIRepository"
-     */
-    static readonly GVK: GroupVersionKind;
-    /**
-     * Renders a Kubernetes manifest for "OCIRepository".
-     *
-     * This can be used to inline resource manifests inside other objects (e.g. as templates).
-     *
-     * @param props initialization props
-     */
-    static manifest(props?: OciRepositoryProps): any;
-    /**
-     * Defines a "OCIRepository" API object
-     * @param scope the scope in which to define this object
-     * @param id a scope-local name for the object
-     * @param props initialization props
-     */
-    constructor(scope: Construct, id: string, props?: OciRepositoryProps);
-    /**
-     * Renders the object to Kubernetes JSON.
-     */
-    toJson(): any;
-}
-/**
- * OCIRepository is the Schema for the ocirepositories API
- *
- * @schema OCIRepository
- */
-export interface OciRepositoryProps {
-    /**
-     * @schema OCIRepository#metadata
-     */
-    readonly metadata?: ApiObjectMetadata;
-    /**
-     * OCIRepositorySpec defines the desired state of OCIRepository
-     *
-     * @schema OCIRepository#spec
-     */
-    readonly spec?: OciRepositorySpec;
-}
-/**
- * Converts an object of type 'OciRepositoryProps' to JSON representation.
- */
-export declare function toJson_OciRepositoryProps(obj: OciRepositoryProps | undefined): Record<string, any> | undefined;
-/**
- * OCIRepositorySpec defines the desired state of OCIRepository
- *
- * @schema OciRepositorySpec
- */
-export interface OciRepositorySpec {
-    /**
-     * CertSecretRef can be given the name of a Secret containing
-     * either or both of
-     *
-     * - a PEM-encoded client certificate (`tls.crt`) and private
-     * key (`tls.key`);
-     * - a PEM-encoded CA certificate (`ca.crt`)
-     *
-     * and whichever are supplied, will be used for connecting to the
-     * registry. The client cert and key are useful if you are
-     * authenticating with a certificate; the CA cert is useful if
-     * you are using a self-signed server certificate. The Secret must
-     * be of type `Opaque` or `kubernetes.io/tls`.
-     *
-     * Note: Support for the `caFile`, `certFile` and `keyFile` keys have
-     * been deprecated.
-     *
-     * @schema OciRepositorySpec#certSecretRef
-     */
-    readonly certSecretRef?: OciRepositorySpecCertSecretRef;
-    /**
-     * Ignore overrides the set of excluded patterns in the .sourceignore format
-     * (which is the same as .gitignore). If not provided, a default will be used,
-     * consult the documentation for your version to find out what those are.
-     *
-     * @schema OciRepositorySpec#ignore
-     */
-    readonly ignore?: string;
-    /**
-     * Insecure allows connecting to a non-TLS HTTP container registry.
-     *
-     * @schema OciRepositorySpec#insecure
-     */
-    readonly insecure?: boolean;
-    /**
-     * Interval at which the OCIRepository URL is checked for updates.
-     * This interval is approximate and may be subject to jitter to ensure
-     * efficient use of resources.
-     *
-     * @schema OciRepositorySpec#interval
-     */
-    readonly interval: string;
-    /**
-     * LayerSelector specifies which layer should be extracted from the OCI artifact.
-     * When not specified, the first layer found in the artifact is selected.
-     *
-     * @schema OciRepositorySpec#layerSelector
-     */
-    readonly layerSelector?: OciRepositorySpecLayerSelector;
-    /**
-     * The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
-     * When not specified, defaults to 'generic'.
-     *
-     * @schema OciRepositorySpec#provider
-     */
-    readonly provider?: OciRepositorySpecProvider;
-    /**
-     * ProxySecretRef specifies the Secret containing the proxy configuration
-     * to use while communicating with the container registry.
-     *
-     * @schema OciRepositorySpec#proxySecretRef
-     */
-    readonly proxySecretRef?: OciRepositorySpecProxySecretRef;
-    /**
-     * The OCI reference to pull and monitor for changes,
-     * defaults to the latest tag.
-     *
-     * @schema OciRepositorySpec#ref
-     */
-    readonly ref?: OciRepositorySpecRef;
-    /**
-     * SecretRef contains the secret name containing the registry login
-     * credentials to resolve image metadata.
-     * The secret must be of type kubernetes.io/dockerconfigjson.
-     *
-     * @schema OciRepositorySpec#secretRef
-     */
-    readonly secretRef?: OciRepositorySpecSecretRef;
-    /**
-     * ServiceAccountName is the name of the Kubernetes ServiceAccount used to authenticate
-     * the image pull if the service account has attached pull secrets. For more information:
-     * https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account
-     *
-     * @schema OciRepositorySpec#serviceAccountName
-     */
-    readonly serviceAccountName?: string;
-    /**
-     * This flag tells the controller to suspend the reconciliation of this source.
-     *
-     * @schema OciRepositorySpec#suspend
-     */
-    readonly suspend?: boolean;
-    /**
-     * The timeout for remote OCI Repository operations like pulling, defaults to 60s.
-     *
-     * @schema OciRepositorySpec#timeout
-     */
-    readonly timeout?: string;
-    /**
-     * URL is a reference to an OCI artifact repository hosted
-     * on a remote container registry.
-     *
-     * @schema OciRepositorySpec#url
-     */
-    readonly url: string;
-    /**
-     * Verify contains the secret name containing the trusted public keys
-     * used to verify the signature and specifies which provider to use to check
-     * whether OCI image is authentic.
-     *
-     * @schema OciRepositorySpec#verify
-     */
-    readonly verify?: OciRepositorySpecVerify;
-}
-/**
- * Converts an object of type 'OciRepositorySpec' to JSON representation.
- */
-export declare function toJson_OciRepositorySpec(obj: OciRepositorySpec | undefined): Record<string, any> | undefined;
-/**
- * CertSecretRef can be given the name of a Secret containing
- * either or both of
- *
- * - a PEM-encoded client certificate (`tls.crt`) and private
- * key (`tls.key`);
- * - a PEM-encoded CA certificate (`ca.crt`)
- *
- * and whichever are supplied, will be used for connecting to the
- * registry. The client cert and key are useful if you are
- * authenticating with a certificate; the CA cert is useful if
- * you are using a self-signed server certificate. The Secret must
- * be of type `Opaque` or `kubernetes.io/tls`.
- *
- * Note: Support for the `caFile`, `certFile` and `keyFile` keys have
- * been deprecated.
- *
- * @schema OciRepositorySpecCertSecretRef
- */
-export interface OciRepositorySpecCertSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema OciRepositorySpecCertSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'OciRepositorySpecCertSecretRef' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecCertSecretRef(obj: OciRepositorySpecCertSecretRef | undefined): Record<string, any> | undefined;
-/**
- * LayerSelector specifies which layer should be extracted from the OCI artifact.
- * When not specified, the first layer found in the artifact is selected.
- *
- * @schema OciRepositorySpecLayerSelector
- */
-export interface OciRepositorySpecLayerSelector {
-    /**
-     * MediaType specifies the OCI media type of the layer
-     * which should be extracted from the OCI Artifact. The
-     * first layer matching this type is selected.
-     *
-     * @schema OciRepositorySpecLayerSelector#mediaType
-     */
-    readonly mediaType?: string;
-    /**
-     * Operation specifies how the selected layer should be processed.
-     * By default, the layer compressed content is extracted to storage.
-     * When the operation is set to 'copy', the layer compressed content
-     * is persisted to storage as it is.
-     *
-     * @schema OciRepositorySpecLayerSelector#operation
-     */
-    readonly operation?: OciRepositorySpecLayerSelectorOperation;
-}
-/**
- * Converts an object of type 'OciRepositorySpecLayerSelector' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecLayerSelector(obj: OciRepositorySpecLayerSelector | undefined): Record<string, any> | undefined;
-/**
- * The provider used for authentication, can be 'aws', 'azure', 'gcp' or 'generic'.
- * When not specified, defaults to 'generic'.
- *
- * @schema OciRepositorySpecProvider
- */
-export declare enum OciRepositorySpecProvider {
-    /** generic */
-    GENERIC = "generic",
-    /** aws */
-    AWS = "aws",
-    /** azure */
-    AZURE = "azure",
-    /** gcp */
-    GCP = "gcp"
-}
-/**
- * ProxySecretRef specifies the Secret containing the proxy configuration
- * to use while communicating with the container registry.
- *
- * @schema OciRepositorySpecProxySecretRef
- */
-export interface OciRepositorySpecProxySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema OciRepositorySpecProxySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'OciRepositorySpecProxySecretRef' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecProxySecretRef(obj: OciRepositorySpecProxySecretRef | undefined): Record<string, any> | undefined;
-/**
- * The OCI reference to pull and monitor for changes,
- * defaults to the latest tag.
- *
- * @schema OciRepositorySpecRef
- */
-export interface OciRepositorySpecRef {
-    /**
-     * Digest is the image digest to pull, takes precedence over SemVer.
-     * The value should be in the format 'sha256:<HASH>'.
-     *
-     * @schema OciRepositorySpecRef#digest
-     */
-    readonly digest?: string;
-    /**
-     * SemVer is the range of tags to pull selecting the latest within
-     * the range, takes precedence over Tag.
-     *
-     * @schema OciRepositorySpecRef#semver
-     */
-    readonly semver?: string;
-    /**
-     * SemverFilter is a regex pattern to filter the tags within the SemVer range.
-     *
-     * @schema OciRepositorySpecRef#semverFilter
-     */
-    readonly semverFilter?: string;
-    /**
-     * Tag is the image tag to pull, defaults to latest.
-     *
-     * @schema OciRepositorySpecRef#tag
-     */
-    readonly tag?: string;
-}
-/**
- * Converts an object of type 'OciRepositorySpecRef' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecRef(obj: OciRepositorySpecRef | undefined): Record<string, any> | undefined;
-/**
- * SecretRef contains the secret name containing the registry login
- * credentials to resolve image metadata.
- * The secret must be of type kubernetes.io/dockerconfigjson.
- *
- * @schema OciRepositorySpecSecretRef
- */
-export interface OciRepositorySpecSecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema OciRepositorySpecSecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'OciRepositorySpecSecretRef' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecSecretRef(obj: OciRepositorySpecSecretRef | undefined): Record<string, any> | undefined;
-/**
- * Verify contains the secret name containing the trusted public keys
- * used to verify the signature and specifies which provider to use to check
- * whether OCI image is authentic.
- *
- * @schema OciRepositorySpecVerify
- */
-export interface OciRepositorySpecVerify {
-    /**
-     * MatchOIDCIdentity specifies the identity matching criteria to use
-     * while verifying an OCI artifact which was signed using Cosign keyless
-     * signing. The artifact's identity is deemed to be verified if any of the
-     * specified matchers match against the identity.
-     *
-     * @schema OciRepositorySpecVerify#matchOIDCIdentity
-     */
-    readonly matchOidcIdentity?: OciRepositorySpecVerifyMatchOidcIdentity[];
-    /**
-     * Provider specifies the technology used to sign the OCI Artifact.
-     *
-     * @schema OciRepositorySpecVerify#provider
-     */
-    readonly provider: OciRepositorySpecVerifyProvider;
-    /**
-     * SecretRef specifies the Kubernetes Secret containing the
-     * trusted public keys.
-     *
-     * @schema OciRepositorySpecVerify#secretRef
-     */
-    readonly secretRef?: OciRepositorySpecVerifySecretRef;
-}
-/**
- * Converts an object of type 'OciRepositorySpecVerify' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecVerify(obj: OciRepositorySpecVerify | undefined): Record<string, any> | undefined;
-/**
- * Operation specifies how the selected layer should be processed.
- * By default, the layer compressed content is extracted to storage.
- * When the operation is set to 'copy', the layer compressed content
- * is persisted to storage as it is.
- *
- * @schema OciRepositorySpecLayerSelectorOperation
- */
-export declare enum OciRepositorySpecLayerSelectorOperation {
-    /** extract */
-    EXTRACT = "extract",
-    /** copy */
-    COPY = "copy"
-}
-/**
- * OIDCIdentityMatch specifies options for verifying the certificate identity,
- * i.e. the issuer and the subject of the certificate.
- *
- * @schema OciRepositorySpecVerifyMatchOidcIdentity
- */
-export interface OciRepositorySpecVerifyMatchOidcIdentity {
-    /**
-     * Issuer specifies the regex pattern to match against to verify
-     * the OIDC issuer in the Fulcio certificate. The pattern must be a
-     * valid Go regular expression.
-     *
-     * @schema OciRepositorySpecVerifyMatchOidcIdentity#issuer
-     */
-    readonly issuer: string;
-    /**
-     * Subject specifies the regex pattern to match against to verify
-     * the identity subject in the Fulcio certificate. The pattern must
-     * be a valid Go regular expression.
-     *
-     * @schema OciRepositorySpecVerifyMatchOidcIdentity#subject
-     */
-    readonly subject: string;
-}
-/**
- * Converts an object of type 'OciRepositorySpecVerifyMatchOidcIdentity' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecVerifyMatchOidcIdentity(obj: OciRepositorySpecVerifyMatchOidcIdentity | undefined): Record<string, any> | undefined;
-/**
- * Provider specifies the technology used to sign the OCI Artifact.
- *
- * @schema OciRepositorySpecVerifyProvider
- */
-export declare enum OciRepositorySpecVerifyProvider {
-    /** cosign */
-    COSIGN = "cosign",
-    /** notation */
-    NOTATION = "notation"
-}
-/**
- * SecretRef specifies the Kubernetes Secret containing the
- * trusted public keys.
- *
- * @schema OciRepositorySpecVerifySecretRef
- */
-export interface OciRepositorySpecVerifySecretRef {
-    /**
-     * Name of the referent.
-     *
-     * @schema OciRepositorySpecVerifySecretRef#name
-     */
-    readonly name: string;
-}
-/**
- * Converts an object of type 'OciRepositorySpecVerifySecretRef' to JSON representation.
- */
-export declare function toJson_OciRepositorySpecVerifySecretRef(obj: OciRepositorySpecVerifySecretRef | undefined): Record<string, any> | undefined;
-//# sourceMappingURL=source.toolkit.fluxcd.io.d.ts.map