After approval, your plugin will be available on the Gradle Plugin Portal for others to discover and use.

[[consume]]
== Consume the published plugin

Once you successfully publish a plugin, it won't immediately appear on the Portal.

	"type":               "type of the condition. Known conditions are \"Approved\", \"Denied\", and \"Failed\".\n\nAn \"Approved\" condition is added via the /approval subresource, indicating the request was approved and should be issued by the signer.\n\nA \"Denied\" condition is added via the /approval subresource, indicating the request was denied and should not be issued by the signer.\n\nA \"Failed\" condition is added via the /status...

      - "certificatesigningrequests"
      - "certificatesigningrequests/approval"
      - "certificatesigningrequests/status"
    verbs: ["update", "create", "get", "delete", "watch"]
  - apiGroups: ["certificates.k8s.io"]
    resources:
      - "signers"
    resourceNames:
{{- range .Values.global.certSigners }}
    - {{ . | quote }}
{{- end }}
    verbs: ["approve"]
{{- end}}

  # Used by Istiod to verify the JWT tokens

		if err != nil {
			return nil, err
		}
		storage[resource] = csrStorage
		storage[resource+"/status"] = csrStatusStorage
		storage[resource+"/approval"] = csrApprovalStorage
	}

	return storage, nil
}

message CertificateSigningRequestCondition {
  // type of the condition. Known conditions are "Approved", "Denied", and "Failed".
  //
  // An "Approved" condition is added via the /approval subresource,
  // indicating the request was approved and should be issued by the signer.
  //
  // A "Denied" condition is added via the /approval subresource,
  // indicating the request was denied and should not be issued by the signer.
  //

      - "certificatesigningrequests"
      - "certificatesigningrequests/approval"
      - "certificatesigningrequests/status"
    verbs: ["update", "create", "get", "delete", "watch"]
  - apiGroups: ["certificates.k8s.io"]
    resources:
      - "signers"
    resourceNames:
{{- range .Values.global.certSigners }}
    - {{ . | quote }}
{{- end }}
    verbs: ["approve"]
{{- end}}

  # Used by Istiod to verify the JWT tokens

				t.Helper()
				if len(errors) == 0 {
					t.Fatal("expected errors, got none")
				}
				if e, a := `metadata.annotations[api-approved.kubernetes.io]: Invalid value: "invalid": protected groups must have approval annotation "api-approved.kubernetes.io" with either a URL or a reason starting with "unapproved", see https://github.com/kubernetes/enhancements/pull/1111`, errors.ToAggregate().Error(); e != a {

message CertificateSigningRequestCondition {
  // type of the condition. Known conditions are "Approved", "Denied", and "Failed".
  //
  // An "Approved" condition is added via the /approval subresource,
  // indicating the request was approved and should be issued by the signer.
  //
  // A "Denied" condition is added via the /approval subresource,
  // indicating the request was denied and should not be issued by the signer.
  //

  map<string, ExtraValue> extra = 6;
}

message CertificateSigningRequestStatus {
  // Conditions applied to the request, such as approval or denial.
  // +listType=map
  // +listMapKey=type
  // +optional
  repeated CertificateSigningRequestCondition conditions = 1;

  // If request was approved, the controller will place the issued certificate here.
  // +listType=atomic
  // +optional
  optional bytes certificate = 2;
}

					t.Errorf("got: %v, expected: %v", got, expected)
				}
				if got, expected := a.Subresource, "approval"; got != expected {
					t.Errorf("got: %v, expected: %v", got, expected)
				}
				csr := a.Object.(*capi.CertificateSigningRequest)
				if len(csr.Status.Conditions) != 1 {
					t.Errorf("expected CSR to have approved condition: %#v", csr)
				}
				c := csr.Status.Conditions[0]