From 6242498ee158b0024eaa2bcc9a15a08699a5ae86 Mon Sep 17 00:00:00 2001 From: erikfuller <16261515+erikfuller@users.noreply.github.com> Date: Thu, 24 Oct 2024 12:42:34 -0700 Subject: [PATCH 1/6] Upgrade of go version, migration off v1beta1 and v1alpha2 for v1 gateway API objects, removed main 3rd party CRDs, working unit and integ tests --- Dockerfile | 2 +- cmd/aws-application-networking-k8s/main.go | 10 +- config/crds/bases/k8s-gateway-v0.6.1.yaml | 6145 ------------ config/crds/bases/k8s-gateway-v1.0.0.yaml | 8577 ----------------- config/crds/kustomization.yaml | 2 - docs/api-reference.md | 16 +- docs/contributing/developer-cheat-sheet.md | 2 +- go.mod | 90 +- go.sum | 236 +- helm/crds/k8s-gateway-v0.6.1.yaml | 6145 ------------ .../v1alpha1/accesslogpolicy_types.go | 11 +- .../v1alpha1/authpolicy_types.go | 6 +- .../v1alpha1/targetgrouppolicy_types.go | 6 +- .../v1alpha1/vpcassociationpolicy_types.go | 6 +- .../v1alpha1/zz_generated.deepcopy.go | 10 +- pkg/controllers/accesslogpolicy_controller.go | 18 +- pkg/controllers/eventhandlers/gateway.go | 22 +- pkg/controllers/eventhandlers/gatewayclass.go | 18 +- pkg/controllers/eventhandlers/mapper.go | 27 +- pkg/controllers/eventhandlers/mapper_test.go | 94 +- pkg/controllers/eventhandlers/service_test.go | 18 +- .../eventhandlers/serviceimport_test.go | 14 +- pkg/controllers/gateway_controller.go | 43 +- pkg/controllers/gatewayclass_controller.go | 5 +- pkg/controllers/iamauthpolicy_controller.go | 5 +- pkg/controllers/route_controller.go | 43 +- pkg/controllers/route_controller_test.go | 38 +- .../vpcassociationpolicy_controller.go | 4 +- ...ccess_log_subscription_synthesizer_test.go | 16 +- .../lattice/service_synthesizer_test.go | 44 +- ...odel_build_access_log_subscription_test.go | 20 +- .../model_build_lattice_service_test.go | 132 +- pkg/gateway/model_build_listener.go | 7 +- pkg/gateway/model_build_listener_test.go | 119 +- pkg/gateway/model_build_rule.go | 4 +- pkg/gateway/model_build_rule_test.go | 413 +- pkg/gateway/model_build_targetgroup_test.go | 100 +- pkg/gateway/model_build_targets_test.go | 12 +- pkg/k8s/policyhelper/kind.go | 22 +- pkg/k8s/policyhelper/kind_test.go | 9 +- pkg/k8s/policyhelper/policy.go | 10 +- pkg/k8s/policyhelper/policy_test.go | 14 +- pkg/k8s/utils.go | 5 +- pkg/model/core/grpcroute.go | 76 +- pkg/model/core/grpcroute_test.go | 297 +- pkg/model/core/httproute.go | 58 +- pkg/model/core/httproute_test.go | 297 +- pkg/model/core/policy.go | 2 +- pkg/model/core/route.go | 27 +- pkg/model/core/tlsroute.go | 28 +- pkg/model/core/tlsroute_test.go | 28 +- pkg/utils/common.go | 2 +- pkg/webhook/core/mutating_handler.go | 4 +- pkg/webhook/core/mutating_handler_test.go | 12 +- pkg/webhook/pod_mutator_test.go | 265 +- pkg/webhook/pod_readiness_gate_injector.go | 13 +- test/go.mod | 94 +- test/go.sum | 246 +- test/pkg/test/framework.go | 10 +- test/pkg/test/grpcroute.go | 9 +- .../integration/access_log_policy_test.go | 105 +- test/suites/integration/byoc_test.go | 3 +- test/suites/integration/grpcroute_test.go | 84 +- .../integration/httproute_creation_test.go | 3 +- ..._mutation_do_not_leak_target_group_test.go | 3 +- test/suites/integration/iamauthpolicy_test.go | 8 +- .../integration/target_group_policy_test.go | 7 +- .../tlsroute_serviceexport_test.go | 16 +- test/suites/integration/tlsroute_test.go | 14 +- .../vpc_association_policy_test.go | 6 +- 70 files changed, 1660 insertions(+), 22597 deletions(-) delete mode 100644 config/crds/bases/k8s-gateway-v0.6.1.yaml delete mode 100644 config/crds/bases/k8s-gateway-v1.0.0.yaml delete mode 100644 helm/crds/k8s-gateway-v0.6.1.yaml diff --git a/Dockerfile b/Dockerfile index 9b8fdc00..9bb2c2b1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.20.5 as builder +FROM --platform=$BUILDPLATFORM golang:1.23.0 as builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/cmd/aws-application-networking-k8s/main.go b/cmd/aws-application-networking-k8s/main.go index 50504813..9f1ac1a9 100644 --- a/cmd/aws-application-networking-k8s/main.go +++ b/cmd/aws-application-networking-k8s/main.go @@ -19,6 +19,7 @@ package main import ( "flag" "os" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" "strings" "github.com/aws/aws-application-networking-k8s/pkg/webhook" @@ -39,14 +40,11 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/healthz" + "github.com/aws/aws-application-networking-k8s/pkg/controllers" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime/schema" "sigs.k8s.io/external-dns/endpoint" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" - - "github.com/aws/aws-application-networking-k8s/pkg/controllers" - + gwv1 "sigs.k8s.io/gateway-api/apis/v1" //+kubebuilder:scaffold:imports anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/aws/aws-application-networking-k8s/pkg/config" @@ -66,7 +64,7 @@ func init() { //+kubebuilder:scaffold:scheme utilruntime.Must(gwv1alpha2.AddToScheme(scheme)) - utilruntime.Must(gwv1beta1.AddToScheme(scheme)) + utilruntime.Must(gwv1.AddToScheme(scheme)) utilruntime.Must(anv1alpha1.AddToScheme(scheme)) utilruntime.Must(discoveryv1.AddToScheme(scheme)) addOptionalCRDs(scheme) diff --git a/config/crds/bases/k8s-gateway-v0.6.1.yaml b/config/crds/bases/k8s-gateway-v0.6.1.yaml deleted file mode 100644 index 5478e72f..00000000 --- a/config/crds/bases/k8s-gateway-v0.6.1.yaml +++ /dev/null @@ -1,6145 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gatewayclasses.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GatewayClass - listKind: GatewayClassList - plural: gatewayclasses - shortNames: - - gc - singular: gatewayclass - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - deprecated: true - deprecationWarning: The v1alpha2 version of GatewayClass has been deprecated and - will be removed in a future release of the API. Please upgrade to v1beta1. - name: v1alpha2 - schema: - openAPIV3Schema: - description: "GatewayClass describes a class of Gateways available to the - user for creating Gateway resources. \n It is recommended that this resource - be used as a template for Gateways. This means that a Gateway is based on - the state of the GatewayClass at the time it was created and changes to - the GatewayClass or associated parameters are not propagated down to existing - Gateways. This recommendation is intended to limit the blast radius of changes - to GatewayClass or associated parameters. If implementations choose to propagate - GatewayClass changes to existing Gateways, that MUST be clearly documented - by the implementation. \n Whenever one or more Gateways are using a GatewayClass, - implementations MUST add the `gateway-exists-finalizer.gateway.networking.k8s.io` - finalizer on the associated GatewayClass. This ensures that a GatewayClass - associated with a Gateway is not deleted while in use. \n GatewayClass is - a Cluster level resource." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: "ControllerName is the name of the controller that is - managing Gateways of this class. The value of this field MUST be - a domain prefixed path. \n Example: \"example.net/gateway-controller\". - \n This field is not mutable and cannot be empty. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: "ParametersRef is a reference to a resource that contains - the configuration parameters corresponding to the GatewayClass. - This is optional if the controller does not require any additional - configuration. \n ParametersRef can reference a standard Kubernetes - resource, i.e. ConfigMap, or an implementation-specific custom resource. - The resource can be cluster-scoped or namespace-scoped. \n If the - referent cannot be found, the GatewayClass's \"InvalidParameters\" - status condition will be true. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Waiting - status: Unknown - type: Accepted - description: Status defines the current state of GatewayClass. - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: "Conditions is the current status from the controller - for this GatewayClass. \n Controllers should prefer to publish conditions - using values of GatewayClassConditionType for the type of each Condition." - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: "GatewayClass describes a class of Gateways available to the - user for creating Gateway resources. \n It is recommended that this resource - be used as a template for Gateways. This means that a Gateway is based on - the state of the GatewayClass at the time it was created and changes to - the GatewayClass or associated parameters are not propagated down to existing - Gateways. This recommendation is intended to limit the blast radius of changes - to GatewayClass or associated parameters. If implementations choose to propagate - GatewayClass changes to existing Gateways, that MUST be clearly documented - by the implementation. \n Whenever one or more Gateways are using a GatewayClass, - implementations MUST add the `gateway-exists-finalizer.gateway.networking.k8s.io` - finalizer on the associated GatewayClass. This ensures that a GatewayClass - associated with a Gateway is not deleted while in use. \n GatewayClass is - a Cluster level resource." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: "ControllerName is the name of the controller that is - managing Gateways of this class. The value of this field MUST be - a domain prefixed path. \n Example: \"example.net/gateway-controller\". - \n This field is not mutable and cannot be empty. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: "ParametersRef is a reference to a resource that contains - the configuration parameters corresponding to the GatewayClass. - This is optional if the controller does not require any additional - configuration. \n ParametersRef can reference a standard Kubernetes - resource, i.e. ConfigMap, or an implementation-specific custom resource. - The resource can be cluster-scoped or namespace-scoped. \n If the - referent cannot be found, the GatewayClass's \"InvalidParameters\" - status condition will be true. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Waiting - status: Unknown - type: Accepted - description: Status defines the current state of GatewayClass. - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: "Conditions is the current status from the controller - for this GatewayClass. \n Controllers should prefer to publish conditions - using values of GatewayClassConditionType for the type of each Condition." - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gateways.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: Gateway - listKind: GatewayList - plural: gateways - shortNames: - - gtw - singular: gateway - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: The v1alpha2 version of Gateway has been deprecated and will - be removed in a future release of the API. Please upgrade to v1beta1. - name: v1alpha2 - schema: - openAPIV3Schema: - description: Gateway represents an instance of a service-traffic handling - infrastructure by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: "Addresses requested for this Gateway. This is optional - and behavior can depend on the implementation. If a value is set - in the spec and the requested address is invalid or unavailable, - the implementation MUST indicate this in the associated entry in - GatewayStatus.Addresses. \n The Addresses field represents a request - for the address(es) on the \"outside of the Gateway\", that traffic - bound for this Gateway will use. This could be the IP address or - hostname of an external load balancer or other networking infrastructure, - or some other address that traffic will be sent to. \n The .listener.hostname - field is used to route traffic that has already arrived at the Gateway - to the correct in-cluster destination. \n If no Addresses are specified, - the implementation MAY schedule the Gateway in an implementation-specific - manner, assigning an appropriate set of Addresses. \n The implementation - MUST bind all Listeners to every GatewayAddress that it assigns - to the Gateway and add a corresponding entry in GatewayStatus.Addresses. - \n Support: Extended" - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - gatewayClassName: - description: GatewayClassName used for this Gateway. This is the name - of a GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - listeners: - description: "Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. At - least one Listener MUST be specified. \n Each listener in a Gateway - must have a unique combination of Hostname, Port, and Protocol. - \n An implementation MAY group Listeners by Port and then collapse - each group of Listeners into a single Listener if the implementation - determines that the Listeners in the group are \"compatible\". An - implementation MAY also group together and collapse compatible Listeners - belonging to different Gateways. \n For example, an implementation - might consider Listeners to be compatible with each other if all - of the following conditions are met: \n 1. Either each Listener - within the group specifies the \"HTTP\" Protocol or each Listener - within the group specifies either the \"HTTPS\" or \"TLS\" Protocol. - \n 2. Each Listener within the group specifies a Hostname that is - unique within the group. \n 3. As a special case, one Listener - within a group may omit Hostname, in which case this Listener - matches when no other Listener matches. \n If the implementation - does collapse compatible Listeners, the hostname provided in the - incoming client request MUST be matched to a Listener to find the - correct set of Routes. The incoming hostname MUST be matched using - the Hostname field for each Listener in order of most to least specific. - That is, exact matches must be processed before wildcard matches. - \n If this field specifies multiple Listeners that have the same - Port value but are not compatible, the implementation must raise - a \"Conflicted\" condition in the Listener status. \n Support: Core" - items: - description: Listener embodies the concept of a logical endpoint - where a Gateway accepts network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: "AllowedRoutes defines the types of routes that - MAY be attached to a Listener and the trusted namespaces where - those Route resources MAY be present. \n Although a client - request may match multiple route rules, only one rule may - ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: \n * The most - specific match as defined by the Route type. * The oldest - Route based on creation timestamp. For example, a Route with - \ a creation timestamp of \"2020-09-08 01:02:03\" is given - precedence over a Route with a creation timestamp of \"2020-09-08 - 01:02:04\". * If everything else is equivalent, the Route - appearing first in alphabetical order (namespace/name) should - be given precedence. For example, foo/bar is given precedence - over foo/baz. \n All valid rules within a Route attached to - this Listener should be implemented. Invalid Route rules can - be ignored (sometimes that will mean the full Route). If a - Route rule transitions from valid to invalid, support for - that Route rule should be dropped to ensure consistency. For - example, even if a filter specified by a Route rule is invalid, - the rest of the rules within that Route should still be supported. - \n Support: Core" - properties: - kinds: - description: "Kinds specifies the groups and kinds of Routes - that are allowed to bind to this Gateway Listener. When - unspecified or empty, the kinds of Routes selected are - determined using the Listener protocol. \n A RouteGroupKind - MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's - Protocol field. If an implementation does not support - or recognize this resource type, it MUST set the \"ResolvedRefs\" - condition to False for this Listener with the \"InvalidRouteKinds\" - reason. \n Support: Core" - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: "Namespaces indicates namespaces from which - Routes may be attached to this Listener. This is restricted - to the namespace of this Gateway by default. \n Support: - Core" - properties: - from: - default: Same - description: "From indicates where Routes will be selected - for this Gateway. Possible values are: * All: Routes - in all namespaces may be used by this Gateway. * Selector: - Routes in namespaces selected by the selector may - be used by this Gateway. * Same: Only Routes in - the same namespace may be used by this Gateway. \n - Support: Core" - enum: - - All - - Selector - - Same - type: string - selector: - description: "Selector must be specified when From is - set to \"Selector\". In that case, only Routes in - Namespaces matching this Selector will be selected - by this Gateway. This field is ignored for other values - of \"From\". \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - type: object - type: object - hostname: - description: "Hostname specifies the virtual hostname to match - for protocol types that define this concept. When unspecified, - all hostnames are matched. This field is ignored for protocols - that don't require hostname based matching. \n Implementations - MUST apply Hostname matching appropriately for each of the - following protocols: \n * TLS: The Listener Hostname MUST - match the SNI. * HTTP: The Listener Hostname MUST match the - Host header of the request. * HTTPS: The Listener Hostname - SHOULD match at both the TLS and HTTP protocol layers as - described above. If an implementation does not ensure that - both the SNI and Host header match the Listener hostname, - \ it MUST clearly document that. \n For HTTPRoute and TLSRoute - resources, there is an interaction with the `spec.hostnames` - array. When both listener and route specify hostnames, there - MUST be an intersection between the values for a Route to - be accepted. For more information, refer to the Route specific - Hostnames documentation. \n Hostnames that are prefixed with - a wildcard label (`*.`) are interpreted as a suffix match. - That means that a match for `*.example.com` would match both - `test.example.com`, and `foo.test.example.com`, but not `example.com`. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: "Name is the name of the Listener. This name MUST - be unique within a Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the network port. Multiple listeners may - use the same port, subject to the Listener compatibility rules. - \n Support: Core" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: "Protocol specifies the network protocol this listener - expects to receive. \n Support: Core" - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: "TLS is the TLS configuration for the Listener. - This field is required if the Protocol field is \"HTTPS\" - or \"TLS\". It is invalid to set this field if the Protocol - field is \"HTTP\", \"TCP\", or \"UDP\". \n The association - of SNIs to Certificate defined in GatewayTLSConfig is defined - based on the Hostname field for this listener. \n The GatewayClass - MUST use the longest matching SNI out of all available certificates - for any TLS handshake. \n Support: Core" - properties: - certificateRefs: - description: "CertificateRefs contains a series of references - to Kubernetes objects that contains TLS certificates and - private keys. These certificates are used to establish - a TLS handshake for requests that match the hostname of - the associated listener. \n A single CertificateRef to - a Kubernetes Secret has \"Core\" support. Implementations - MAY choose to support attaching multiple certificates - to a Listener, but this behavior is implementation-specific. - \n References to a resource in different namespace are - invalid UNLESS there is a ReferenceGrant in the target - namespace that allows the certificate to be attached. - If a ReferenceGrant does not allow this reference, the - \"ResolvedRefs\" condition MUST be set to False for this - listener with the \"RefNotPermitted\" reason. \n This - field is required to have at least one element when the - mode is set to \"Terminate\" (default) and is optional - otherwise. \n CertificateRefs can reference to standard - Kubernetes resources, i.e. Secret, or implementation-specific - custom resources. \n Support: Core - A single reference - to a Kubernetes Secret of type kubernetes.io/tls \n Support: - Implementation-specific (More than one reference or other - resource types)" - items: - description: "SecretObjectReference identifies an API - object including its namespace, defaulting to Secret. - \n The API object must be valid in the cluster; the - Group and Kind must be registered in the cluster for - this reference to be valid. \n References to objects - with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate - Conditions set on the containing object." - properties: - group: - default: "" - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. - \n Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to - allow that namespace's owner to accept the reference. - See the ReferenceGrant documentation for details. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: "Mode defines the TLS behavior for the TLS - session initiated by the client. There are two possible - modes: \n - Terminate: The TLS session between the downstream - client and the Gateway is terminated at the Gateway. - This mode requires certificateRefs to be set and contain - at least one element. - Passthrough: The TLS session is - NOT terminated by the Gateway. This implies that the - Gateway can't decipher the TLS stream except for the - ClientHello message of the TLS protocol. CertificateRefs - field is ignored in this mode. \n Support: Core" - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: AnnotationValue is the value of an annotation - in Gateway API. This is used for validation of maps - such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation - in that case is based on the entire size of the annotations - struct. - maxLength: 4096 - minLength: 0 - type: string - description: "Options are a list of key/value pairs to enable - extended TLS configuration for each implementation. For - example, configuring the minimum TLS version or supported - cipher suites. \n A set of common keys MAY be defined - by the API in the future. To avoid any ambiguity, implementation-specific - definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by - Gateway API. \n Support: Implementation-specific" - maxProperties: 16 - type: object - type: object - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: NotReconciled - status: Unknown - type: Accepted - description: Status defines the current state of Gateway. - properties: - addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses - in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: "Conditions describe the current conditions of the Gateway. - \n Implementations should prefer to express Gateway conditions using - the `GatewayConditionType` and `GatewayConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe Gateway state. \n Known condition types are: \n * \"Accepted\" - * \"Ready\"" - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: AttachedRoutes represents the total number of Routes - that have been successfully attached to this Listener. - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: "SupportedKinds is the list indicating the Kinds - supported by this listener. This MUST represent the kinds - an implementation supports for that Listener configuration. - \n If kinds are specified in Spec that are not supported, - they MUST NOT appear in this list and an implementation MUST - set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\" - reason. If both valid and invalid Route kinds are specified, - the implementation MUST reference the valid Route kinds that - have been specified." - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Gateway represents an instance of a service-traffic handling - infrastructure by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: "Addresses requested for this Gateway. This is optional - and behavior can depend on the implementation. If a value is set - in the spec and the requested address is invalid or unavailable, - the implementation MUST indicate this in the associated entry in - GatewayStatus.Addresses. \n The Addresses field represents a request - for the address(es) on the \"outside of the Gateway\", that traffic - bound for this Gateway will use. This could be the IP address or - hostname of an external load balancer or other networking infrastructure, - or some other address that traffic will be sent to. \n The .listener.hostname - field is used to route traffic that has already arrived at the Gateway - to the correct in-cluster destination. \n If no Addresses are specified, - the implementation MAY schedule the Gateway in an implementation-specific - manner, assigning an appropriate set of Addresses. \n The implementation - MUST bind all Listeners to every GatewayAddress that it assigns - to the Gateway and add a corresponding entry in GatewayStatus.Addresses. - \n Support: Extended" - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - gatewayClassName: - description: GatewayClassName used for this Gateway. This is the name - of a GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - listeners: - description: "Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. At - least one Listener MUST be specified. \n Each listener in a Gateway - must have a unique combination of Hostname, Port, and Protocol. - \n An implementation MAY group Listeners by Port and then collapse - each group of Listeners into a single Listener if the implementation - determines that the Listeners in the group are \"compatible\". An - implementation MAY also group together and collapse compatible Listeners - belonging to different Gateways. \n For example, an implementation - might consider Listeners to be compatible with each other if all - of the following conditions are met: \n 1. Either each Listener - within the group specifies the \"HTTP\" Protocol or each Listener - within the group specifies either the \"HTTPS\" or \"TLS\" Protocol. - \n 2. Each Listener within the group specifies a Hostname that is - unique within the group. \n 3. As a special case, one Listener - within a group may omit Hostname, in which case this Listener - matches when no other Listener matches. \n If the implementation - does collapse compatible Listeners, the hostname provided in the - incoming client request MUST be matched to a Listener to find the - correct set of Routes. The incoming hostname MUST be matched using - the Hostname field for each Listener in order of most to least specific. - That is, exact matches must be processed before wildcard matches. - \n If this field specifies multiple Listeners that have the same - Port value but are not compatible, the implementation must raise - a \"Conflicted\" condition in the Listener status. \n Support: Core" - items: - description: Listener embodies the concept of a logical endpoint - where a Gateway accepts network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: "AllowedRoutes defines the types of routes that - MAY be attached to a Listener and the trusted namespaces where - those Route resources MAY be present. \n Although a client - request may match multiple route rules, only one rule may - ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: \n * The most - specific match as defined by the Route type. * The oldest - Route based on creation timestamp. For example, a Route with - \ a creation timestamp of \"2020-09-08 01:02:03\" is given - precedence over a Route with a creation timestamp of \"2020-09-08 - 01:02:04\". * If everything else is equivalent, the Route - appearing first in alphabetical order (namespace/name) should - be given precedence. For example, foo/bar is given precedence - over foo/baz. \n All valid rules within a Route attached to - this Listener should be implemented. Invalid Route rules can - be ignored (sometimes that will mean the full Route). If a - Route rule transitions from valid to invalid, support for - that Route rule should be dropped to ensure consistency. For - example, even if a filter specified by a Route rule is invalid, - the rest of the rules within that Route should still be supported. - \n Support: Core" - properties: - kinds: - description: "Kinds specifies the groups and kinds of Routes - that are allowed to bind to this Gateway Listener. When - unspecified or empty, the kinds of Routes selected are - determined using the Listener protocol. \n A RouteGroupKind - MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's - Protocol field. If an implementation does not support - or recognize this resource type, it MUST set the \"ResolvedRefs\" - condition to False for this Listener with the \"InvalidRouteKinds\" - reason. \n Support: Core" - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: "Namespaces indicates namespaces from which - Routes may be attached to this Listener. This is restricted - to the namespace of this Gateway by default. \n Support: - Core" - properties: - from: - default: Same - description: "From indicates where Routes will be selected - for this Gateway. Possible values are: * All: Routes - in all namespaces may be used by this Gateway. * Selector: - Routes in namespaces selected by the selector may - be used by this Gateway. * Same: Only Routes in - the same namespace may be used by this Gateway. \n - Support: Core" - enum: - - All - - Selector - - Same - type: string - selector: - description: "Selector must be specified when From is - set to \"Selector\". In that case, only Routes in - Namespaces matching this Selector will be selected - by this Gateway. This field is ignored for other values - of \"From\". \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - type: object - type: object - hostname: - description: "Hostname specifies the virtual hostname to match - for protocol types that define this concept. When unspecified, - all hostnames are matched. This field is ignored for protocols - that don't require hostname based matching. \n Implementations - MUST apply Hostname matching appropriately for each of the - following protocols: \n * TLS: The Listener Hostname MUST - match the SNI. * HTTP: The Listener Hostname MUST match the - Host header of the request. * HTTPS: The Listener Hostname - SHOULD match at both the TLS and HTTP protocol layers as - described above. If an implementation does not ensure that - both the SNI and Host header match the Listener hostname, - \ it MUST clearly document that. \n For HTTPRoute and TLSRoute - resources, there is an interaction with the `spec.hostnames` - array. When both listener and route specify hostnames, there - MUST be an intersection between the values for a Route to - be accepted. For more information, refer to the Route specific - Hostnames documentation. \n Hostnames that are prefixed with - a wildcard label (`*.`) are interpreted as a suffix match. - That means that a match for `*.example.com` would match both - `test.example.com`, and `foo.test.example.com`, but not `example.com`. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: "Name is the name of the Listener. This name MUST - be unique within a Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the network port. Multiple listeners may - use the same port, subject to the Listener compatibility rules. - \n Support: Core" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: "Protocol specifies the network protocol this listener - expects to receive. \n Support: Core" - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: "TLS is the TLS configuration for the Listener. - This field is required if the Protocol field is \"HTTPS\" - or \"TLS\". It is invalid to set this field if the Protocol - field is \"HTTP\", \"TCP\", or \"UDP\". \n The association - of SNIs to Certificate defined in GatewayTLSConfig is defined - based on the Hostname field for this listener. \n The GatewayClass - MUST use the longest matching SNI out of all available certificates - for any TLS handshake. \n Support: Core" - properties: - certificateRefs: - description: "CertificateRefs contains a series of references - to Kubernetes objects that contains TLS certificates and - private keys. These certificates are used to establish - a TLS handshake for requests that match the hostname of - the associated listener. \n A single CertificateRef to - a Kubernetes Secret has \"Core\" support. Implementations - MAY choose to support attaching multiple certificates - to a Listener, but this behavior is implementation-specific. - \n References to a resource in different namespace are - invalid UNLESS there is a ReferenceGrant in the target - namespace that allows the certificate to be attached. - If a ReferenceGrant does not allow this reference, the - \"ResolvedRefs\" condition MUST be set to False for this - listener with the \"RefNotPermitted\" reason. \n This - field is required to have at least one element when the - mode is set to \"Terminate\" (default) and is optional - otherwise. \n CertificateRefs can reference to standard - Kubernetes resources, i.e. Secret, or implementation-specific - custom resources. \n Support: Core - A single reference - to a Kubernetes Secret of type kubernetes.io/tls \n Support: - Implementation-specific (More than one reference or other - resource types)" - items: - description: "SecretObjectReference identifies an API - object including its namespace, defaulting to Secret. - \n The API object must be valid in the cluster; the - Group and Kind must be registered in the cluster for - this reference to be valid. \n References to objects - with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate - Conditions set on the containing object." - properties: - group: - default: "" - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. - \n Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to - allow that namespace's owner to accept the reference. - See the ReferenceGrant documentation for details. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: "Mode defines the TLS behavior for the TLS - session initiated by the client. There are two possible - modes: \n - Terminate: The TLS session between the downstream - client and the Gateway is terminated at the Gateway. - This mode requires certificateRefs to be set and contain - at least one element. - Passthrough: The TLS session is - NOT terminated by the Gateway. This implies that the - Gateway can't decipher the TLS stream except for the - ClientHello message of the TLS protocol. CertificateRefs - field is ignored in this mode. \n Support: Core" - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: AnnotationValue is the value of an annotation - in Gateway API. This is used for validation of maps - such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation - in that case is based on the entire size of the annotations - struct. - maxLength: 4096 - minLength: 0 - type: string - description: "Options are a list of key/value pairs to enable - extended TLS configuration for each implementation. For - example, configuring the minimum TLS version or supported - cipher suites. \n A set of common keys MAY be defined - by the API in the future. To avoid any ambiguity, implementation-specific - definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by - Gateway API. \n Support: Implementation-specific" - maxProperties: 16 - type: object - type: object - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: NotReconciled - status: Unknown - type: Accepted - description: Status defines the current state of Gateway. - properties: - addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses - in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: "Conditions describe the current conditions of the Gateway. - \n Implementations should prefer to express Gateway conditions using - the `GatewayConditionType` and `GatewayConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe Gateway state. \n Known condition types are: \n * \"Accepted\" - * \"Ready\"" - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: AttachedRoutes represents the total number of Routes - that have been successfully attached to this Listener. - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: "SupportedKinds is the list indicating the Kinds - supported by this listener. This MUST represent the kinds - an implementation supports for that Listener configuration. - \n If kinds are specified in Spec that are not supported, - they MUST NOT appear in this list and an implementation MUST - set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\" - reason. If both valid and invalid Route kinds are specified, - the implementation MUST reference the valid Route kinds that - have been specified." - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: httproutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: HTTPRoute - listKind: HTTPRouteList - plural: httproutes - singular: httproute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: The v1alpha2 version of HTTPRoute has been deprecated and - will be removed in a future release of the API. Please upgrade to v1beta1. - name: v1alpha2 - schema: - openAPIV3Schema: - description: HTTPRoute provides a way to route HTTP requests. This includes - the capability to match requests by hostname, path, header, or query param. - Filters can be used to specify additional processing steps. Backends specify - where matching requests should be routed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostname that should match - against the HTTP Host header to select a HTTPRoute to process the - request. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname may - be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n If a hostname is specified - by both the Listener and HTTPRoute, there must be at least one intersecting - hostname for the HTTPRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - HTTPRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - \ that have either not specified any hostnames or have specified - at least one hostname that matches the Listener hostname. For - example, `*.example.com`, `test.example.com`, and `foo.test.example.com` - would all match. On the other hand, `example.com` and `test.example.net` - would not match. \n Hostnames that are prefixed with a wildcard - label (`*.`) are interpreted as a suffix match. That means that - a match for `*.example.com` would match both `test.example.com`, - and `foo.test.example.com`, but not `example.com`. \n If both the - Listener and HTTPRoute have specified hostnames, any HTTPRoute hostnames - that do not match the Listener hostname MUST be ignored. For example, - if a Listener specified `*.example.com`, and the HTTPRoute specified - `test.example.com` and `test.example.net`, `test.example.net` must - not be considered for a match. \n If both the Listener and HTTPRoute - have specified hostnames, and none match with the criteria above, - then the HTTPRoute is not accepted. The implementation must raise - an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n In the event that multiple HTTPRoutes specify - intersecting hostnames (e.g. overlapping wildcard matching and exact - matching hostnames), precedence must be given to rules from the - HTTPRoute with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. \n If - ties exist across multiple Routes, the matching precedence rules - for HTTPRouteMatches takes over. \n Support: Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. \n The only kind of parent resource - with \"Core\" support is Gateway. This API may be extended in the - future to support additional kinds of parent resources such as one - of the route kinds. \n It is invalid to reference an identical parent - more than once. It is valid to reference multiple distinct sections - within the same parent resource, such as 2 Listeners within a Gateway. - \n It is possible to separately reference multiple distinct objects - that may be collapsed by an implementation. For example, some implementations - may choose to merge compatible Gateway Listeners together. If that - is the case, the list of routes attached to those resources should - also be merged. \n Note that for ParentRefs that cross namespace - boundaries, there are specific rules. Cross-namespace references - are only valid if they are explicitly allowed by something in the - namespace they are referring to. For example, Gateway has the AllowedRoutes - field, and ReferenceGrant provides a generic way to enable any other - kind of cross-namespace reference." - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). The only kind of parent resource with \"Core\" support - is Gateway. This API may be extended in the future to support - additional kinds of parent resources, such as HTTPRoute. \n The - API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: Core - (Gateway) \n Support: Implementation-specific (Other Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. \n Implementations MAY choose to support - attaching Routes to other resources. If that is the case, - they MUST clearly document how SectionName is interpreted. - \n When unspecified (empty string), this will reference the - entire resource. For the purpose of status, an attachment - is considered successful if at least one section in the parent - resource accepts it. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: Rules are a list of HTTP matchers, filters and actions. - items: - description: HTTPRouteRule defines semantics for matching an HTTP - request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive a 500 status code. \n - See the HTTPBackendRef definition for the rules about what - makes a single HTTPBackendRef invalid. \n When a HTTPBackendRef - is invalid, 500 status codes MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive a 500 status code. - \n For example, if two backends are specified with equal weights, - and one is invalid, 50 percent of traffic must receive a 500. - Implementations may choose how that 50 percent is determined. - \n Support: Core for Kubernetes Service \n Support: Implementation-specific - for any other resource \n Support for weight: Core" - items: - description: HTTPBackendRef defines how a HTTPRoute should - forward an HTTP request. - properties: - filters: - description: "Filters defined at this level should be - executed if and only if the request is being forwarded - to the backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in HTTPRouteRule.)" - items: - description: HTTPRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n If the - referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the - underlying implementation. \n If there is - a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: - False`, with the \"RefNotPermitted\" reason - and not configure this backend in the underlying - implementation. \n In either error case, the - Message of the `ResolvedRefs` Condition should - be used to provide more detail about the problem. - \n Support: Extended for Kubernetes Service - \n Support: Implementation-specific for any - other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. - For example "HTTPRoute" or "Service". - Defaults to "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for - a filter that responds to the request with an - HTTP redirection. \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be - used in the value of the `Location` header - in the response. When empty, the hostname - of the request is used. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in - the value of the `Location` header in the - response. When empty, port (if specified) - of the request is used. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used - in the value of the `Location` header in the - response. When empty, the scheme of the request - is used. \n Note that values may be added - to this enum, implementations must ensure - that unknown values will not cause a crash. - \n Unknown values here must result in the - implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status - code to be used in response. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result - in the implementation setting the Accepted - Condition for the Route to `status: False`, - with a Reason of `UnsupportedValue`. \n Support: - Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - must support core filters. \n - Extended: Filter - types and their corresponding configuration defined - by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations - will be considered for inclusion in extended or - core conformance levels. Filter-specific configuration - for such filters is specified using the ExtensionRef - field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result in - the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". Defaults to "Service" when - not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow - that namespace's owner to accept the reference. See - the ReferenceGrant documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations. - Implementers are encouraged to support - extended filters. - Implementation-specific custom filters - have no API guarantees across implementations. \n Specifying - a core filter multiple times has unspecified or implementation-specific - conformance. \n All filters are expected to be compatible - with each other except for the URLRewrite and RequestRedirect - filters, which may not be combined. If an implementation can - not support other combinations of filters, they must clearly - document that limitation. In all cases where incompatible - or unsupported filters are specified, implementations MUST - add a warning condition to status. \n Support: Core" - items: - description: HTTPRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - HTTPRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n If the referent cannot - be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route status - is set to `status: False` and not configure this - backend in the underlying implementation. \n If - there is a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: False`, - with the \"RefNotPermitted\" reason and not configure - this backend in the underlying implementation. \n - In either error case, the Message of the `ResolvedRefs` - Condition should be used to provide more detail - about the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific for - any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". Defaults to - "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace is - specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for a filter - that responds to the request with an HTTP redirection. - \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be used - in the value of the `Location` header in the response. - When empty, the hostname of the request is used. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in the value - of the `Location` header in the response. When empty, - port (if specified) of the request is used. \n Support: - Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used in the - value of the `Location` header in the response. - When empty, the scheme of the request is used. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a - crash. \n Unknown values here must result in the - implementation setting the Accepted Condition for - the Route to `status: False`, with a Reason of `UnsupportedValue`. - \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status code to - be used in response. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. \n Unknown - values here must result in the implementation setting - the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n - Support: Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations must support core filters. \n - - Extended: Filter types and their corresponding configuration - defined by \"Support: Extended\" in this package, - e.g. \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations will be - considered for inclusion in extended or core conformance - levels. Filter-specific configuration for such filters - \ is specified using the ExtensionRef field. `Type` - should be set to \"ExtensionRef\" for custom filters. - \n Implementers are encouraged to define custom implementation - types to extend the core API with implementation-specific - behavior. \n If a reference to a custom filter type - cannot be resolved, the filter MUST NOT be skipped. - Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. \n Note - that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - \n Unknown values here must result in the implementation - setting the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - matches: - default: - - path: - type: PathPrefix - value: / - description: "Matches define conditions used for matching the - rule against incoming HTTP requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - path: value: \"/foo\" headers: - - name: \"version\" value: \"v2\" - path: value: \"/v2/foo\" - ``` \n For a request to match against this rule, a request - must satisfy EITHER of the two conditions: \n - path prefixed - with `/foo` AND contains the header `version: v2` - path prefix - of `/v2/foo` \n See the documentation for HTTPRouteMatch on - how to specify multiple match conditions that should be ANDed - together. \n If no matches are specified, the default is a - prefix path match on \"/\", which has the effect of matching - every HTTP request. \n Proxy or Load Balancer routing configuration - generated from HTTPRoutes MUST prioritize matches based on - the following criteria, continuing on ties. Across all rules - specified on applicable Routes, precedence must be given to - the match with the largest number of: \n * Characters in a - matching path. * Header matches. * Query param matches. \n - If ties still exist across multiple Routes, matching precedence - MUST be determined in order of the following criteria, continuing - on ties: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n If ties still exist within an HTTPRoute, matching precedence - MUST be granted to the FIRST matching rule (in list order) - with a match meeting the above criteria. \n When no rules - matching a request have been successfully attached to the - parent a request is coming from, a HTTP 404 status code MUST - be returned." - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a HTTP request only if its path starts - with `/foo` AND it contains the `version: v1` header: \n - ``` match: \n \tpath: \t value: \"/foo\" \theaders: \t- - name: \"version\" \t value \"v1\" \n ```" - properties: - headers: - description: Headers specifies HTTP request header matchers. - Multiple match values are ANDed together, meaning, a - request must match all the specified headers to select - the route. - items: - description: HTTPHeaderMatch describes how to select - a HTTP route by matching HTTP request headers. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case insensitive. - (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent header - names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be - ignored. Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered equivalent. - \n When a header is repeated in an HTTP request, - it is implementation-specific behavior as to how - this is represented. Generally, proxies should - follow the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, with special - handling for \"Set-Cookie\"." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the header. \n Support: Core (Exact) - \n Support: Implementation-specific (RegularExpression) - \n Since RegularExpression HeaderMatchType has - implementation-specific conformance, implementations - can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's - documentation to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: "Method specifies HTTP method matcher. When - specified, this route will be matched only if the request - has the specified method. \n Support: Extended" - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: Path specifies a HTTP request path matcher. - If this field is not specified, a default prefix match - on the "/" path is provided. - properties: - type: - default: PathPrefix - description: "Type specifies how to match against - the path Value. \n Support: Core (Exact, PathPrefix) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - queryParams: - description: "QueryParams specifies HTTP query parameter - matchers. Multiple match values are ANDed together, - meaning, a request must match all the specified query - parameters to select the route. \n Support: Extended" - items: - description: HTTPQueryParamMatch describes how to select - a HTTP route by matching HTTP query parameters. - properties: - name: - description: "Name is the name of the HTTP query - param to be matched. This must be an exact string - match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent query - param names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST - be ignored. \n If a query param is repeated in - an HTTP request, the behavior is purposely left - undefined, since different data planes have different - capabilities. However, it is *recommended* that - implementations should match against the first - value of the param if the data plane supports - it, as this behavior is expected in other load - balancing contexts outside of the Gateway API. - \n Users SHOULD NOT route traffic based on repeated - query params to guard themselves against potential - differences in the implementations." - maxLength: 256 - minLength: 1 - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the query parameter. \n Support: - Extended (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, - PCRE or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: - Core (Gateway) \n Support: Implementation-specific (Other - Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY - choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HTTPRoute provides a way to route HTTP requests. This includes - the capability to match requests by hostname, path, header, or query param. - Filters can be used to specify additional processing steps. Backends specify - where matching requests should be routed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostname that should match - against the HTTP Host header to select a HTTPRoute to process the - request. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname may - be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n If a hostname is specified - by both the Listener and HTTPRoute, there must be at least one intersecting - hostname for the HTTPRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - HTTPRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - \ that have either not specified any hostnames or have specified - at least one hostname that matches the Listener hostname. For - example, `*.example.com`, `test.example.com`, and `foo.test.example.com` - would all match. On the other hand, `example.com` and `test.example.net` - would not match. \n Hostnames that are prefixed with a wildcard - label (`*.`) are interpreted as a suffix match. That means that - a match for `*.example.com` would match both `test.example.com`, - and `foo.test.example.com`, but not `example.com`. \n If both the - Listener and HTTPRoute have specified hostnames, any HTTPRoute hostnames - that do not match the Listener hostname MUST be ignored. For example, - if a Listener specified `*.example.com`, and the HTTPRoute specified - `test.example.com` and `test.example.net`, `test.example.net` must - not be considered for a match. \n If both the Listener and HTTPRoute - have specified hostnames, and none match with the criteria above, - then the HTTPRoute is not accepted. The implementation must raise - an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n In the event that multiple HTTPRoutes specify - intersecting hostnames (e.g. overlapping wildcard matching and exact - matching hostnames), precedence must be given to rules from the - HTTPRoute with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. \n If - ties exist across multiple Routes, the matching precedence rules - for HTTPRouteMatches takes over. \n Support: Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. \n The only kind of parent resource - with \"Core\" support is Gateway. This API may be extended in the - future to support additional kinds of parent resources such as one - of the route kinds. \n It is invalid to reference an identical parent - more than once. It is valid to reference multiple distinct sections - within the same parent resource, such as 2 Listeners within a Gateway. - \n It is possible to separately reference multiple distinct objects - that may be collapsed by an implementation. For example, some implementations - may choose to merge compatible Gateway Listeners together. If that - is the case, the list of routes attached to those resources should - also be merged. \n Note that for ParentRefs that cross namespace - boundaries, there are specific rules. Cross-namespace references - are only valid if they are explicitly allowed by something in the - namespace they are referring to. For example, Gateway has the AllowedRoutes - field, and ReferenceGrant provides a generic way to enable any other - kind of cross-namespace reference." - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). The only kind of parent resource with \"Core\" support - is Gateway. This API may be extended in the future to support - additional kinds of parent resources, such as HTTPRoute. \n The - API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: Core - (Gateway) \n Support: Implementation-specific (Other Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. \n Implementations MAY choose to support - attaching Routes to other resources. If that is the case, - they MUST clearly document how SectionName is interpreted. - \n When unspecified (empty string), this will reference the - entire resource. For the purpose of status, an attachment - is considered successful if at least one section in the parent - resource accepts it. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: Rules are a list of HTTP matchers, filters and actions. - items: - description: HTTPRouteRule defines semantics for matching an HTTP - request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive a 500 status code. \n - See the HTTPBackendRef definition for the rules about what - makes a single HTTPBackendRef invalid. \n When a HTTPBackendRef - is invalid, 500 status codes MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive a 500 status code. - \n For example, if two backends are specified with equal weights, - and one is invalid, 50 percent of traffic must receive a 500. - Implementations may choose how that 50 percent is determined. - \n Support: Core for Kubernetes Service \n Support: Implementation-specific - for any other resource \n Support for weight: Core" - items: - description: HTTPBackendRef defines how a HTTPRoute should - forward an HTTP request. - properties: - filters: - description: "Filters defined at this level should be - executed if and only if the request is being forwarded - to the backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in HTTPRouteRule.)" - items: - description: HTTPRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n If the - referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the - underlying implementation. \n If there is - a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: - False`, with the \"RefNotPermitted\" reason - and not configure this backend in the underlying - implementation. \n In either error case, the - Message of the `ResolvedRefs` Condition should - be used to provide more detail about the problem. - \n Support: Extended for Kubernetes Service - \n Support: Implementation-specific for any - other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. - For example "HTTPRoute" or "Service". - Defaults to "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for - a filter that responds to the request with an - HTTP redirection. \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be - used in the value of the `Location` header - in the response. When empty, the hostname - of the request is used. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in - the value of the `Location` header in the - response. When empty, port (if specified) - of the request is used. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used - in the value of the `Location` header in the - response. When empty, the scheme of the request - is used. \n Note that values may be added - to this enum, implementations must ensure - that unknown values will not cause a crash. - \n Unknown values here must result in the - implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status - code to be used in response. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result - in the implementation setting the Accepted - Condition for the Route to `status: False`, - with a Reason of `UnsupportedValue`. \n Support: - Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - must support core filters. \n - Extended: Filter - types and their corresponding configuration defined - by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations - will be considered for inclusion in extended or - core conformance levels. Filter-specific configuration - for such filters is specified using the ExtensionRef - field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result in - the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". Defaults to "Service" when - not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow - that namespace's owner to accept the reference. See - the ReferenceGrant documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations. - Implementers are encouraged to support - extended filters. - Implementation-specific custom filters - have no API guarantees across implementations. \n Specifying - a core filter multiple times has unspecified or implementation-specific - conformance. \n All filters are expected to be compatible - with each other except for the URLRewrite and RequestRedirect - filters, which may not be combined. If an implementation can - not support other combinations of filters, they must clearly - document that limitation. In all cases where incompatible - or unsupported filters are specified, implementations MUST - add a warning condition to status. \n Support: Core" - items: - description: HTTPRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - HTTPRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n If the referent cannot - be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route status - is set to `status: False` and not configure this - backend in the underlying implementation. \n If - there is a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: False`, - with the \"RefNotPermitted\" reason and not configure - this backend in the underlying implementation. \n - In either error case, the Message of the `ResolvedRefs` - Condition should be used to provide more detail - about the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific for - any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". Defaults to - "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace is - specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for a filter - that responds to the request with an HTTP redirection. - \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be used - in the value of the `Location` header in the response. - When empty, the hostname of the request is used. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in the value - of the `Location` header in the response. When empty, - port (if specified) of the request is used. \n Support: - Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used in the - value of the `Location` header in the response. - When empty, the scheme of the request is used. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a - crash. \n Unknown values here must result in the - implementation setting the Accepted Condition for - the Route to `status: False`, with a Reason of `UnsupportedValue`. - \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status code to - be used in response. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. \n Unknown - values here must result in the implementation setting - the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n - Support: Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations must support core filters. \n - - Extended: Filter types and their corresponding configuration - defined by \"Support: Extended\" in this package, - e.g. \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations will be - considered for inclusion in extended or core conformance - levels. Filter-specific configuration for such filters - \ is specified using the ExtensionRef field. `Type` - should be set to \"ExtensionRef\" for custom filters. - \n Implementers are encouraged to define custom implementation - types to extend the core API with implementation-specific - behavior. \n If a reference to a custom filter type - cannot be resolved, the filter MUST NOT be skipped. - Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. \n Note - that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - \n Unknown values here must result in the implementation - setting the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - matches: - default: - - path: - type: PathPrefix - value: / - description: "Matches define conditions used for matching the - rule against incoming HTTP requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - path: value: \"/foo\" headers: - - name: \"version\" value: \"v2\" - path: value: \"/v2/foo\" - ``` \n For a request to match against this rule, a request - must satisfy EITHER of the two conditions: \n - path prefixed - with `/foo` AND contains the header `version: v2` - path prefix - of `/v2/foo` \n See the documentation for HTTPRouteMatch on - how to specify multiple match conditions that should be ANDed - together. \n If no matches are specified, the default is a - prefix path match on \"/\", which has the effect of matching - every HTTP request. \n Proxy or Load Balancer routing configuration - generated from HTTPRoutes MUST prioritize matches based on - the following criteria, continuing on ties. Across all rules - specified on applicable Routes, precedence must be given to - the match with the largest number of: \n * Characters in a - matching path. * Header matches. * Query param matches. \n - If ties still exist across multiple Routes, matching precedence - MUST be determined in order of the following criteria, continuing - on ties: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n If ties still exist within an HTTPRoute, matching precedence - MUST be granted to the FIRST matching rule (in list order) - with a match meeting the above criteria. \n When no rules - matching a request have been successfully attached to the - parent a request is coming from, a HTTP 404 status code MUST - be returned." - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a HTTP request only if its path starts - with `/foo` AND it contains the `version: v1` header: \n - ``` match: \n \tpath: \t value: \"/foo\" \theaders: \t- - name: \"version\" \t value \"v1\" \n ```" - properties: - headers: - description: Headers specifies HTTP request header matchers. - Multiple match values are ANDed together, meaning, a - request must match all the specified headers to select - the route. - items: - description: HTTPHeaderMatch describes how to select - a HTTP route by matching HTTP request headers. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case insensitive. - (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent header - names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be - ignored. Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered equivalent. - \n When a header is repeated in an HTTP request, - it is implementation-specific behavior as to how - this is represented. Generally, proxies should - follow the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, with special - handling for \"Set-Cookie\"." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the header. \n Support: Core (Exact) - \n Support: Implementation-specific (RegularExpression) - \n Since RegularExpression HeaderMatchType has - implementation-specific conformance, implementations - can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's - documentation to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: "Method specifies HTTP method matcher. When - specified, this route will be matched only if the request - has the specified method. \n Support: Extended" - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: Path specifies a HTTP request path matcher. - If this field is not specified, a default prefix match - on the "/" path is provided. - properties: - type: - default: PathPrefix - description: "Type specifies how to match against - the path Value. \n Support: Core (Exact, PathPrefix) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - queryParams: - description: "QueryParams specifies HTTP query parameter - matchers. Multiple match values are ANDed together, - meaning, a request must match all the specified query - parameters to select the route. \n Support: Extended" - items: - description: HTTPQueryParamMatch describes how to select - a HTTP route by matching HTTP query parameters. - properties: - name: - description: "Name is the name of the HTTP query - param to be matched. This must be an exact string - match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent query - param names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST - be ignored. \n If a query param is repeated in - an HTTP request, the behavior is purposely left - undefined, since different data planes have different - capabilities. However, it is *recommended* that - implementations should match against the first - value of the param if the data plane supports - it, as this behavior is expected in other load - balancing contexts outside of the Gateway API. - \n Users SHOULD NOT route traffic based on repeated - query params to guard themselves against potential - differences in the implementations." - maxLength: 256 - minLength: 1 - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the query parameter. \n Support: - Extended (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, - PCRE or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: - Core (Gateway) \n Support: Implementation-specific (Other - Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY - choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: experimental - creationTimestamp: null - name: grpcroutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GRPCRoute - listKind: GRPCRouteList - plural: grpcroutes - singular: grpcroute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha2 - schema: - openAPIV3Schema: - description: "GRPCRoute provides a way to route gRPC requests. This includes - the capability to match requests by hostname, gRPC service, gRPC method, - or HTTP/2 header. Filters can be used to specify additional processing steps. - Backends specify where matching requests will be routed. \n GRPCRoute falls - under extended support within the Gateway API. Within the following specification, - the word \"MUST\" indicates that an implementation supporting GRPCRoute - must conform to the indicated requirement, but an implementation not supporting - this route type need not follow the requirement unless explicitly indicated. - \n Implementations supporting `GRPCRoute` with the `HTTPS` `ProtocolType` - MUST accept HTTP/2 connections without an initial upgrade from HTTP/1.1, - i.e. via ALPN. If the implementation does not support this, then it MUST - set the \"Accepted\" condition to \"False\" for the affected listener with - a reason of \"UnsupportedProtocol\". Implementations MAY also accept HTTP/2 - connections with an upgrade from HTTP/1. \n Implementations supporting `GRPCRoute` - with the `HTTP` `ProtocolType` MUST support HTTP/2 over cleartext TCP (h2c, - https://www.rfc-editor.org/rfc/rfc7540#section-3.1) without an initial upgrade - from HTTP/1.1, i.e. with prior knowledge (https://www.rfc-editor.org/rfc/rfc7540#section-3.4). - If the implementation does not support this, then it MUST set the \"Accepted\" - condition to \"False\" for the affected listener with a reason of \"UnsupportedProtocol\". - Implementations MAY also accept HTTP/2 connections with an upgrade from - HTTP/1, i.e. without prior knowledge. \n Support: Extended" - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GRPCRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostnames to match against - the GRPC Host header to select a GRPCRoute to process the request. - This matches the RFC 1123 definition of a hostname with 2 notable - exceptions: \n 1. IPs are not allowed. 2. A hostname may be prefixed - with a wildcard label (`*.`). The wildcard label MUST appear - by itself as the first label. \n If a hostname is specified by both - the Listener and GRPCRoute, there MUST be at least one intersecting - hostname for the GRPCRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - GRPCRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches GRPCRoutes - \ that have either not specified any hostnames or have specified - at least one hostname that matches the Listener hostname. For - example, `test.example.com` and `*.example.com` would both match. - On the other hand, `example.com` and `test.example.net` would - not match. \n Hostnames that are prefixed with a wildcard label - (`*.`) are interpreted as a suffix match. That means that a match - for `*.example.com` would match both `test.example.com`, and `foo.test.example.com`, - but not `example.com`. \n If both the Listener and GRPCRoute have - specified hostnames, any GRPCRoute hostnames that do not match the - Listener hostname MUST be ignored. For example, if a Listener specified - `*.example.com`, and the GRPCRoute specified `test.example.com` - and `test.example.net`, `test.example.net` MUST NOT be considered - for a match. \n If both the Listener and GRPCRoute have specified - hostnames, and none match with the criteria above, then the GRPCRoute - MUST NOT be accepted by the implementation. The implementation MUST - raise an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n If a Route (A) of type HTTPRoute or GRPCRoute - is attached to a Listener and that listener already has another - Route (B) of the other type attached and the intersection of the - hostnames of A and B is non-empty, then the implementation MUST - accept exactly one of these two routes, determined by the following - criteria, in order: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n The rejected Route MUST raise an 'Accepted' condition with a - status of 'False' in the corresponding RouteParentStatus. \n Support: - Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. \n The only kind of parent resource - with \"Core\" support is Gateway. This API may be extended in the - future to support additional kinds of parent resources such as one - of the route kinds. \n It is invalid to reference an identical parent - more than once. It is valid to reference multiple distinct sections - within the same parent resource, such as 2 Listeners within a Gateway. - \n It is possible to separately reference multiple distinct objects - that may be collapsed by an implementation. For example, some implementations - may choose to merge compatible Gateway Listeners together. If that - is the case, the list of routes attached to those resources should - also be merged. \n Note that for ParentRefs that cross namespace - boundaries, there are specific rules. Cross-namespace references - are only valid if they are explicitly allowed by something in the - namespace they are referring to. For example, Gateway has the AllowedRoutes - field, and ReferenceGrant provides a generic way to enable any other - kind of cross-namespace reference." - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). The only kind of parent resource with \"Core\" support - is Gateway. This API may be extended in the future to support - additional kinds of parent resources, such as HTTPRoute. \n The - API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: Core - (Gateway) \n Support: Implementation-specific (Other Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: "Port is the network port this Route targets. It - can be interpreted differently based on the type of parent - resource. \n When the parent resource is a Gateway, this targets - all listeners listening on the specified port that also support - this kind of Route(and select this Route). It's not recommended - to set `Port` unless the networking behaviors specified in - a Route must apply to a specific port as opposed to a listener(s) - whose port(s) may be changed. When both Port and SectionName - are specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY choose - to support other parent resources. Implementations supporting - other types of parent resources MUST clearly document how/if - Port is interpreted. \n For the purpose of status, an attachment - is considered successful as long as the parent resource accepts - it partially. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Extended \n " - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. \n Implementations MAY choose to support - attaching Routes to other resources. If that is the case, - they MUST clearly document how SectionName is interpreted. - \n When unspecified (empty string), this will reference the - entire resource. For the purpose of status, an attachment - is considered successful if at least one section in the parent - resource accepts it. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - rules: - default: - - matches: - - method: - type: Exact - description: Rules are a list of GRPC matchers, filters and actions. - items: - description: GRPCRouteRule defines the semantics for matching an - gRPC request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive an `UNAVAILABLE` status. - \n See the GRPCBackendRef definition for the rules about what - makes a single GRPCBackendRef invalid. \n When a GRPCBackendRef - is invalid, `UNAVAILABLE` statuses MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive an `UNAVAILABLE` - status. \n For example, if two backends are specified with - equal weights, and one is invalid, 50 percent of traffic MUST - receive an `UNAVAILABLE` status. Implementations may choose - how that 50 percent is determined. \n Support: Core for Kubernetes - Service \n Support: Implementation-specific for any other - resource \n Support for weight: Core" - items: - description: GRPCBackendRef defines how a GRPCRoute forwards - a gRPC request. - properties: - filters: - description: "Filters defined at this level MUST be executed - if and only if the request is being forwarded to the - backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in GRPCRouteRule.)" - items: - description: GRPCRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. GRPCRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n If the - referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the - underlying implementation. \n If there is - a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: - False`, with the \"RefNotPermitted\" reason - and not configure this backend in the underlying - implementation. \n In either error case, the - Message of the `ResolvedRefs` Condition should - be used to provide more detail about the problem. - \n Support: Extended for Kubernetes Service - \n Support: Implementation-specific for any - other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. - For example "HTTPRoute" or "Service". - Defaults to "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n - Support: Extended \n " - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - supporting GRPCRoute MUST support core filters. - \n - Extended: Filter types and their corresponding - configuration defined by \"Support: Extended\" - in this package, e.g. \"RequestMirror\". Implementers - \ are encouraged to support extended filters. - \n - Implementation-specific: Filters that are - defined and supported by specific vendors. In - the future, filters showing convergence in behavior - across multiple implementations will be considered - for inclusion in extended or core conformance - levels. Filter-specific configuration for such - filters is specified using the ExtensionRef - field. `Type` MUST be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n " - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". Defaults to "Service" when - not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow - that namespace's owner to accept the reference. See - the ReferenceGrant documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations that support GRPCRoute. - Implementers - are encouraged to support extended filters. - Implementation-specific - custom filters have no API guarantees across implementations. - \n Specifying a core filter multiple times has unspecified - or implementation-specific conformance. Support: Core" - items: - description: GRPCRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - GRPCRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n If the referent cannot - be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route status - is set to `status: False` and not configure this - backend in the underlying implementation. \n If - there is a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: False`, - with the \"RefNotPermitted\" reason and not configure - this backend in the underlying implementation. \n - In either error case, the Message of the `ResolvedRefs` - Condition should be used to provide more detail - about the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific for - any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". Defaults to - "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace is - specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n Support: - Extended \n " - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations supporting GRPCRoute MUST support - core filters. \n - Extended: Filter types and their - corresponding configuration defined by \"Support: - Extended\" in this package, e.g. \"RequestMirror\". - Implementers are encouraged to support extended filters. - \n - Implementation-specific: Filters that are defined - and supported by specific vendors. In the future, - filters showing convergence in behavior across multiple - \ implementations will be considered for inclusion - in extended or core conformance levels. Filter-specific - configuration for such filters is specified using - the ExtensionRef field. `Type` MUST be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged to - define custom implementation types to extend the core - API with implementation-specific behavior. \n If a reference - to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have - been processed by that filter MUST receive a HTTP error - response. \n " - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - matches: - default: - - method: - type: Exact - description: "Matches define conditions used for matching the - rule against incoming gRPC requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - method: service: foo.bar headers: - \ values: version: 2 - method: service: foo.bar.v2 - ``` \n For a request to match against this rule, it MUST satisfy - EITHER of the two conditions: \n - service of foo.bar AND - contains the header `version: 2` - service of foo.bar.v2 \n - See the documentation for GRPCRouteMatch on how to specify - multiple match conditions to be ANDed together. \n If no matches - are specified, the implementation MUST match every gRPC request. - \n Proxy or Load Balancer routing configuration generated - from GRPCRoutes MUST prioritize rules based on the following - criteria, continuing on ties. Merging MUST not be done between - GRPCRoutes and HTTPRoutes. Precedence MUST be given to the - rule with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. - * Characters in a matching service. * Characters in a matching - method. * Header matches. \n If ties still exist across multiple - Routes, matching precedence MUST be determined in order of - the following criteria, continuing on ties: \n * The oldest - Route based on creation timestamp. * The Route appearing first - in alphabetical order by \"{namespace}/{name}\". \n If ties - still exist within the Route that has been given precedence, - matching precedence MUST be granted to the first matching - rule meeting the above criteria." - items: - description: "GRPCRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a gRPC request only if its service is `foo` - AND it contains the `version: v1` header: \n ``` matches: - \ - method: type: Exact service: \"foo\" headers: - \ - name: \"version\" value \"v1\" \n ```" - properties: - headers: - description: Headers specifies gRPC request header matchers. - Multiple match values are ANDed together, meaning, a - request MUST match all the specified headers to select - the route. - items: - description: GRPCHeaderMatch describes how to select - a gRPC route by matching gRPC request headers. - properties: - name: - description: "Name is the name of the gRPC Header - to be matched. \n If multiple entries specify - equivalent header names, only the first entry - with an equivalent name MUST be considered for - a match. Subsequent entries with an equivalent - header name MUST be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: Type specifies how to match against - the value of the header. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of the gRPC Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - default: - type: Exact - description: Method specifies a gRPC request service/method - matcher. If this field is not specified, all services - and methods will match. - properties: - method: - description: "Value of the method to match against. - If left empty or omitted, will match all services. - \n At least one of Service and Method MUST be a - non-empty string. \n A GRPC Method must be a valid - Protobuf Method (https://protobuf.com/docs/language-spec#methods)." - maxLength: 1024 - pattern: ^[A-Za-z_][A-Za-z_0-9]*$ - type: string - service: - description: "Value of the service to match against. - If left empty or omitted, will match any service. - \n At least one of Service and Method MUST be a - non-empty string. \n A GRPC Service must be a valid - Protobuf Type Name (https://protobuf.com/docs/language-spec#type-references)." - maxLength: 1024 - pattern: ^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the service and/or method. Support: Core (Exact - with service and method specified) \n Support: Implementation-specific - (Exact with method specified but no service specified) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - RegularExpression - type: string - type: object - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of GRPCRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: - Core (Gateway) \n Support: Implementation-specific (Other - Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: "Port is the network port this Route targets. - It can be interpreted differently based on the type of - parent resource. \n When the parent resource is a Gateway, - this targets all listeners listening on the specified - port that also support this kind of Route(and select this - Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to - a specific port as opposed to a listener(s) whose port(s) - may be changed. When both Port and SectionName are specified, - the name and port of the selected listener must match - both specified values. \n Implementations MAY choose to - support other parent resources. Implementations supporting - other types of parent resources MUST clearly document - how/if Port is interpreted. \n For the purpose of status, - an attachment is considered successful as long as the - parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them - by Route kind, namespace, or hostname. If 1 of 2 Gateway - listeners accept attachment from the referencing Route, - the Route MUST be considered successfully attached. If - no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Extended \n " - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY - choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] \ No newline at end of file diff --git a/config/crds/bases/k8s-gateway-v1.0.0.yaml b/config/crds/bases/k8s-gateway-v1.0.0.yaml deleted file mode 100644 index a091bba9..00000000 --- a/config/crds/bases/k8s-gateway-v1.0.0.yaml +++ /dev/null @@ -1,8577 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466 - gateway.networking.k8s.io/bundle-version: v1.0.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gatewayclasses.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GatewayClass - listKind: GatewayClassList - plural: gatewayclasses - shortNames: - - gc - singular: gatewayclass - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - name: v1 - schema: - openAPIV3Schema: - description: "GatewayClass describes a class of Gateways available to the - user for creating Gateway resources. \n It is recommended that this resource - be used as a template for Gateways. This means that a Gateway is based on - the state of the GatewayClass at the time it was created and changes to - the GatewayClass or associated parameters are not propagated down to existing - Gateways. This recommendation is intended to limit the blast radius of changes - to GatewayClass or associated parameters. If implementations choose to propagate - GatewayClass changes to existing Gateways, that MUST be clearly documented - by the implementation. \n Whenever one or more Gateways are using a GatewayClass, - implementations SHOULD add the `gateway-exists-finalizer.gateway.networking.k8s.io` - finalizer on the associated GatewayClass. This ensures that a GatewayClass - associated with a Gateway is not deleted while in use. \n GatewayClass is - a Cluster level resource." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: "ControllerName is the name of the controller that is - managing Gateways of this class. The value of this field MUST be - a domain prefixed path. \n Example: \"example.net/gateway-controller\". - \n This field is not mutable and cannot be empty. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: "ParametersRef is a reference to a resource that contains - the configuration parameters corresponding to the GatewayClass. - This is optional if the controller does not require any additional - configuration. \n ParametersRef can reference a standard Kubernetes - resource, i.e. ConfigMap, or an implementation-specific custom resource. - The resource can be cluster-scoped or namespace-scoped. \n If the - referent cannot be found, the GatewayClass's \"InvalidParameters\" - status condition will be true. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Waiting - status: Unknown - type: Accepted - description: "Status defines the current state of GatewayClass. \n Implementations - MUST populate status on all GatewayClass resources which specify their - controller name." - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: "Conditions is the current status from the controller - for this GatewayClass. \n Controllers should prefer to publish conditions - using values of GatewayClassConditionType for the type of each Condition." - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: "GatewayClass describes a class of Gateways available to the - user for creating Gateway resources. \n It is recommended that this resource - be used as a template for Gateways. This means that a Gateway is based on - the state of the GatewayClass at the time it was created and changes to - the GatewayClass or associated parameters are not propagated down to existing - Gateways. This recommendation is intended to limit the blast radius of changes - to GatewayClass or associated parameters. If implementations choose to propagate - GatewayClass changes to existing Gateways, that MUST be clearly documented - by the implementation. \n Whenever one or more Gateways are using a GatewayClass, - implementations SHOULD add the `gateway-exists-finalizer.gateway.networking.k8s.io` - finalizer on the associated GatewayClass. This ensures that a GatewayClass - associated with a Gateway is not deleted while in use. \n GatewayClass is - a Cluster level resource." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: "ControllerName is the name of the controller that is - managing Gateways of this class. The value of this field MUST be - a domain prefixed path. \n Example: \"example.net/gateway-controller\". - \n This field is not mutable and cannot be empty. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - x-kubernetes-validations: - - message: Value is immutable - rule: self == oldSelf - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: "ParametersRef is a reference to a resource that contains - the configuration parameters corresponding to the GatewayClass. - This is optional if the controller does not require any additional - configuration. \n ParametersRef can reference a standard Kubernetes - resource, i.e. ConfigMap, or an implementation-specific custom resource. - The resource can be cluster-scoped or namespace-scoped. \n If the - referent cannot be found, the GatewayClass's \"InvalidParameters\" - status condition will be true. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Waiting - status: Unknown - type: Accepted - description: "Status defines the current state of GatewayClass. \n Implementations - MUST populate status on all GatewayClass resources which specify their - controller name." - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: "Conditions is the current status from the controller - for this GatewayClass. \n Controllers should prefer to publish conditions - using values of GatewayClassConditionType for the type of each Condition." - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466 - gateway.networking.k8s.io/bundle-version: v1.0.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gateways.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: Gateway - listKind: GatewayList - plural: gateways - shortNames: - - gtw - singular: gateway - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: Gateway represents an instance of a service-traffic handling - infrastructure by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: "Addresses requested for this Gateway. This is optional - and behavior can depend on the implementation. If a value is set - in the spec and the requested address is invalid or unavailable, - the implementation MUST indicate this in the associated entry in - GatewayStatus.Addresses. \n The Addresses field represents a request - for the address(es) on the \"outside of the Gateway\", that traffic - bound for this Gateway will use. This could be the IP address or - hostname of an external load balancer or other networking infrastructure, - or some other address that traffic will be sent to. \n If no Addresses - are specified, the implementation MAY schedule the Gateway in an - implementation-specific manner, assigning an appropriate set of - Addresses. \n The implementation MUST bind all Listeners to every - GatewayAddress that it assigns to the Gateway and add a corresponding - entry in GatewayStatus.Addresses. \n Support: Extended \n " - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: IPAddress values must be unique - rule: 'self.all(a1, a1.type == ''IPAddress'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - - message: Hostname values must be unique - rule: 'self.all(a1, a1.type == ''Hostname'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - gatewayClassName: - description: GatewayClassName used for this Gateway. This is the name - of a GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - listeners: - description: "Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. At - least one Listener MUST be specified. \n Each Listener in a set - of Listeners (for example, in a single Gateway) MUST be _distinct_, - in that a traffic flow MUST be able to be assigned to exactly one - listener. (This section uses \"set of Listeners\" rather than \"Listeners - in a single Gateway\" because implementations MAY merge configuration - from multiple Gateways onto a single data plane, and these rules - _also_ apply in that case). \n Practically, this means that each - listener in a set MUST have a unique combination of Port, Protocol, - and, if supported by the protocol, Hostname. \n Some combinations - of port, protocol, and TLS settings are considered Core support - and MUST be supported by implementations based on their targeted - conformance profile: \n HTTP Profile \n 1. HTTPRoute, Port: 80, - Protocol: HTTP 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: - Terminate, TLS keypair provided \n TLS Profile \n 1. TLSRoute, Port: - 443, Protocol: TLS, TLS Mode: Passthrough \n \"Distinct\" Listeners - have the following property: \n The implementation can match inbound - requests to a single distinct Listener. When multiple Listeners - share values for fields (for example, two Listeners with the same - Port value), the implementation can match requests to only one of - the Listeners using other Listener fields. \n For example, the following - Listener scenarios are distinct: \n 1. Multiple Listeners with the - same Port that all use the \"HTTP\" Protocol that all have unique - Hostname values. 2. Multiple Listeners with the same Port that use - either the \"HTTPS\" or \"TLS\" Protocol that all have unique Hostname - values. 3. A mixture of \"TCP\" and \"UDP\" Protocol Listeners, - where no Listener with the same Protocol has the same Port value. - \n Some fields in the Listener struct have possible values that - affect whether the Listener is distinct. Hostname is particularly - relevant for HTTP or HTTPS protocols. \n When using the Hostname - value to select between same-Port, same-Protocol Listeners, the - Hostname value must be different on each Listener for the Listener - to be distinct. \n When the Listeners are distinct based on Hostname, - inbound request hostnames MUST match from the most specific to least - specific Hostname values to choose the correct Listener and its - associated set of Routes. \n Exact matches must be processed before - wildcard matches, and wildcard matches must be processed before - fallback (empty Hostname value) matches. For example, `\"foo.example.com\"` - takes precedence over `\"*.example.com\"`, and `\"*.example.com\"` - takes precedence over `\"\"`. \n Additionally, if there are multiple - wildcard entries, more specific wildcard entries must be processed - before less specific wildcard entries. For example, `\"*.foo.example.com\"` - takes precedence over `\"*.example.com\"`. The precise definition - here is that the higher the number of dots in the hostname to the - right of the wildcard character, the higher the precedence. \n The - wildcard character will match any number of characters _and dots_ - to the left, however, so `\"*.example.com\"` will match both `\"foo.bar.example.com\"` - _and_ `\"bar.example.com\"`. \n If a set of Listeners contains Listeners - that are not distinct, then those Listeners are Conflicted, and - the implementation MUST set the \"Conflicted\" condition in the - Listener Status to \"True\". \n Implementations MAY choose to accept - a Gateway with some Conflicted Listeners only if they only accept - the partial Listener set that contains no Conflicted Listeners. - To put this another way, implementations may accept a partial Listener - set only if they throw out *all* the conflicting Listeners. No picking - one of the conflicting listeners as the winner. This also means - that the Gateway must have at least one non-conflicting Listener - in this case, otherwise it violates the requirement that at least - one Listener must be present. \n The implementation MUST set a \"ListenersNotValid\" - condition on the Gateway Status when the Gateway contains Conflicted - Listeners whether or not they accept the Gateway. That Condition - SHOULD clearly indicate in the Message which Listeners are conflicted, - and which are Accepted. Additionally, the Listener status for those - listeners SHOULD indicate which Listeners are conflicted and not - Accepted. \n A Gateway's Listeners are considered \"compatible\" - if: \n 1. They are distinct. 2. The implementation can serve them - in compliance with the Addresses requirement that all Listeners - are available on all assigned addresses. \n Compatible combinations - in Extended support are expected to vary across implementations. - A combination that is compatible for one implementation may not - be compatible for another. \n For example, an implementation that - cannot serve both TCP and UDP listeners on the same address, or - cannot mix HTTPS and generic TLS listens on the same port would - not consider those cases compatible, even though they are distinct. - \n Note that requests SHOULD match at most one Listener. For example, - if Listeners are defined for \"foo.example.com\" and \"*.example.com\", - a request to \"foo.example.com\" SHOULD only be routed using routes - attached to the \"foo.example.com\" Listener (and not the \"*.example.com\" - Listener). This concept is known as \"Listener Isolation\". Implementations - that do not support Listener Isolation MUST clearly document this. - \n Implementations MAY merge separate Gateways onto a single set - of Addresses if all Listeners across all Gateways are compatible. - \n Support: Core" - items: - description: Listener embodies the concept of a logical endpoint - where a Gateway accepts network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: "AllowedRoutes defines the types of routes that - MAY be attached to a Listener and the trusted namespaces where - those Route resources MAY be present. \n Although a client - request may match multiple route rules, only one rule may - ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: \n * The most - specific match as defined by the Route type. * The oldest - Route based on creation timestamp. For example, a Route with - a creation timestamp of \"2020-09-08 01:02:03\" is given precedence - over a Route with a creation timestamp of \"2020-09-08 01:02:04\". - * If everything else is equivalent, the Route appearing first - in alphabetical order (namespace/name) should be given precedence. - For example, foo/bar is given precedence over foo/baz. \n - All valid rules within a Route attached to this Listener should - be implemented. Invalid Route rules can be ignored (sometimes - that will mean the full Route). If a Route rule transitions - from valid to invalid, support for that Route rule should - be dropped to ensure consistency. For example, even if a filter - specified by a Route rule is invalid, the rest of the rules - within that Route should still be supported. \n Support: Core" - properties: - kinds: - description: "Kinds specifies the groups and kinds of Routes - that are allowed to bind to this Gateway Listener. When - unspecified or empty, the kinds of Routes selected are - determined using the Listener protocol. \n A RouteGroupKind - MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's - Protocol field. If an implementation does not support - or recognize this resource type, it MUST set the \"ResolvedRefs\" - condition to False for this Listener with the \"InvalidRouteKinds\" - reason. \n Support: Core" - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: "Namespaces indicates namespaces from which - Routes may be attached to this Listener. This is restricted - to the namespace of this Gateway by default. \n Support: - Core" - properties: - from: - default: Same - description: "From indicates where Routes will be selected - for this Gateway. Possible values are: \n * All: Routes - in all namespaces may be used by this Gateway. * Selector: - Routes in namespaces selected by the selector may - be used by this Gateway. * Same: Only Routes in the - same namespace may be used by this Gateway. \n Support: - Core" - enum: - - All - - Selector - - Same - type: string - selector: - description: "Selector must be specified when From is - set to \"Selector\". In that case, only Routes in - Namespaces matching this Selector will be selected - by this Gateway. This field is ignored for other values - of \"From\". \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: object - hostname: - description: "Hostname specifies the virtual hostname to match - for protocol types that define this concept. When unspecified, - all hostnames are matched. This field is ignored for protocols - that don't require hostname based matching. \n Implementations - MUST apply Hostname matching appropriately for each of the - following protocols: \n * TLS: The Listener Hostname MUST - match the SNI. * HTTP: The Listener Hostname MUST match the - Host header of the request. * HTTPS: The Listener Hostname - SHOULD match at both the TLS and HTTP protocol layers as described - above. If an implementation does not ensure that both the - SNI and Host header match the Listener hostname, it MUST clearly - document that. \n For HTTPRoute and TLSRoute resources, there - is an interaction with the `spec.hostnames` array. When both - listener and route specify hostnames, there MUST be an intersection - between the values for a Route to be accepted. For more information, - refer to the Route specific Hostnames documentation. \n Hostnames - that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` - would match both `test.example.com`, and `foo.test.example.com`, - but not `example.com`. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: "Name is the name of the Listener. This name MUST - be unique within a Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the network port. Multiple listeners may - use the same port, subject to the Listener compatibility rules. - \n Support: Core" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: "Protocol specifies the network protocol this listener - expects to receive. \n Support: Core" - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: "TLS is the TLS configuration for the Listener. - This field is required if the Protocol field is \"HTTPS\" - or \"TLS\". It is invalid to set this field if the Protocol - field is \"HTTP\", \"TCP\", or \"UDP\". \n The association - of SNIs to Certificate defined in GatewayTLSConfig is defined - based on the Hostname field for this listener. \n The GatewayClass - MUST use the longest matching SNI out of all available certificates - for any TLS handshake. \n Support: Core" - properties: - certificateRefs: - description: "CertificateRefs contains a series of references - to Kubernetes objects that contains TLS certificates and - private keys. These certificates are used to establish - a TLS handshake for requests that match the hostname of - the associated listener. \n A single CertificateRef to - a Kubernetes Secret has \"Core\" support. Implementations - MAY choose to support attaching multiple certificates - to a Listener, but this behavior is implementation-specific. - \n References to a resource in different namespace are - invalid UNLESS there is a ReferenceGrant in the target - namespace that allows the certificate to be attached. - If a ReferenceGrant does not allow this reference, the - \"ResolvedRefs\" condition MUST be set to False for this - listener with the \"RefNotPermitted\" reason. \n This - field is required to have at least one element when the - mode is set to \"Terminate\" (default) and is optional - otherwise. \n CertificateRefs can reference to standard - Kubernetes resources, i.e. Secret, or implementation-specific - custom resources. \n Support: Core - A single reference - to a Kubernetes Secret of type kubernetes.io/tls \n Support: - Implementation-specific (More than one reference or other - resource types)" - items: - description: "SecretObjectReference identifies an API - object including its namespace, defaulting to Secret. - \n The API object must be valid in the cluster; the - Group and Kind must be registered in the cluster for - this reference to be valid. \n References to objects - with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate - Conditions set on the containing object." - properties: - group: - default: "" - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "Secret". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referenced - object. When unspecified, the local namespace is - inferred. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace to - allow that namespace's owner to accept the reference. - See the ReferenceGrant documentation for details. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: "Mode defines the TLS behavior for the TLS - session initiated by the client. There are two possible - modes: \n - Terminate: The TLS session between the downstream - client and the Gateway is terminated at the Gateway. This - mode requires certificateRefs to be set and contain at - least one element. - Passthrough: The TLS session is NOT - terminated by the Gateway. This implies that the Gateway - can't decipher the TLS stream except for the ClientHello - message of the TLS protocol. CertificateRefs field is - ignored in this mode. \n Support: Core" - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: AnnotationValue is the value of an annotation - in Gateway API. This is used for validation of maps - such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation - in that case is based on the entire size of the annotations - struct. - maxLength: 4096 - minLength: 0 - type: string - description: "Options are a list of key/value pairs to enable - extended TLS configuration for each implementation. For - example, configuring the minimum TLS version or supported - cipher suites. \n A set of common keys MAY be defined - by the API in the future. To avoid any ambiguity, implementation-specific - definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by - Gateway API. \n Support: Implementation-specific" - maxProperties: 16 - type: object - type: object - x-kubernetes-validations: - - message: certificateRefs must be specified when TLSModeType - is Terminate - rule: 'self.mode == ''Terminate'' ? size(self.certificateRefs) - > 0 : true' - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: tls must be specified for protocols ['HTTPS', 'TLS'] - rule: 'self.all(l, l.protocol in [''HTTPS'', ''TLS''] ? has(l.tls) - : true)' - - message: tls must not be specified for protocols ['HTTP', 'TCP', - 'UDP'] - rule: 'self.all(l, l.protocol in [''HTTP'', ''TCP'', ''UDP''] ? - !has(l.tls) : true)' - - message: hostname must not be specified for protocols ['TCP', 'UDP'] - rule: 'self.all(l, l.protocol in [''TCP'', ''UDP''] ? (!has(l.hostname) - || l.hostname == '''') : true)' - - message: Listener name must be unique within the Gateway - rule: self.all(l1, self.exists_one(l2, l1.name == l2.name)) - - message: Combination of port, protocol and hostname must be unique - for each listener - rule: 'self.all(l1, self.exists_one(l2, l1.port == l2.port && l1.protocol - == l2.protocol && (has(l1.hostname) && has(l2.hostname) ? l1.hostname - == l2.hostname : !has(l1.hostname) && !has(l2.hostname))))' - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: Status defines the current state of Gateway. - properties: - addresses: - description: "Addresses lists the network addresses that have been - bound to the Gateway. \n This list may differ from the addresses - provided in the spec under some conditions: \n * no addresses are - specified, all addresses are dynamically assigned * a combination - of specified and dynamic addresses are assigned * a specified address - was unusable (e.g. already in use) \n " - items: - description: GatewayStatusAddress describes a network address that - is bound to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: "Conditions describe the current conditions of the Gateway. - \n Implementations should prefer to express Gateway conditions using - the `GatewayConditionType` and `GatewayConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe Gateway state. \n Known condition types are: \n * \"Accepted\" - * \"Programmed\" * \"Ready\"" - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: "AttachedRoutes represents the total number of - Routes that have been successfully attached to this Listener. - \n Successful attachment of a Route to a Listener is based - solely on the combination of the AllowedRoutes field on the - corresponding Listener and the Route's ParentRefs field. A - Route is successfully attached to a Listener when it is selected - by the Listener's AllowedRoutes field AND the Route has a - valid ParentRef selecting the whole Gateway resource or a - specific Listener as a parent resource (more detail on attachment - semantics can be found in the documentation on the various - Route kinds ParentRefs fields). Listener or Route status does - not impact successful attachment, i.e. the AttachedRoutes - field count MUST be set for Listeners with condition Accepted: - false and MUST count successfully attached Routes that may - themselves have Accepted: false conditions. \n Uses for this - field include troubleshooting Route attachment and measuring - blast radius/impact of changes to a Listener." - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: "SupportedKinds is the list indicating the Kinds - supported by this listener. This MUST represent the kinds - an implementation supports for that Listener configuration. - \n If kinds are specified in Spec that are not supported, - they MUST NOT appear in this list and an implementation MUST - set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\" - reason. If both valid and invalid Route kinds are specified, - the implementation MUST reference the valid Route kinds that - have been specified." - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Gateway represents an instance of a service-traffic handling - infrastructure by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: "Addresses requested for this Gateway. This is optional - and behavior can depend on the implementation. If a value is set - in the spec and the requested address is invalid or unavailable, - the implementation MUST indicate this in the associated entry in - GatewayStatus.Addresses. \n The Addresses field represents a request - for the address(es) on the \"outside of the Gateway\", that traffic - bound for this Gateway will use. This could be the IP address or - hostname of an external load balancer or other networking infrastructure, - or some other address that traffic will be sent to. \n If no Addresses - are specified, the implementation MAY schedule the Gateway in an - implementation-specific manner, assigning an appropriate set of - Addresses. \n The implementation MUST bind all Listeners to every - GatewayAddress that it assigns to the Gateway and add a corresponding - entry in GatewayStatus.Addresses. \n Support: Extended \n " - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: IPAddress values must be unique - rule: 'self.all(a1, a1.type == ''IPAddress'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - - message: Hostname values must be unique - rule: 'self.all(a1, a1.type == ''Hostname'' ? self.exists_one(a2, - a2.type == a1.type && a2.value == a1.value) : true )' - gatewayClassName: - description: GatewayClassName used for this Gateway. This is the name - of a GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - listeners: - description: "Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. At - least one Listener MUST be specified. \n Each Listener in a set - of Listeners (for example, in a single Gateway) MUST be _distinct_, - in that a traffic flow MUST be able to be assigned to exactly one - listener. (This section uses \"set of Listeners\" rather than \"Listeners - in a single Gateway\" because implementations MAY merge configuration - from multiple Gateways onto a single data plane, and these rules - _also_ apply in that case). \n Practically, this means that each - listener in a set MUST have a unique combination of Port, Protocol, - and, if supported by the protocol, Hostname. \n Some combinations - of port, protocol, and TLS settings are considered Core support - and MUST be supported by implementations based on their targeted - conformance profile: \n HTTP Profile \n 1. HTTPRoute, Port: 80, - Protocol: HTTP 2. HTTPRoute, Port: 443, Protocol: HTTPS, TLS Mode: - Terminate, TLS keypair provided \n TLS Profile \n 1. TLSRoute, Port: - 443, Protocol: TLS, TLS Mode: Passthrough \n \"Distinct\" Listeners - have the following property: \n The implementation can match inbound - requests to a single distinct Listener. When multiple Listeners - share values for fields (for example, two Listeners with the same - Port value), the implementation can match requests to only one of - the Listeners using other Listener fields. \n For example, the following - Listener scenarios are distinct: \n 1. Multiple Listeners with the - same Port that all use the \"HTTP\" Protocol that all have unique - Hostname values. 2. Multiple Listeners with the same Port that use - either the \"HTTPS\" or \"TLS\" Protocol that all have unique Hostname - values. 3. A mixture of \"TCP\" and \"UDP\" Protocol Listeners, - where no Listener with the same Protocol has the same Port value. - \n Some fields in the Listener struct have possible values that - affect whether the Listener is distinct. Hostname is particularly - relevant for HTTP or HTTPS protocols. \n When using the Hostname - value to select between same-Port, same-Protocol Listeners, the - Hostname value must be different on each Listener for the Listener - to be distinct. \n When the Listeners are distinct based on Hostname, - inbound request hostnames MUST match from the most specific to least - specific Hostname values to choose the correct Listener and its - associated set of Routes. \n Exact matches must be processed before - wildcard matches, and wildcard matches must be processed before - fallback (empty Hostname value) matches. For example, `\"foo.example.com\"` - takes precedence over `\"*.example.com\"`, and `\"*.example.com\"` - takes precedence over `\"\"`. \n Additionally, if there are multiple - wildcard entries, more specific wildcard entries must be processed - before less specific wildcard entries. For example, `\"*.foo.example.com\"` - takes precedence over `\"*.example.com\"`. The precise definition - here is that the higher the number of dots in the hostname to the - right of the wildcard character, the higher the precedence. \n The - wildcard character will match any number of characters _and dots_ - to the left, however, so `\"*.example.com\"` will match both `\"foo.bar.example.com\"` - _and_ `\"bar.example.com\"`. \n If a set of Listeners contains Listeners - that are not distinct, then those Listeners are Conflicted, and - the implementation MUST set the \"Conflicted\" condition in the - Listener Status to \"True\". \n Implementations MAY choose to accept - a Gateway with some Conflicted Listeners only if they only accept - the partial Listener set that contains no Conflicted Listeners. - To put this another way, implementations may accept a partial Listener - set only if they throw out *all* the conflicting Listeners. No picking - one of the conflicting listeners as the winner. This also means - that the Gateway must have at least one non-conflicting Listener - in this case, otherwise it violates the requirement that at least - one Listener must be present. \n The implementation MUST set a \"ListenersNotValid\" - condition on the Gateway Status when the Gateway contains Conflicted - Listeners whether or not they accept the Gateway. That Condition - SHOULD clearly indicate in the Message which Listeners are conflicted, - and which are Accepted. Additionally, the Listener status for those - listeners SHOULD indicate which Listeners are conflicted and not - Accepted. \n A Gateway's Listeners are considered \"compatible\" - if: \n 1. They are distinct. 2. The implementation can serve them - in compliance with the Addresses requirement that all Listeners - are available on all assigned addresses. \n Compatible combinations - in Extended support are expected to vary across implementations. - A combination that is compatible for one implementation may not - be compatible for another. \n For example, an implementation that - cannot serve both TCP and UDP listeners on the same address, or - cannot mix HTTPS and generic TLS listens on the same port would - not consider those cases compatible, even though they are distinct. - \n Note that requests SHOULD match at most one Listener. For example, - if Listeners are defined for \"foo.example.com\" and \"*.example.com\", - a request to \"foo.example.com\" SHOULD only be routed using routes - attached to the \"foo.example.com\" Listener (and not the \"*.example.com\" - Listener). This concept is known as \"Listener Isolation\". Implementations - that do not support Listener Isolation MUST clearly document this. - \n Implementations MAY merge separate Gateways onto a single set - of Addresses if all Listeners across all Gateways are compatible. - \n Support: Core" - items: - description: Listener embodies the concept of a logical endpoint - where a Gateway accepts network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: "AllowedRoutes defines the types of routes that - MAY be attached to a Listener and the trusted namespaces where - those Route resources MAY be present. \n Although a client - request may match multiple route rules, only one rule may - ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: \n * The most - specific match as defined by the Route type. * The oldest - Route based on creation timestamp. For example, a Route with - a creation timestamp of \"2020-09-08 01:02:03\" is given precedence - over a Route with a creation timestamp of \"2020-09-08 01:02:04\". - * If everything else is equivalent, the Route appearing first - in alphabetical order (namespace/name) should be given precedence. - For example, foo/bar is given precedence over foo/baz. \n - All valid rules within a Route attached to this Listener should - be implemented. Invalid Route rules can be ignored (sometimes - that will mean the full Route). If a Route rule transitions - from valid to invalid, support for that Route rule should - be dropped to ensure consistency. For example, even if a filter - specified by a Route rule is invalid, the rest of the rules - within that Route should still be supported. \n Support: Core" - properties: - kinds: - description: "Kinds specifies the groups and kinds of Routes - that are allowed to bind to this Gateway Listener. When - unspecified or empty, the kinds of Routes selected are - determined using the Listener protocol. \n A RouteGroupKind - MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's - Protocol field. If an implementation does not support - or recognize this resource type, it MUST set the \"ResolvedRefs\" - condition to False for this Listener with the \"InvalidRouteKinds\" - reason. \n Support: Core" - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: "Namespaces indicates namespaces from which - Routes may be attached to this Listener. This is restricted - to the namespace of this Gateway by default. \n Support: - Core" - properties: - from: - default: Same - description: "From indicates where Routes will be selected - for this Gateway. Possible values are: \n * All: Routes - in all namespaces may be used by this Gateway. * Selector: - Routes in namespaces selected by the selector may - be used by this Gateway. * Same: Only Routes in the - same namespace may be used by this Gateway. \n Support: - Core" - enum: - - All - - Selector - - Same - type: string - selector: - description: "Selector must be specified when From is - set to \"Selector\". In that case, only Routes in - Namespaces matching this Selector will be selected - by this Gateway. This field is ignored for other values - of \"From\". \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: object - hostname: - description: "Hostname specifies the virtual hostname to match - for protocol types that define this concept. When unspecified, - all hostnames are matched. This field is ignored for protocols - that don't require hostname based matching. \n Implementations - MUST apply Hostname matching appropriately for each of the - following protocols: \n * TLS: The Listener Hostname MUST - match the SNI. * HTTP: The Listener Hostname MUST match the - Host header of the request. * HTTPS: The Listener Hostname - SHOULD match at both the TLS and HTTP protocol layers as described - above. If an implementation does not ensure that both the - SNI and Host header match the Listener hostname, it MUST clearly - document that. \n For HTTPRoute and TLSRoute resources, there - is an interaction with the `spec.hostnames` array. When both - listener and route specify hostnames, there MUST be an intersection - between the values for a Route to be accepted. For more information, - refer to the Route specific Hostnames documentation. \n Hostnames - that are prefixed with a wildcard label (`*.`) are interpreted - as a suffix match. That means that a match for `*.example.com` - would match both `test.example.com`, and `foo.test.example.com`, - but not `example.com`. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: "Name is the name of the Listener. This name MUST - be unique within a Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the network port. Multiple listeners may - use the same port, subject to the Listener compatibility rules. - \n Support: Core" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: "Protocol specifies the network protocol this listener - expects to receive. \n Support: Core" - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: "TLS is the TLS configuration for the Listener. - This field is required if the Protocol field is \"HTTPS\" - or \"TLS\". It is invalid to set this field if the Protocol - field is \"HTTP\", \"TCP\", or \"UDP\". \n The association - of SNIs to Certificate defined in GatewayTLSConfig is defined - based on the Hostname field for this listener. \n The GatewayClass - MUST use the longest matching SNI out of all available certificates - for any TLS handshake. \n Support: Core" - properties: - certificateRefs: - description: "CertificateRefs contains a series of references - to Kubernetes objects that contains TLS certificates and - private keys. These certificates are used to establish - a TLS handshake for requests that match the hostname of - the associated listener. \n A single CertificateRef to - a Kubernetes Secret has \"Core\" support. Implementations - MAY choose to support attaching multiple certificates - to a Listener, but this behavior is implementation-specific. - \n References to a resource in different namespace are - invalid UNLESS there is a ReferenceGrant in the target - namespace that allows the certificate to be attached. - If a ReferenceGrant does not allow this reference, the - \"ResolvedRefs\" condition MUST be set to False for this - listener with the \"RefNotPermitted\" reason. \n This - field is required to have at least one element when the - mode is set to \"Terminate\" (default) and is optional - otherwise. \n CertificateRefs can reference to standard - Kubernetes resources, i.e. Secret, or implementation-specific - custom resources. \n Support: Core - A single reference - to a Kubernetes Secret of type kubernetes.io/tls \n Support: - Implementation-specific (More than one reference or other - resource types)" - items: - description: "SecretObjectReference identifies an API - object including its namespace, defaulting to Secret. - \n The API object must be valid in the cluster; the - Group and Kind must be registered in the cluster for - this reference to be valid. \n References to objects - with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate - Conditions set on the containing object." - properties: - group: - default: "" - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "Secret". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referenced - object. When unspecified, the local namespace is - inferred. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace to - allow that namespace's owner to accept the reference. - See the ReferenceGrant documentation for details. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: "Mode defines the TLS behavior for the TLS - session initiated by the client. There are two possible - modes: \n - Terminate: The TLS session between the downstream - client and the Gateway is terminated at the Gateway. This - mode requires certificateRefs to be set and contain at - least one element. - Passthrough: The TLS session is NOT - terminated by the Gateway. This implies that the Gateway - can't decipher the TLS stream except for the ClientHello - message of the TLS protocol. CertificateRefs field is - ignored in this mode. \n Support: Core" - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: AnnotationValue is the value of an annotation - in Gateway API. This is used for validation of maps - such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation - in that case is based on the entire size of the annotations - struct. - maxLength: 4096 - minLength: 0 - type: string - description: "Options are a list of key/value pairs to enable - extended TLS configuration for each implementation. For - example, configuring the minimum TLS version or supported - cipher suites. \n A set of common keys MAY be defined - by the API in the future. To avoid any ambiguity, implementation-specific - definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by - Gateway API. \n Support: Implementation-specific" - maxProperties: 16 - type: object - type: object - x-kubernetes-validations: - - message: certificateRefs must be specified when TLSModeType - is Terminate - rule: 'self.mode == ''Terminate'' ? size(self.certificateRefs) - > 0 : true' - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - x-kubernetes-validations: - - message: tls must be specified for protocols ['HTTPS', 'TLS'] - rule: 'self.all(l, l.protocol in [''HTTPS'', ''TLS''] ? has(l.tls) - : true)' - - message: tls must not be specified for protocols ['HTTP', 'TCP', - 'UDP'] - rule: 'self.all(l, l.protocol in [''HTTP'', ''TCP'', ''UDP''] ? - !has(l.tls) : true)' - - message: hostname must not be specified for protocols ['TCP', 'UDP'] - rule: 'self.all(l, l.protocol in [''TCP'', ''UDP''] ? (!has(l.hostname) - || l.hostname == '''') : true)' - - message: Listener name must be unique within the Gateway - rule: self.all(l1, self.exists_one(l2, l1.name == l2.name)) - - message: Combination of port, protocol and hostname must be unique - for each listener - rule: 'self.all(l1, self.exists_one(l2, l1.port == l2.port && l1.protocol - == l2.protocol && (has(l1.hostname) && has(l2.hostname) ? l1.hostname - == l2.hostname : !has(l1.hostname) && !has(l2.hostname))))' - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: Status defines the current state of Gateway. - properties: - addresses: - description: "Addresses lists the network addresses that have been - bound to the Gateway. \n This list may differ from the addresses - provided in the spec under some conditions: \n * no addresses are - specified, all addresses are dynamically assigned * a combination - of specified and dynamic addresses are assigned * a specified address - was unusable (e.g. already in use) \n " - items: - description: GatewayStatusAddress describes a network address that - is bound to a Gateway. - oneOf: - - properties: - type: - enum: - - IPAddress - value: - anyOf: - - format: ipv4 - - format: ipv6 - - properties: - type: - not: - enum: - - IPAddress - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - x-kubernetes-validations: - - message: Hostname value must only contain valid characters (matching - ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$) - rule: 'self.type == ''Hostname'' ? self.value.matches(r"""^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$"""): - true' - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: "Conditions describe the current conditions of the Gateway. - \n Implementations should prefer to express Gateway conditions using - the `GatewayConditionType` and `GatewayConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe Gateway state. \n Known condition types are: \n * \"Accepted\" - * \"Programmed\" * \"Ready\"" - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: "AttachedRoutes represents the total number of - Routes that have been successfully attached to this Listener. - \n Successful attachment of a Route to a Listener is based - solely on the combination of the AllowedRoutes field on the - corresponding Listener and the Route's ParentRefs field. A - Route is successfully attached to a Listener when it is selected - by the Listener's AllowedRoutes field AND the Route has a - valid ParentRef selecting the whole Gateway resource or a - specific Listener as a parent resource (more detail on attachment - semantics can be found in the documentation on the various - Route kinds ParentRefs fields). Listener or Route status does - not impact successful attachment, i.e. the AttachedRoutes - field count MUST be set for Listeners with condition Accepted: - false and MUST count successfully attached Routes that may - themselves have Accepted: false conditions. \n Uses for this - field include troubleshooting Route attachment and measuring - blast radius/impact of changes to a Listener." - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: "SupportedKinds is the list indicating the Kinds - supported by this listener. This MUST represent the kinds - an implementation supports for that Listener configuration. - \n If kinds are specified in Spec that are not supported, - they MUST NOT appear in this list and an implementation MUST - set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\" - reason. If both valid and invalid Route kinds are specified, - the implementation MUST reference the valid Route kinds that - have been specified." - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466 - gateway.networking.k8s.io/bundle-version: v1.0.0 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: httproutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: HTTPRoute - listKind: HTTPRouteList - plural: httproutes - singular: httproute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: HTTPRoute provides a way to route HTTP requests. This includes - the capability to match requests by hostname, path, header, or query param. - Filters can be used to specify additional processing steps. Backends specify - where matching requests should be routed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostnames that should match - against the HTTP Host header to select a HTTPRoute used to process - the request. Implementations MUST ignore any port value specified - in the HTTP Host header while performing a match and (absent of - any applicable header modification configuration) MUST forward this - header unmodified to the backend. \n Valid values for Hostnames - are determined by RFC 1123 definition of a hostname with 2 notable - exceptions: \n 1. IPs are not allowed. 2. A hostname may be prefixed - with a wildcard label (`*.`). The wildcard label must appear by - itself as the first label. \n If a hostname is specified by both - the Listener and HTTPRoute, there must be at least one intersecting - hostname for the HTTPRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - HTTPRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - that have either not specified any hostnames or have specified at - least one hostname that matches the Listener hostname. For example, - `*.example.com`, `test.example.com`, and `foo.test.example.com` - would all match. On the other hand, `example.com` and `test.example.net` - would not match. \n Hostnames that are prefixed with a wildcard - label (`*.`) are interpreted as a suffix match. That means that - a match for `*.example.com` would match both `test.example.com`, - and `foo.test.example.com`, but not `example.com`. \n If both the - Listener and HTTPRoute have specified hostnames, any HTTPRoute hostnames - that do not match the Listener hostname MUST be ignored. For example, - if a Listener specified `*.example.com`, and the HTTPRoute specified - `test.example.com` and `test.example.net`, `test.example.net` must - not be considered for a match. \n If both the Listener and HTTPRoute - have specified hostnames, and none match with the criteria above, - then the HTTPRoute is not accepted. The implementation must raise - an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n In the event that multiple HTTPRoutes specify - intersecting hostnames (e.g. overlapping wildcard matching and exact - matching hostnames), precedence must be given to rules from the - HTTPRoute with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. \n If - ties exist across multiple Routes, the matching precedence rules - for HTTPRouteMatches takes over. \n Support: Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. For Services, that means the - Service must either be in the same namespace for a \"producer\" - route, or the mesh implementation must support and allow \"consumer\" - routes for the referenced Service. ReferenceGrant is not applicable - for governing ParentRefs to Services - it is not possible to create - a \"producer\" route for a Service in a different namespace from - the Route. \n There are two kinds of parent resources with \"Core\" - support: \n * Gateway (Gateway conformance profile) This API may - be extended in the future to support additional kinds of parent - resources. \n ParentRefs must be _distinct_. This means either that: - \n * They select different objects. If this is the case, then parentRef - entries are distinct. In terms of fields, this means that the multi-part - key defined by `group`, `kind`, `namespace`, and `name` must be - unique across all parentRef entries in the Route. * They do not - select different objects, but for each optional field used, each - ParentRef that selects the same object must set the same set of - optional fields to different values. If one ParentRef sets a combination - of optional fields, all must set the same combination. \n Some examples: - \n * If one ParentRef sets `sectionName`, all ParentRefs referencing - the same object must also set `sectionName`. * If one ParentRef - sets `port`, all ParentRefs referencing the same object must also - set `port`. * If one ParentRef sets `sectionName` and `port`, all - ParentRefs referencing the same object must also set `sectionName` - and `port`. \n It is possible to separately reference multiple distinct - objects that may be collapsed by an implementation. For example, - some implementations may choose to merge compatible Gateway Listeners - together. If that is the case, the list of routes attached to those - resources should also be merged. \n Note that for ParentRefs that - cross namespace boundaries, there are specific rules. Cross-namespace - references are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example, Gateway has - the AllowedRoutes field, and ReferenceGrant provides a generic way - to enable other kinds of cross-namespace reference. \n \n " - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). There are two kinds of parent resources with \"Core\" - support: \n * Gateway (Gateway conformance profile) * Service - (Mesh conformance profile, experimental, ClusterIP Services only) - \n This API may be extended in the future to support additional - kinds of parent resources. \n The API object must be valid in - the cluster; the Group and Kind must be registered in the cluster - for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n There are two - kinds of parent resources with \"Core\" support: \n * Gateway - (Gateway conformance profile) * Service (Mesh conformance - profile, experimental, ClusterIP Services only) \n Support - for other resources is Implementation-Specific." - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. * Service: Port Name. When both Port (experimental) - and SectionName are specified, the name and port of the selected - listener must match both specified values. Note that attaching - Routes to Services as Parents is part of experimental Mesh - support and is not supported for any other purpose. \n Implementations - MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this will - reference the entire resource. For the purpose of status, - an attachment is considered successful if at least one section - in the parent resource accepts it. For example, Gateway listeners - can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept - attachment from the referencing Route, the Route MUST be considered - successfully attached. If no Gateway listeners accept attachment - from this Route, the Route MUST be considered detached from - the Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - x-kubernetes-validations: - - message: sectionName must be specified when parentRefs includes - 2 or more references to the same parent - rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__ - == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) ? ((!has(p1.sectionName) - || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName - == '''')) : true))' - - message: sectionName must be unique when parentRefs includes 2 or - more references to the same parent - rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ - == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) - || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName - == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName - == p2.sectionName)))) - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: Rules are a list of HTTP matchers, filters and actions. - items: - description: HTTPRouteRule defines semantics for matching an HTTP - request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive a 500 status code. \n - See the HTTPBackendRef definition for the rules about what - makes a single HTTPBackendRef invalid. \n When a HTTPBackendRef - is invalid, 500 status codes MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive a 500 status code. - \n For example, if two backends are specified with equal weights, - and one is invalid, 50 percent of traffic must receive a 500. - Implementations may choose how that 50 percent is determined. - \n Support: Core for Kubernetes Service \n Support: Extended - for Kubernetes ServiceImport \n Support: Implementation-specific - for any other resource \n Support for weight: Core" - items: - description: "HTTPBackendRef defines how a HTTPRoute forwards - a HTTP request. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. \n - \n When the BackendRef points to a Kubernetes Service, implementations - SHOULD honor the appProtocol field if it is set for the - target Service Port. \n Implementations supporting appProtocol - SHOULD recognize the Kubernetes Standard Application Protocols - defined in KEP-3726. \n If a Service appProtocol isn't specified, - an implementation MAY infer the backend protocol through - its own means. Implementations MAY infer the protocol from - the Route type referring to the backend Service. \n If a - Route is not able to send traffic to the backend using the - specified protocol then the backend is considered invalid. - Implementations MUST set the \"ResolvedRefs\" condition - to \"False\" with the \"UnsupportedProtocol\" reason. \n - " - properties: - filters: - description: "Filters defined at this level should be - executed if and only if the request is being forwarded - to the backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in HTTPRouteRule.)" - items: - description: HTTPRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n This filter can be used multiple times - within the same rule. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo HTTP/1.1 - my-header: foo \n Config: add: - name: \"my-header\" - value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 - my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - my-header2: bar my-header3: baz \n Config: - remove: [\"my-header1\", \"my-header3\"] \n - Output: GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - value: \"bar\" \n Output: GET /foo HTTP/1.1 - my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n This filter can - be used multiple times within the same rule. Note - that not all implementations will be able to support - mirroring to multiple backends. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n Mirrored - requests must be sent only to a single destination - endpoint within this BackendRef, irrespective - of how many endpoints are present within this - BackendRef. \n If the referent cannot be found, - this BackendRef is invalid and must be dropped - from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route - status is set to `status: False` and not configure - this backend in the underlying implementation. - \n If there is a cross-namespace reference - to an *existing* object that is not allowed - by a ReferenceGrant, the controller must ensure - the \"ResolvedRefs\" condition on the Route - is set to `status: False`, with the \"RefNotPermitted\" - reason and not configure this backend in the - underlying implementation. \n In either error - case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about - the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific - for any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource - kind of the referent. For example \"Service\". - \n Defaults to \"Service\" when not specified. - \n ExternalName services can refer to - CNAME DNS records that may live outside - of the cluster and as such are difficult - to reason about in terms of conformance. - They also may not be safe to forward to - (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName - Services. \n Support: Core (Services with - a type other than ExternalName) \n Support: - Implementation-specific (Services with - type ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace different than the local - namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind - == ''Service'') ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for - a filter that responds to the request with an - HTTP redirection. \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be - used in the value of the `Location` header - in the response. When empty, the hostname - in the `Host` header of the request is used. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines parameters used to - modify the path of the incoming request. The - modified path is then used to construct the - `Location` header. When empty, the request - path is used as-is. \n Support: Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the - value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies - the value with which to replace the prefix - match of a request during a rewrite or - redirect. For example, a request to \"/foo/bar\" - with a prefix match of \"/foo\" and a - ReplacePrefixMatch of \"/xyz\" would be - modified to \"/xyz/bar\". \n Note that - this matches the behavior of the PathPrefix - match type. This matches full path elements. - A path element refers to the list of labels - in the path split by the `/` separator. - When specified, a trailing `/` is ignored. - For example, the paths `/abc`, `/abc/`, - and `/abc/def` would all match the prefix - `/abc`, but the path `/abcd` would not. - \n ReplacePrefixMatch is only compatible - with a `PathPrefix` HTTPRouteMatch. Using - any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the - Route to `status: False`. \n Request Path - | Prefix Match | Replace Prefix | Modified - Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | - /xyz/ | /xyz/bar /foo/bar | - /foo/ | /xyz | /xyz/bar - /foo/bar | /foo/ | /xyz/ | - /xyz/bar /foo | /foo | - /xyz | /xyz /foo/ | /foo - \ | /xyz | /xyz/ /foo/bar - \ | /foo | | - /bar /foo/ | /foo | | / /foo | /foo | - | / /foo/ | /foo - \ | / | / /foo | - /foo | / | /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path - modifier. Additional types may be added - in a future release of the API. \n Note - that values may be added to this enum, - implementations must ensure that unknown - values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the - Route to `status: False`, with a Reason - of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: "Port is the port to be used in - the value of the `Location` header in the - response. \n If no port is specified, the - redirect port MUST be derived using the following - rules: \n * If redirect scheme is not-empty, - the redirect port MUST be the well-known port - associated with the redirect scheme. Specifically - \"http\" to port 80 and \"https\" to port - 443. If the redirect scheme does not have - a well-known port, the listener port of the - Gateway SHOULD be used. * If redirect scheme - is empty, the redirect port MUST be the Gateway - Listener port. \n Implementations SHOULD NOT - add the port number in the 'Location' header - in the following cases: \n * A Location header - that will use HTTP (whether that is determined - via the Listener protocol or the Scheme field) - _and_ use port 80. * A Location header that - will use HTTPS (whether that is determined - via the Listener protocol or the Scheme field) - _and_ use port 443. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used - in the value of the `Location` header in the - response. When empty, the scheme of the request - is used. \n Scheme redirects can affect the - port of the redirect, for more information, - refer to the documentation for the port field - of this filter. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. - \n Unknown values here must result in the - implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status - code to be used in response. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result - in the implementation setting the Accepted - Condition for the Route to `status: False`, - with a Reason of `UnsupportedValue`. \n Support: - Core" - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n - Support: Extended" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo HTTP/1.1 - my-header: foo \n Config: add: - name: \"my-header\" - value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 - my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - my-header2: bar my-header3: baz \n Config: - remove: [\"my-header1\", \"my-header3\"] \n - Output: GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - value: \"bar\" \n Output: GET /foo HTTP/1.1 - my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - must support core filters. \n - Extended: Filter - types and their corresponding configuration defined - by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations will - be considered for inclusion in extended or core - conformance levels. Filter-specific configuration - for such filters is specified using the ExtensionRef - field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result in - the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`." - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: "URLRewrite defines a schema for a - filter that modifies a request during forwarding. - \n Support: Extended" - properties: - hostname: - description: "Hostname is the value to be used - to replace the Host header value during forwarding. - \n Support: Extended" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines a path rewrite. \n - Support: Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the - value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies - the value with which to replace the prefix - match of a request during a rewrite or - redirect. For example, a request to \"/foo/bar\" - with a prefix match of \"/foo\" and a - ReplacePrefixMatch of \"/xyz\" would be - modified to \"/xyz/bar\". \n Note that - this matches the behavior of the PathPrefix - match type. This matches full path elements. - A path element refers to the list of labels - in the path split by the `/` separator. - When specified, a trailing `/` is ignored. - For example, the paths `/abc`, `/abc/`, - and `/abc/def` would all match the prefix - `/abc`, but the path `/abcd` would not. - \n ReplacePrefixMatch is only compatible - with a `PathPrefix` HTTPRouteMatch. Using - any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the - Route to `status: False`. \n Request Path - | Prefix Match | Replace Prefix | Modified - Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | - /xyz/ | /xyz/bar /foo/bar | - /foo/ | /xyz | /xyz/bar - /foo/bar | /foo/ | /xyz/ | - /xyz/bar /foo | /foo | - /xyz | /xyz /foo/ | /foo - \ | /xyz | /xyz/ /foo/bar - \ | /foo | | - /bar /foo/ | /foo | | / /foo | /foo | - | / /foo/ | /foo - \ | / | / /foo | - /foo | / | /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path - modifier. Additional types may be added - in a future release of the API. \n Note - that values may be added to this enum, - implementations must ensure that unknown - values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the - Route to `status: False`, with a Reason - of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil - if the filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type - != ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type - == ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil - if the filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type - != ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for - RequestMirror filter.type - rule: '!(!has(self.requestMirror) && self.type == - ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the - filter.type is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != - ''RequestRedirect'')' - - message: filter.requestRedirect must be specified - for RequestRedirect filter.type - rule: '!(!has(self.requestRedirect) && self.type == - ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for - ExtensionRef filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() - <= 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() - <= 1 - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource kind of - the referent. For example \"Service\". \n Defaults to - \"Service\" when not specified. \n ExternalName services - can refer to CNAME DNS records that may live outside - of the cluster and as such are difficult to reason about - in terms of conformance. They also may not be safe to - forward to (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName Services. - \n Support: Core (Services with a type other than ExternalName) - \n Support: Implementation-specific (Services with type - ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace different than the local - namespace is specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations. - Implementers are encouraged to support - extended filters. - Implementation-specific custom filters - have no API guarantees across implementations. \n Specifying - the same filter multiple times is not supported unless explicitly - indicated in the filter. \n All filters are expected to be - compatible with each other except for the URLRewrite and RequestRedirect - filters, which may not be combined. If an implementation can - not support other combinations of filters, they must clearly - document that limitation. In cases where incompatible or unsupported - filters are specified and cause the `Accepted` condition to - be set to status `False`, implementations may use the `IncompatibleFilters` - reason to specify this configuration error. \n Support: Core" - items: - description: HTTPRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - HTTPRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n This filter can be used multiple times within - the same rule. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: foo - \n Config: add: - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: - bar my-header3: baz \n Config: remove: [\"my-header1\", - \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - set: - name: \"my-header\" value: \"bar\" \n Output: - GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n This filter can be used multiple times within - the same rule. Note that not all implementations will - be able to support mirroring to multiple backends. \n - Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n Mirrored requests - must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many - endpoints are present within this BackendRef. \n - If the referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the underlying - implementation. \n If there is a cross-namespace - reference to an *existing* object that is not allowed - by a ReferenceGrant, the controller must ensure - the \"ResolvedRefs\" condition on the Route is - set to `status: False`, with the \"RefNotPermitted\" - reason and not configure this backend in the underlying - implementation. \n In either error case, the Message - of the `ResolvedRefs` Condition should be used to - provide more detail about the problem. \n Support: - Extended for Kubernetes Service \n Support: Implementation-specific - for any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource - kind of the referent. For example \"Service\". - \n Defaults to \"Service\" when not specified. - \n ExternalName services can refer to CNAME - DNS records that may live outside of the cluster - and as such are difficult to reason about in - terms of conformance. They also may not be safe - to forward to (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName - Services. \n Support: Core (Services with a - type other than ExternalName) \n Support: Implementation-specific - (Services with type ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept the - reference. See the ReferenceGrant documentation - for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for a filter - that responds to the request with an HTTP redirection. - \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be used - in the value of the `Location` header in the response. - When empty, the hostname in the `Host` header of - the request is used. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines parameters used to modify - the path of the incoming request. The modified path - is then used to construct the `Location` header. - When empty, the request path is used as-is. \n Support: - Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the value - with which to replace the full path of a request - during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies the - value with which to replace the prefix match - of a request during a rewrite or redirect. For - example, a request to \"/foo/bar\" with a prefix - match of \"/foo\" and a ReplacePrefixMatch of - \"/xyz\" would be modified to \"/xyz/bar\". - \n Note that this matches the behavior of the - PathPrefix match type. This matches full path - elements. A path element refers to the list - of labels in the path split by the `/` separator. - When specified, a trailing `/` is ignored. For - example, the paths `/abc`, `/abc/`, and `/abc/def` - would all match the prefix `/abc`, but the path - `/abcd` would not. \n ReplacePrefixMatch is - only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the Route - to `status: False`. \n Request Path | Prefix - Match | Replace Prefix | Modified Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | /xyz/ - \ | /xyz/bar /foo/bar | /foo/ | - /xyz | /xyz/bar /foo/bar | /foo/ - \ | /xyz/ | /xyz/bar /foo | - /foo | /xyz | /xyz /foo/ | - /foo | /xyz | /xyz/ /foo/bar - \ | /foo | | /bar - /foo/ | /foo | - | / /foo | /foo | - | / /foo/ | /foo | / | - / /foo | /foo | / | - /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path modifier. - Additional types may be added in a future release - of the API. \n Note that values may be added - to this enum, implementations must ensure that - unknown values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the Route - to `status: False`, with a Reason of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: "Port is the port to be used in the value - of the `Location` header in the response. \n If - no port is specified, the redirect port MUST be - derived using the following rules: \n * If redirect - scheme is not-empty, the redirect port MUST be the - well-known port associated with the redirect scheme. - Specifically \"http\" to port 80 and \"https\" to - port 443. If the redirect scheme does not have a - well-known port, the listener port of the Gateway - SHOULD be used. * If redirect scheme is empty, the - redirect port MUST be the Gateway Listener port. - \n Implementations SHOULD NOT add the port number - in the 'Location' header in the following cases: - \n * A Location header that will use HTTP (whether - that is determined via the Listener protocol or - the Scheme field) _and_ use port 80. * A Location - header that will use HTTPS (whether that is determined - via the Listener protocol or the Scheme field) _and_ - use port 443. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used in the - value of the `Location` header in the response. - When empty, the scheme of the request is used. \n - Scheme redirects can affect the port of the redirect, - for more information, refer to the documentation - for the port field of this filter. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause a - crash. \n Unknown values here must result in the - implementation setting the Accepted Condition for - the Route to `status: False`, with a Reason of `UnsupportedValue`. - \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status code to - be used in response. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. \n Unknown - values here must result in the implementation setting - the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n - Support: Core" - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n Support: - Extended" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: foo - \n Config: add: - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: - bar my-header3: baz \n Config: remove: [\"my-header1\", - \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - set: - name: \"my-header\" value: \"bar\" \n Output: - GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations must support core filters. \n - - Extended: Filter types and their corresponding configuration - defined by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged to support - extended filters. \n - Implementation-specific: Filters - that are defined and supported by specific vendors. - In the future, filters showing convergence in behavior - across multiple implementations will be considered for - inclusion in extended or core conformance levels. Filter-specific - configuration for such filters is specified using the - ExtensionRef field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged to - define custom implementation types to extend the core - API with implementation-specific behavior. \n If a reference - to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have - been processed by that filter MUST receive a HTTP error - response. \n Note that values may be added to this enum, - implementations must ensure that unknown values will - not cause a crash. \n Unknown values here must result - in the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason of `UnsupportedValue`." - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: "URLRewrite defines a schema for a filter - that modifies a request during forwarding. \n Support: - Extended" - properties: - hostname: - description: "Hostname is the value to be used to - replace the Host header value during forwarding. - \n Support: Extended" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines a path rewrite. \n Support: - Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the value - with which to replace the full path of a request - during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies the - value with which to replace the prefix match - of a request during a rewrite or redirect. For - example, a request to \"/foo/bar\" with a prefix - match of \"/foo\" and a ReplacePrefixMatch of - \"/xyz\" would be modified to \"/xyz/bar\". - \n Note that this matches the behavior of the - PathPrefix match type. This matches full path - elements. A path element refers to the list - of labels in the path split by the `/` separator. - When specified, a trailing `/` is ignored. For - example, the paths `/abc`, `/abc/`, and `/abc/def` - would all match the prefix `/abc`, but the path - `/abcd` would not. \n ReplacePrefixMatch is - only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the Route - to `status: False`. \n Request Path | Prefix - Match | Replace Prefix | Modified Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | /xyz/ - \ | /xyz/bar /foo/bar | /foo/ | - /xyz | /xyz/bar /foo/bar | /foo/ - \ | /xyz/ | /xyz/bar /foo | - /foo | /xyz | /xyz /foo/ | - /foo | /xyz | /xyz/ /foo/bar - \ | /foo | | /bar - /foo/ | /foo | - | / /foo | /foo | - | / /foo/ | /foo | / | - / /foo | /foo | / | - /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path modifier. - Additional types may be added in a future release - of the API. \n Note that values may be added - to this enum, implementations must ensure that - unknown values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the Route - to `status: False`, with a Reason of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil if the - filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type != - ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type == - ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil if the - filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type != - ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for RequestMirror - filter.type - rule: '!(!has(self.requestMirror) && self.type == ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the filter.type - is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != ''RequestRedirect'')' - - message: filter.requestRedirect must be specified for RequestRedirect - filter.type - rule: '!(!has(self.requestRedirect) && self.type == ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for ExtensionRef - filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') && - self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() <= - 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() <= 1 - matches: - default: - - path: - type: PathPrefix - value: / - description: "Matches define conditions used for matching the - rule against incoming HTTP requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - path: value: \"/foo\" headers: - name: \"version\" - value: \"v2\" - path: value: \"/v2/foo\" ``` \n For a request - to match against this rule, a request must satisfy EITHER - of the two conditions: \n - path prefixed with `/foo` AND - contains the header `version: v2` - path prefix of `/v2/foo` - \n See the documentation for HTTPRouteMatch on how to specify - multiple match conditions that should be ANDed together. \n - If no matches are specified, the default is a prefix path - match on \"/\", which has the effect of matching every HTTP - request. \n Proxy or Load Balancer routing configuration generated - from HTTPRoutes MUST prioritize matches based on the following - criteria, continuing on ties. Across all rules specified on - applicable Routes, precedence must be given to the match having: - \n * \"Exact\" path match. * \"Prefix\" path match with largest - number of characters. * Method match. * Largest number of - header matches. * Largest number of query param matches. \n - Note: The precedence of RegularExpression path matches are - implementation-specific. \n If ties still exist across multiple - Routes, matching precedence MUST be determined in order of - the following criteria, continuing on ties: \n * The oldest - Route based on creation timestamp. * The Route appearing first - in alphabetical order by \"{namespace}/{name}\". \n If ties - still exist within an HTTPRoute, matching precedence MUST - be granted to the FIRST matching rule (in list order) with - a match meeting the above criteria. \n When no rules matching - a request have been successfully attached to the parent a - request is coming from, a HTTP 404 status code MUST be returned." - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a HTTP request only if its path starts - with `/foo` AND it contains the `version: v1` header: \n - ``` match: \n path: value: \"/foo\" headers: - name: \"version\" - value \"v1\" \n ```" - properties: - headers: - description: Headers specifies HTTP request header matchers. - Multiple match values are ANDed together, meaning, a - request must match all the specified headers to select - the route. - items: - description: HTTPHeaderMatch describes how to select - a HTTP route by matching HTTP request headers. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case insensitive. - (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent header - names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be - ignored. Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered equivalent. - \n When a header is repeated in an HTTP request, - it is implementation-specific behavior as to how - this is represented. Generally, proxies should - follow the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, with special - handling for \"Set-Cookie\"." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the header. \n Support: Core (Exact) - \n Support: Implementation-specific (RegularExpression) - \n Since RegularExpression HeaderMatchType has - implementation-specific conformance, implementations - can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's - documentation to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: "Method specifies HTTP method matcher. When - specified, this route will be matched only if the request - has the specified method. \n Support: Extended" - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: Path specifies a HTTP request path matcher. - If this field is not specified, a default prefix match - on the "/" path is provided. - properties: - type: - default: PathPrefix - description: "Type specifies how to match against - the path Value. \n Support: Core (Exact, PathPrefix) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - x-kubernetes-validations: - - message: value must be an absolute path and start with - '/' when type one of ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.startsWith(''/'') - : true' - - message: must not contain '//' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''//'') - : true' - - message: must not contain '/./' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/./'') - : true' - - message: must not contain '/../' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/../'') - : true' - - message: must not contain '%2f' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2f'') - : true' - - message: must not contain '%2F' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2F'') - : true' - - message: must not contain '#' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''#'') - : true' - - message: must not end with '/..' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/..'') - : true' - - message: must not end with '/.' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/.'') - : true' - - message: type must be one of ['Exact', 'PathPrefix', - 'RegularExpression'] - rule: self.type in ['Exact','PathPrefix'] || self.type - == 'RegularExpression' - - message: must only contain valid characters (matching - ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) - for types ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") - : true' - queryParams: - description: "QueryParams specifies HTTP query parameter - matchers. Multiple match values are ANDed together, - meaning, a request must match all the specified query - parameters to select the route. \n Support: Extended" - items: - description: HTTPQueryParamMatch describes how to select - a HTTP route by matching HTTP query parameters. - properties: - name: - description: "Name is the name of the HTTP query - param to be matched. This must be an exact string - match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent query - param names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST - be ignored. \n If a query param is repeated in - an HTTP request, the behavior is purposely left - undefined, since different data planes have different - capabilities. However, it is *recommended* that - implementations should match against the first - value of the param if the data plane supports - it, as this behavior is expected in other load - balancing contexts outside of the Gateway API. - \n Users SHOULD NOT route traffic based on repeated - query params to guard themselves against potential - differences in the implementations." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the query parameter. \n Support: - Extended (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, - PCRE or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 8 - type: array - type: object - x-kubernetes-validations: - - message: RequestRedirect filter must not be used together with - backendRefs - rule: '(has(self.backendRefs) && size(self.backendRefs) > 0) ? - (!has(self.filters) || self.filters.all(f, !has(f.requestRedirect))): - true' - - message: When using RequestRedirect filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - ? ((size(self.matches) != 1 || !has(self.matches[0].path) || - self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: When using URLRewrite filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - - message: Within backendRefs, when using RequestRedirect filter - with path.replacePrefixMatch, exactly one PathPrefix match must - be specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - )) ? ((size(self.matches) != 1 || !has(self.matches[0].path) - || self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: Within backendRefs, When using URLRewrite filter with - path.replacePrefixMatch, exactly one PathPrefix match must be - specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) )) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n There are - two kinds of parent resources with \"Core\" support: \n - * Gateway (Gateway conformance profile) * Service (Mesh - conformance profile, experimental, ClusterIP Services - only) \n Support for other resources is Implementation-Specific." - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. * Service: Port Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services - as Parents is part of experimental Mesh support and is - not supported for any other purpose. \n Implementations - MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HTTPRoute provides a way to route HTTP requests. This includes - the capability to match requests by hostname, path, header, or query param. - Filters can be used to specify additional processing steps. Backends specify - where matching requests should be routed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostnames that should match - against the HTTP Host header to select a HTTPRoute used to process - the request. Implementations MUST ignore any port value specified - in the HTTP Host header while performing a match and (absent of - any applicable header modification configuration) MUST forward this - header unmodified to the backend. \n Valid values for Hostnames - are determined by RFC 1123 definition of a hostname with 2 notable - exceptions: \n 1. IPs are not allowed. 2. A hostname may be prefixed - with a wildcard label (`*.`). The wildcard label must appear by - itself as the first label. \n If a hostname is specified by both - the Listener and HTTPRoute, there must be at least one intersecting - hostname for the HTTPRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - HTTPRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - that have either not specified any hostnames or have specified at - least one hostname that matches the Listener hostname. For example, - `*.example.com`, `test.example.com`, and `foo.test.example.com` - would all match. On the other hand, `example.com` and `test.example.net` - would not match. \n Hostnames that are prefixed with a wildcard - label (`*.`) are interpreted as a suffix match. That means that - a match for `*.example.com` would match both `test.example.com`, - and `foo.test.example.com`, but not `example.com`. \n If both the - Listener and HTTPRoute have specified hostnames, any HTTPRoute hostnames - that do not match the Listener hostname MUST be ignored. For example, - if a Listener specified `*.example.com`, and the HTTPRoute specified - `test.example.com` and `test.example.net`, `test.example.net` must - not be considered for a match. \n If both the Listener and HTTPRoute - have specified hostnames, and none match with the criteria above, - then the HTTPRoute is not accepted. The implementation must raise - an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n In the event that multiple HTTPRoutes specify - intersecting hostnames (e.g. overlapping wildcard matching and exact - matching hostnames), precedence must be given to rules from the - HTTPRoute with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. \n If - ties exist across multiple Routes, the matching precedence rules - for HTTPRouteMatches takes over. \n Support: Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. For Services, that means the - Service must either be in the same namespace for a \"producer\" - route, or the mesh implementation must support and allow \"consumer\" - routes for the referenced Service. ReferenceGrant is not applicable - for governing ParentRefs to Services - it is not possible to create - a \"producer\" route for a Service in a different namespace from - the Route. \n There are two kinds of parent resources with \"Core\" - support: \n * Gateway (Gateway conformance profile) This API may - be extended in the future to support additional kinds of parent - resources. \n ParentRefs must be _distinct_. This means either that: - \n * They select different objects. If this is the case, then parentRef - entries are distinct. In terms of fields, this means that the multi-part - key defined by `group`, `kind`, `namespace`, and `name` must be - unique across all parentRef entries in the Route. * They do not - select different objects, but for each optional field used, each - ParentRef that selects the same object must set the same set of - optional fields to different values. If one ParentRef sets a combination - of optional fields, all must set the same combination. \n Some examples: - \n * If one ParentRef sets `sectionName`, all ParentRefs referencing - the same object must also set `sectionName`. * If one ParentRef - sets `port`, all ParentRefs referencing the same object must also - set `port`. * If one ParentRef sets `sectionName` and `port`, all - ParentRefs referencing the same object must also set `sectionName` - and `port`. \n It is possible to separately reference multiple distinct - objects that may be collapsed by an implementation. For example, - some implementations may choose to merge compatible Gateway Listeners - together. If that is the case, the list of routes attached to those - resources should also be merged. \n Note that for ParentRefs that - cross namespace boundaries, there are specific rules. Cross-namespace - references are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example, Gateway has - the AllowedRoutes field, and ReferenceGrant provides a generic way - to enable other kinds of cross-namespace reference. \n \n " - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). There are two kinds of parent resources with \"Core\" - support: \n * Gateway (Gateway conformance profile) * Service - (Mesh conformance profile, experimental, ClusterIP Services only) - \n This API may be extended in the future to support additional - kinds of parent resources. \n The API object must be valid in - the cluster; the Group and Kind must be registered in the cluster - for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n There are two - kinds of parent resources with \"Core\" support: \n * Gateway - (Gateway conformance profile) * Service (Mesh conformance - profile, experimental, ClusterIP Services only) \n Support - for other resources is Implementation-Specific." - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. * Service: Port Name. When both Port (experimental) - and SectionName are specified, the name and port of the selected - listener must match both specified values. Note that attaching - Routes to Services as Parents is part of experimental Mesh - support and is not supported for any other purpose. \n Implementations - MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this will - reference the entire resource. For the purpose of status, - an attachment is considered successful if at least one section - in the parent resource accepts it. For example, Gateway listeners - can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept - attachment from the referencing Route, the Route MUST be considered - successfully attached. If no Gateway listeners accept attachment - from this Route, the Route MUST be considered detached from - the Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - x-kubernetes-validations: - - message: sectionName must be specified when parentRefs includes - 2 or more references to the same parent - rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__ - == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) ? ((!has(p1.sectionName) - || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName - == '''')) : true))' - - message: sectionName must be unique when parentRefs includes 2 or - more references to the same parent - rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ - == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) - || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName - == '')) || (has(p1.sectionName) && has(p2.sectionName) && p1.sectionName - == p2.sectionName)))) - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: Rules are a list of HTTP matchers, filters and actions. - items: - description: HTTPRouteRule defines semantics for matching an HTTP - request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive a 500 status code. \n - See the HTTPBackendRef definition for the rules about what - makes a single HTTPBackendRef invalid. \n When a HTTPBackendRef - is invalid, 500 status codes MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive a 500 status code. - \n For example, if two backends are specified with equal weights, - and one is invalid, 50 percent of traffic must receive a 500. - Implementations may choose how that 50 percent is determined. - \n Support: Core for Kubernetes Service \n Support: Extended - for Kubernetes ServiceImport \n Support: Implementation-specific - for any other resource \n Support for weight: Core" - items: - description: "HTTPBackendRef defines how a HTTPRoute forwards - a HTTP request. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. \n - \n When the BackendRef points to a Kubernetes Service, implementations - SHOULD honor the appProtocol field if it is set for the - target Service Port. \n Implementations supporting appProtocol - SHOULD recognize the Kubernetes Standard Application Protocols - defined in KEP-3726. \n If a Service appProtocol isn't specified, - an implementation MAY infer the backend protocol through - its own means. Implementations MAY infer the protocol from - the Route type referring to the backend Service. \n If a - Route is not able to send traffic to the backend using the - specified protocol then the backend is considered invalid. - Implementations MUST set the \"ResolvedRefs\" condition - to \"False\" with the \"UnsupportedProtocol\" reason. \n - " - properties: - filters: - description: "Filters defined at this level should be - executed if and only if the request is being forwarded - to the backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in HTTPRouteRule.)" - items: - description: HTTPRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n This filter can be used multiple times - within the same rule. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo HTTP/1.1 - my-header: foo \n Config: add: - name: \"my-header\" - value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 - my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - my-header2: bar my-header3: baz \n Config: - remove: [\"my-header1\", \"my-header3\"] \n - Output: GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - value: \"bar\" \n Output: GET /foo HTTP/1.1 - my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n This filter can - be used multiple times within the same rule. Note - that not all implementations will be able to support - mirroring to multiple backends. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n Mirrored - requests must be sent only to a single destination - endpoint within this BackendRef, irrespective - of how many endpoints are present within this - BackendRef. \n If the referent cannot be found, - this BackendRef is invalid and must be dropped - from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route - status is set to `status: False` and not configure - this backend in the underlying implementation. - \n If there is a cross-namespace reference - to an *existing* object that is not allowed - by a ReferenceGrant, the controller must ensure - the \"ResolvedRefs\" condition on the Route - is set to `status: False`, with the \"RefNotPermitted\" - reason and not configure this backend in the - underlying implementation. \n In either error - case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about - the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific - for any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource - kind of the referent. For example \"Service\". - \n Defaults to \"Service\" when not specified. - \n ExternalName services can refer to - CNAME DNS records that may live outside - of the cluster and as such are difficult - to reason about in terms of conformance. - They also may not be safe to forward to - (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName - Services. \n Support: Core (Services with - a type other than ExternalName) \n Support: - Implementation-specific (Services with - type ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace different than the local - namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind - == ''Service'') ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for - a filter that responds to the request with an - HTTP redirection. \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be - used in the value of the `Location` header - in the response. When empty, the hostname - in the `Host` header of the request is used. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines parameters used to - modify the path of the incoming request. The - modified path is then used to construct the - `Location` header. When empty, the request - path is used as-is. \n Support: Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the - value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies - the value with which to replace the prefix - match of a request during a rewrite or - redirect. For example, a request to \"/foo/bar\" - with a prefix match of \"/foo\" and a - ReplacePrefixMatch of \"/xyz\" would be - modified to \"/xyz/bar\". \n Note that - this matches the behavior of the PathPrefix - match type. This matches full path elements. - A path element refers to the list of labels - in the path split by the `/` separator. - When specified, a trailing `/` is ignored. - For example, the paths `/abc`, `/abc/`, - and `/abc/def` would all match the prefix - `/abc`, but the path `/abcd` would not. - \n ReplacePrefixMatch is only compatible - with a `PathPrefix` HTTPRouteMatch. Using - any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the - Route to `status: False`. \n Request Path - | Prefix Match | Replace Prefix | Modified - Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | - /xyz/ | /xyz/bar /foo/bar | - /foo/ | /xyz | /xyz/bar - /foo/bar | /foo/ | /xyz/ | - /xyz/bar /foo | /foo | - /xyz | /xyz /foo/ | /foo - \ | /xyz | /xyz/ /foo/bar - \ | /foo | | - /bar /foo/ | /foo | | / /foo | /foo | - | / /foo/ | /foo - \ | / | / /foo | - /foo | / | /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path - modifier. Additional types may be added - in a future release of the API. \n Note - that values may be added to this enum, - implementations must ensure that unknown - values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the - Route to `status: False`, with a Reason - of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: "Port is the port to be used in - the value of the `Location` header in the - response. \n If no port is specified, the - redirect port MUST be derived using the following - rules: \n * If redirect scheme is not-empty, - the redirect port MUST be the well-known port - associated with the redirect scheme. Specifically - \"http\" to port 80 and \"https\" to port - 443. If the redirect scheme does not have - a well-known port, the listener port of the - Gateway SHOULD be used. * If redirect scheme - is empty, the redirect port MUST be the Gateway - Listener port. \n Implementations SHOULD NOT - add the port number in the 'Location' header - in the following cases: \n * A Location header - that will use HTTP (whether that is determined - via the Listener protocol or the Scheme field) - _and_ use port 80. * A Location header that - will use HTTPS (whether that is determined - via the Listener protocol or the Scheme field) - _and_ use port 443. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used - in the value of the `Location` header in the - response. When empty, the scheme of the request - is used. \n Scheme redirects can affect the - port of the redirect, for more information, - refer to the documentation for the port field - of this filter. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. - \n Unknown values here must result in the - implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status - code to be used in response. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result - in the implementation setting the Accepted - Condition for the Route to `status: False`, - with a Reason of `UnsupportedValue`. \n Support: - Core" - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n - Support: Extended" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo HTTP/1.1 - my-header: foo \n Config: add: - name: \"my-header\" - value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 - my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - my-header2: bar my-header3: baz \n Config: - remove: [\"my-header1\", \"my-header3\"] \n - Output: GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - value: \"bar\" \n Output: GET /foo HTTP/1.1 - my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - must support core filters. \n - Extended: Filter - types and their corresponding configuration defined - by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations will - be considered for inclusion in extended or core - conformance levels. Filter-specific configuration - for such filters is specified using the ExtensionRef - field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result in - the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`." - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: "URLRewrite defines a schema for a - filter that modifies a request during forwarding. - \n Support: Extended" - properties: - hostname: - description: "Hostname is the value to be used - to replace the Host header value during forwarding. - \n Support: Extended" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines a path rewrite. \n - Support: Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the - value with which to replace the full path - of a request during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies - the value with which to replace the prefix - match of a request during a rewrite or - redirect. For example, a request to \"/foo/bar\" - with a prefix match of \"/foo\" and a - ReplacePrefixMatch of \"/xyz\" would be - modified to \"/xyz/bar\". \n Note that - this matches the behavior of the PathPrefix - match type. This matches full path elements. - A path element refers to the list of labels - in the path split by the `/` separator. - When specified, a trailing `/` is ignored. - For example, the paths `/abc`, `/abc/`, - and `/abc/def` would all match the prefix - `/abc`, but the path `/abcd` would not. - \n ReplacePrefixMatch is only compatible - with a `PathPrefix` HTTPRouteMatch. Using - any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the - Route to `status: False`. \n Request Path - | Prefix Match | Replace Prefix | Modified - Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | - /xyz/ | /xyz/bar /foo/bar | - /foo/ | /xyz | /xyz/bar - /foo/bar | /foo/ | /xyz/ | - /xyz/bar /foo | /foo | - /xyz | /xyz /foo/ | /foo - \ | /xyz | /xyz/ /foo/bar - \ | /foo | | - /bar /foo/ | /foo | | / /foo | /foo | - | / /foo/ | /foo - \ | / | / /foo | - /foo | / | /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path - modifier. Additional types may be added - in a future release of the API. \n Note - that values may be added to this enum, - implementations must ensure that unknown - values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the - Route to `status: False`, with a Reason - of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified - when type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? - has(self.replaceFullPath) : true' - - message: type must be 'ReplaceFullPath' when - replaceFullPath is set - rule: 'has(self.replaceFullPath) ? self.type - == ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified - when type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' - ? has(self.replacePrefixMatch) : true' - - message: type must be 'ReplacePrefixMatch' - when replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil - if the filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type - != ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type - == ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil - if the filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type - != ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for - RequestMirror filter.type - rule: '!(!has(self.requestMirror) && self.type == - ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the - filter.type is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != - ''RequestRedirect'')' - - message: filter.requestRedirect must be specified - for RequestRedirect filter.type - rule: '!(!has(self.requestRedirect) && self.type == - ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for - ExtensionRef filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') - && self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() - <= 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() - <= 1 - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource kind of - the referent. For example \"Service\". \n Defaults to - \"Service\" when not specified. \n ExternalName services - can refer to CNAME DNS records that may live outside - of the cluster and as such are difficult to reason about - in terms of conformance. They also may not be safe to - forward to (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName Services. - \n Support: Core (Services with a type other than ExternalName) - \n Support: Implementation-specific (Services with type - ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace different than the local - namespace is specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations. - Implementers are encouraged to support - extended filters. - Implementation-specific custom filters - have no API guarantees across implementations. \n Specifying - the same filter multiple times is not supported unless explicitly - indicated in the filter. \n All filters are expected to be - compatible with each other except for the URLRewrite and RequestRedirect - filters, which may not be combined. If an implementation can - not support other combinations of filters, they must clearly - document that limitation. In cases where incompatible or unsupported - filters are specified and cause the `Accepted` condition to - be set to status `False`, implementations may use the `IncompatibleFilters` - reason to specify this configuration error. \n Support: Core" - items: - description: HTTPRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - HTTPRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n This filter can be used multiple times within - the same rule. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: foo - \n Config: add: - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: - bar my-header3: baz \n Config: remove: [\"my-header1\", - \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - set: - name: \"my-header\" value: \"bar\" \n Output: - GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n This filter can be used multiple times within - the same rule. Note that not all implementations will - be able to support mirroring to multiple backends. \n - Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n Mirrored requests - must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many - endpoints are present within this BackendRef. \n - If the referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the underlying - implementation. \n If there is a cross-namespace - reference to an *existing* object that is not allowed - by a ReferenceGrant, the controller must ensure - the \"ResolvedRefs\" condition on the Route is - set to `status: False`, with the \"RefNotPermitted\" - reason and not configure this backend in the underlying - implementation. \n In either error case, the Message - of the `ResolvedRefs` Condition should be used to - provide more detail about the problem. \n Support: - Extended for Kubernetes Service \n Support: Implementation-specific - for any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource - kind of the referent. For example \"Service\". - \n Defaults to \"Service\" when not specified. - \n ExternalName services can refer to CNAME - DNS records that may live outside of the cluster - and as such are difficult to reason about in - terms of conformance. They also may not be safe - to forward to (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName - Services. \n Support: Core (Services with a - type other than ExternalName) \n Support: Implementation-specific - (Services with type ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept the - reference. See the ReferenceGrant documentation - for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for a filter - that responds to the request with an HTTP redirection. - \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be used - in the value of the `Location` header in the response. - When empty, the hostname in the `Host` header of - the request is used. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines parameters used to modify - the path of the incoming request. The modified path - is then used to construct the `Location` header. - When empty, the request path is used as-is. \n Support: - Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the value - with which to replace the full path of a request - during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies the - value with which to replace the prefix match - of a request during a rewrite or redirect. For - example, a request to \"/foo/bar\" with a prefix - match of \"/foo\" and a ReplacePrefixMatch of - \"/xyz\" would be modified to \"/xyz/bar\". - \n Note that this matches the behavior of the - PathPrefix match type. This matches full path - elements. A path element refers to the list - of labels in the path split by the `/` separator. - When specified, a trailing `/` is ignored. For - example, the paths `/abc`, `/abc/`, and `/abc/def` - would all match the prefix `/abc`, but the path - `/abcd` would not. \n ReplacePrefixMatch is - only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the Route - to `status: False`. \n Request Path | Prefix - Match | Replace Prefix | Modified Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | /xyz/ - \ | /xyz/bar /foo/bar | /foo/ | - /xyz | /xyz/bar /foo/bar | /foo/ - \ | /xyz/ | /xyz/bar /foo | - /foo | /xyz | /xyz /foo/ | - /foo | /xyz | /xyz/ /foo/bar - \ | /foo | | /bar - /foo/ | /foo | - | / /foo | /foo | - | / /foo/ | /foo | / | - / /foo | /foo | / | - /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path modifier. - Additional types may be added in a future release - of the API. \n Note that values may be added - to this enum, implementations must ensure that - unknown values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the Route - to `status: False`, with a Reason of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - port: - description: "Port is the port to be used in the value - of the `Location` header in the response. \n If - no port is specified, the redirect port MUST be - derived using the following rules: \n * If redirect - scheme is not-empty, the redirect port MUST be the - well-known port associated with the redirect scheme. - Specifically \"http\" to port 80 and \"https\" to - port 443. If the redirect scheme does not have a - well-known port, the listener port of the Gateway - SHOULD be used. * If redirect scheme is empty, the - redirect port MUST be the Gateway Listener port. - \n Implementations SHOULD NOT add the port number - in the 'Location' header in the following cases: - \n * A Location header that will use HTTP (whether - that is determined via the Listener protocol or - the Scheme field) _and_ use port 80. * A Location - header that will use HTTPS (whether that is determined - via the Listener protocol or the Scheme field) _and_ - use port 443. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used in the - value of the `Location` header in the response. - When empty, the scheme of the request is used. \n - Scheme redirects can affect the port of the redirect, - for more information, refer to the documentation - for the port field of this filter. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause a - crash. \n Unknown values here must result in the - implementation setting the Accepted Condition for - the Route to `status: False`, with a Reason of `UnsupportedValue`. - \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status code to - be used in response. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. \n Unknown - values here must result in the implementation setting - the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n - Support: Core" - enum: - - 301 - - 302 - type: integer - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n Support: - Extended" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: foo - \n Config: add: - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: - bar my-header3: baz \n Config: remove: [\"my-header1\", - \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - set: - name: \"my-header\" value: \"bar\" \n Output: - GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations must support core filters. \n - - Extended: Filter types and their corresponding configuration - defined by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged to support - extended filters. \n - Implementation-specific: Filters - that are defined and supported by specific vendors. - In the future, filters showing convergence in behavior - across multiple implementations will be considered for - inclusion in extended or core conformance levels. Filter-specific - configuration for such filters is specified using the - ExtensionRef field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged to - define custom implementation types to extend the core - API with implementation-specific behavior. \n If a reference - to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have - been processed by that filter MUST receive a HTTP error - response. \n Note that values may be added to this enum, - implementations must ensure that unknown values will - not cause a crash. \n Unknown values here must result - in the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason of `UnsupportedValue`." - enum: - - RequestHeaderModifier - - ResponseHeaderModifier - - RequestMirror - - RequestRedirect - - URLRewrite - - ExtensionRef - type: string - urlRewrite: - description: "URLRewrite defines a schema for a filter - that modifies a request during forwarding. \n Support: - Extended" - properties: - hostname: - description: "Hostname is the value to be used to - replace the Host header value during forwarding. - \n Support: Extended" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - path: - description: "Path defines a path rewrite. \n Support: - Extended" - properties: - replaceFullPath: - description: ReplaceFullPath specifies the value - with which to replace the full path of a request - during a rewrite or redirect. - maxLength: 1024 - type: string - replacePrefixMatch: - description: "ReplacePrefixMatch specifies the - value with which to replace the prefix match - of a request during a rewrite or redirect. For - example, a request to \"/foo/bar\" with a prefix - match of \"/foo\" and a ReplacePrefixMatch of - \"/xyz\" would be modified to \"/xyz/bar\". - \n Note that this matches the behavior of the - PathPrefix match type. This matches full path - elements. A path element refers to the list - of labels in the path split by the `/` separator. - When specified, a trailing `/` is ignored. For - example, the paths `/abc`, `/abc/`, and `/abc/def` - would all match the prefix `/abc`, but the path - `/abcd` would not. \n ReplacePrefixMatch is - only compatible with a `PathPrefix` HTTPRouteMatch. - Using any other HTTPRouteMatch type on the same - HTTPRouteRule will result in the implementation - setting the Accepted Condition for the Route - to `status: False`. \n Request Path | Prefix - Match | Replace Prefix | Modified Path -------------|--------------|----------------|---------- - /foo/bar | /foo | /xyz | - /xyz/bar /foo/bar | /foo | /xyz/ - \ | /xyz/bar /foo/bar | /foo/ | - /xyz | /xyz/bar /foo/bar | /foo/ - \ | /xyz/ | /xyz/bar /foo | - /foo | /xyz | /xyz /foo/ | - /foo | /xyz | /xyz/ /foo/bar - \ | /foo | | /bar - /foo/ | /foo | - | / /foo | /foo | - | / /foo/ | /foo | / | - / /foo | /foo | / | - /" - maxLength: 1024 - type: string - type: - description: "Type defines the type of path modifier. - Additional types may be added in a future release - of the API. \n Note that values may be added - to this enum, implementations must ensure that - unknown values will not cause a crash. \n Unknown - values here must result in the implementation - setting the Accepted Condition for the Route - to `status: False`, with a Reason of `UnsupportedValue`." - enum: - - ReplaceFullPath - - ReplacePrefixMatch - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: replaceFullPath must be specified when - type is set to 'ReplaceFullPath' - rule: 'self.type == ''ReplaceFullPath'' ? has(self.replaceFullPath) - : true' - - message: type must be 'ReplaceFullPath' when replaceFullPath - is set - rule: 'has(self.replaceFullPath) ? self.type == - ''ReplaceFullPath'' : true' - - message: replacePrefixMatch must be specified when - type is set to 'ReplacePrefixMatch' - rule: 'self.type == ''ReplacePrefixMatch'' ? has(self.replacePrefixMatch) - : true' - - message: type must be 'ReplacePrefixMatch' when - replacePrefixMatch is set - rule: 'has(self.replacePrefixMatch) ? self.type - == ''ReplacePrefixMatch'' : true' - type: object - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil if the - filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type != - ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type == - ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil if the - filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type != - ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for RequestMirror - filter.type - rule: '!(!has(self.requestMirror) && self.type == ''RequestMirror'')' - - message: filter.requestRedirect must be nil if the filter.type - is not RequestRedirect - rule: '!(has(self.requestRedirect) && self.type != ''RequestRedirect'')' - - message: filter.requestRedirect must be specified for RequestRedirect - filter.type - rule: '!(!has(self.requestRedirect) && self.type == ''RequestRedirect'')' - - message: filter.urlRewrite must be nil if the filter.type - is not URLRewrite - rule: '!(has(self.urlRewrite) && self.type != ''URLRewrite'')' - - message: filter.urlRewrite must be specified for URLRewrite - filter.type - rule: '!(!has(self.urlRewrite) && self.type == ''URLRewrite'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for ExtensionRef - filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: May specify either httpRouteFilterRequestRedirect - or httpRouteFilterRequestRewrite, but not both - rule: '!(self.exists(f, f.type == ''RequestRedirect'') && - self.exists(f, f.type == ''URLRewrite''))' - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - - message: RequestRedirect filter cannot be repeated - rule: self.filter(f, f.type == 'RequestRedirect').size() <= - 1 - - message: URLRewrite filter cannot be repeated - rule: self.filter(f, f.type == 'URLRewrite').size() <= 1 - matches: - default: - - path: - type: PathPrefix - value: / - description: "Matches define conditions used for matching the - rule against incoming HTTP requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - path: value: \"/foo\" headers: - name: \"version\" - value: \"v2\" - path: value: \"/v2/foo\" ``` \n For a request - to match against this rule, a request must satisfy EITHER - of the two conditions: \n - path prefixed with `/foo` AND - contains the header `version: v2` - path prefix of `/v2/foo` - \n See the documentation for HTTPRouteMatch on how to specify - multiple match conditions that should be ANDed together. \n - If no matches are specified, the default is a prefix path - match on \"/\", which has the effect of matching every HTTP - request. \n Proxy or Load Balancer routing configuration generated - from HTTPRoutes MUST prioritize matches based on the following - criteria, continuing on ties. Across all rules specified on - applicable Routes, precedence must be given to the match having: - \n * \"Exact\" path match. * \"Prefix\" path match with largest - number of characters. * Method match. * Largest number of - header matches. * Largest number of query param matches. \n - Note: The precedence of RegularExpression path matches are - implementation-specific. \n If ties still exist across multiple - Routes, matching precedence MUST be determined in order of - the following criteria, continuing on ties: \n * The oldest - Route based on creation timestamp. * The Route appearing first - in alphabetical order by \"{namespace}/{name}\". \n If ties - still exist within an HTTPRoute, matching precedence MUST - be granted to the FIRST matching rule (in list order) with - a match meeting the above criteria. \n When no rules matching - a request have been successfully attached to the parent a - request is coming from, a HTTP 404 status code MUST be returned." - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a HTTP request only if its path starts - with `/foo` AND it contains the `version: v1` header: \n - ``` match: \n path: value: \"/foo\" headers: - name: \"version\" - value \"v1\" \n ```" - properties: - headers: - description: Headers specifies HTTP request header matchers. - Multiple match values are ANDed together, meaning, a - request must match all the specified headers to select - the route. - items: - description: HTTPHeaderMatch describes how to select - a HTTP route by matching HTTP request headers. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case insensitive. - (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent header - names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be - ignored. Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered equivalent. - \n When a header is repeated in an HTTP request, - it is implementation-specific behavior as to how - this is represented. Generally, proxies should - follow the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, with special - handling for \"Set-Cookie\"." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the header. \n Support: Core (Exact) - \n Support: Implementation-specific (RegularExpression) - \n Since RegularExpression HeaderMatchType has - implementation-specific conformance, implementations - can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's - documentation to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: "Method specifies HTTP method matcher. When - specified, this route will be matched only if the request - has the specified method. \n Support: Extended" - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: Path specifies a HTTP request path matcher. - If this field is not specified, a default prefix match - on the "/" path is provided. - properties: - type: - default: PathPrefix - description: "Type specifies how to match against - the path Value. \n Support: Core (Exact, PathPrefix) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - x-kubernetes-validations: - - message: value must be an absolute path and start with - '/' when type one of ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.startsWith(''/'') - : true' - - message: must not contain '//' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''//'') - : true' - - message: must not contain '/./' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/./'') - : true' - - message: must not contain '/../' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/../'') - : true' - - message: must not contain '%2f' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2f'') - : true' - - message: must not contain '%2F' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2F'') - : true' - - message: must not contain '#' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''#'') - : true' - - message: must not end with '/..' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/..'') - : true' - - message: must not end with '/.' when type one of ['Exact', - 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/.'') - : true' - - message: type must be one of ['Exact', 'PathPrefix', - 'RegularExpression'] - rule: self.type in ['Exact','PathPrefix'] || self.type - == 'RegularExpression' - - message: must only contain valid characters (matching - ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) - for types ['Exact', 'PathPrefix'] - rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") - : true' - queryParams: - description: "QueryParams specifies HTTP query parameter - matchers. Multiple match values are ANDed together, - meaning, a request must match all the specified query - parameters to select the route. \n Support: Extended" - items: - description: HTTPQueryParamMatch describes how to select - a HTTP route by matching HTTP query parameters. - properties: - name: - description: "Name is the name of the HTTP query - param to be matched. This must be an exact string - match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent query - param names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST - be ignored. \n If a query param is repeated in - an HTTP request, the behavior is purposely left - undefined, since different data planes have different - capabilities. However, it is *recommended* that - implementations should match against the first - value of the param if the data plane supports - it, as this behavior is expected in other load - balancing contexts outside of the Gateway API. - \n Users SHOULD NOT route traffic based on repeated - query params to guard themselves against potential - differences in the implementations." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the query parameter. \n Support: - Extended (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, - PCRE or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 8 - type: array - type: object - x-kubernetes-validations: - - message: RequestRedirect filter must not be used together with - backendRefs - rule: '(has(self.backendRefs) && size(self.backendRefs) > 0) ? - (!has(self.filters) || self.filters.all(f, !has(f.requestRedirect))): - true' - - message: When using RequestRedirect filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - ? ((size(self.matches) != 1 || !has(self.matches[0].path) || - self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: When using URLRewrite filter with path.replacePrefixMatch, - exactly one PathPrefix match must be specified - rule: '(has(self.filters) && self.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - - message: Within backendRefs, when using RequestRedirect filter - with path.replacePrefixMatch, exactly one PathPrefix match must - be specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.requestRedirect) - && has(f.requestRedirect.path) && f.requestRedirect.path.type - == ''ReplacePrefixMatch'' && has(f.requestRedirect.path.replacePrefixMatch))) - )) ? ((size(self.matches) != 1 || !has(self.matches[0].path) - || self.matches[0].path.type != ''PathPrefix'') ? false : true) - : true' - - message: Within backendRefs, When using URLRewrite filter with - path.replacePrefixMatch, exactly one PathPrefix match must be - specified - rule: '(has(self.backendRefs) && self.backendRefs.exists_one(b, - (has(b.filters) && b.filters.exists_one(f, has(f.urlRewrite) - && has(f.urlRewrite.path) && f.urlRewrite.path.type == ''ReplacePrefixMatch'' - && has(f.urlRewrite.path.replacePrefixMatch))) )) ? ((size(self.matches) - != 1 || !has(self.matches[0].path) || self.matches[0].path.type - != ''PathPrefix'') ? false : true) : true' - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n There are - two kinds of parent resources with \"Core\" support: \n - * Gateway (Gateway conformance profile) * Service (Mesh - conformance profile, experimental, ClusterIP Services - only) \n Support for other resources is Implementation-Specific." - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. * Service: Port Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services - as Parents is part of experimental Mesh support and is - not supported for any other purpose. \n Implementations - MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/2466 - gateway.networking.k8s.io/bundle-version: v1.0.0 - gateway.networking.k8s.io/channel: experimental - creationTimestamp: null - name: grpcroutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GRPCRoute - listKind: GRPCRouteList - plural: grpcroutes - singular: grpcroute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha2 - schema: - openAPIV3Schema: - description: "GRPCRoute provides a way to route gRPC requests. This includes - the capability to match requests by hostname, gRPC service, gRPC method, - or HTTP/2 header. Filters can be used to specify additional processing steps. - Backends specify where matching requests will be routed. \n GRPCRoute falls - under extended support within the Gateway API. Within the following specification, - the word \"MUST\" indicates that an implementation supporting GRPCRoute - must conform to the indicated requirement, but an implementation not supporting - this route type need not follow the requirement unless explicitly indicated. - \n Implementations supporting `GRPCRoute` with the `HTTPS` `ProtocolType` - MUST accept HTTP/2 connections without an initial upgrade from HTTP/1.1, - i.e. via ALPN. If the implementation does not support this, then it MUST - set the \"Accepted\" condition to \"False\" for the affected listener with - a reason of \"UnsupportedProtocol\". Implementations MAY also accept HTTP/2 - connections with an upgrade from HTTP/1. \n Implementations supporting `GRPCRoute` - with the `HTTP` `ProtocolType` MUST support HTTP/2 over cleartext TCP (h2c, - https://www.rfc-editor.org/rfc/rfc7540#section-3.1) without an initial upgrade - from HTTP/1.1, i.e. with prior knowledge (https://www.rfc-editor.org/rfc/rfc7540#section-3.4). - If the implementation does not support this, then it MUST set the \"Accepted\" - condition to \"False\" for the affected listener with a reason of \"UnsupportedProtocol\". - Implementations MAY also accept HTTP/2 connections with an upgrade from - HTTP/1, i.e. without prior knowledge." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GRPCRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostnames to match against - the GRPC Host header to select a GRPCRoute to process the request. - This matches the RFC 1123 definition of a hostname with 2 notable - exceptions: \n 1. IPs are not allowed. 2. A hostname may be prefixed - with a wildcard label (`*.`). The wildcard label MUST appear by - itself as the first label. \n If a hostname is specified by both - the Listener and GRPCRoute, there MUST be at least one intersecting - hostname for the GRPCRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - GRPCRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches GRPCRoutes - that have either not specified any hostnames or have specified at - least one hostname that matches the Listener hostname. For example, - `test.example.com` and `*.example.com` would both match. On the - other hand, `example.com` and `test.example.net` would not match. - \n Hostnames that are prefixed with a wildcard label (`*.`) are - interpreted as a suffix match. That means that a match for `*.example.com` - would match both `test.example.com`, and `foo.test.example.com`, - but not `example.com`. \n If both the Listener and GRPCRoute have - specified hostnames, any GRPCRoute hostnames that do not match the - Listener hostname MUST be ignored. For example, if a Listener specified - `*.example.com`, and the GRPCRoute specified `test.example.com` - and `test.example.net`, `test.example.net` MUST NOT be considered - for a match. \n If both the Listener and GRPCRoute have specified - hostnames, and none match with the criteria above, then the GRPCRoute - MUST NOT be accepted by the implementation. The implementation MUST - raise an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n If a Route (A) of type HTTPRoute or GRPCRoute - is attached to a Listener and that listener already has another - Route (B) of the other type attached and the intersection of the - hostnames of A and B is non-empty, then the implementation MUST - accept exactly one of these two routes, determined by the following - criteria, in order: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n The rejected Route MUST raise an 'Accepted' condition with a - status of 'False' in the corresponding RouteParentStatus. \n Support: - Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. For Services, that means the - Service must either be in the same namespace for a \"producer\" - route, or the mesh implementation must support and allow \"consumer\" - routes for the referenced Service. ReferenceGrant is not applicable - for governing ParentRefs to Services - it is not possible to create - a \"producer\" route for a Service in a different namespace from - the Route. \n There are two kinds of parent resources with \"Core\" - support: \n * Gateway (Gateway conformance profile) * Service (Mesh - conformance profile, experimental, ClusterIP Services only) This - API may be extended in the future to support additional kinds of - parent resources. \n ParentRefs must be _distinct_. This means either - that: \n * They select different objects. If this is the case, - then parentRef entries are distinct. In terms of fields, this means - that the multi-part key defined by `group`, `kind`, `namespace`, - and `name` must be unique across all parentRef entries in the Route. - * They do not select different objects, but for each optional field - used, each ParentRef that selects the same object must set the same - set of optional fields to different values. If one ParentRef sets - a combination of optional fields, all must set the same combination. - \n Some examples: \n * If one ParentRef sets `sectionName`, all - ParentRefs referencing the same object must also set `sectionName`. - * If one ParentRef sets `port`, all ParentRefs referencing the same - object must also set `port`. * If one ParentRef sets `sectionName` - and `port`, all ParentRefs referencing the same object must also - set `sectionName` and `port`. \n It is possible to separately reference - multiple distinct objects that may be collapsed by an implementation. - For example, some implementations may choose to merge compatible - Gateway Listeners together. If that is the case, the list of routes - attached to those resources should also be merged. \n Note that - for ParentRefs that cross namespace boundaries, there are specific - rules. Cross-namespace references are only valid if they are explicitly - allowed by something in the namespace they are referring to. For - example, Gateway has the AllowedRoutes field, and ReferenceGrant - provides a generic way to enable other kinds of cross-namespace - reference. \n ParentRefs from a Route to a Service in the same - namespace are \"producer\" routes, which apply default routing rules - to inbound connections from any namespace to the Service. \n ParentRefs - from a Route to a Service in a different namespace are \"consumer\" - routes, and these routing rules are only applied to outbound connections - originating from the same namespace as the Route, for which the - intended destination of the connections are a Service targeted as - a ParentRef of the Route. \n " - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). There are two kinds of parent resources with \"Core\" - support: \n * Gateway (Gateway conformance profile) * Service - (Mesh conformance profile, experimental, ClusterIP Services only) - \n This API may be extended in the future to support additional - kinds of parent resources. \n The API object must be valid in - the cluster; the Group and Kind must be registered in the cluster - for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n There are two - kinds of parent resources with \"Core\" support: \n * Gateway - (Gateway conformance profile) * Service (Mesh conformance - profile, experimental, ClusterIP Services only) \n Support - for other resources is Implementation-Specific." - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n ParentRefs from a Route to a Service in the same namespace - are \"producer\" routes, which apply default routing rules - to inbound connections from any namespace to the Service. - \n ParentRefs from a Route to a Service in a different namespace - are \"consumer\" routes, and these routing rules are only - applied to outbound connections originating from the same - namespace as the Route, for which the intended destination - of the connections are a Service targeted as a ParentRef of - the Route. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: "Port is the network port this Route targets. It - can be interpreted differently based on the type of parent - resource. \n When the parent resource is a Gateway, this targets - all listeners listening on the specified port that also support - this kind of Route(and select this Route). It's not recommended - to set `Port` unless the networking behaviors specified in - a Route must apply to a specific port as opposed to a listener(s) - whose port(s) may be changed. When both Port and SectionName - are specified, the name and port of the selected listener - must match both specified values. \n When the parent resource - is a Service, this targets a specific port in the Service - spec. When both Port (experimental) and SectionName are specified, - the name and port of the selected port must match both specified - values. \n Implementations MAY choose to support other parent - resources. Implementations supporting other types of parent - resources MUST clearly document how/if Port is interpreted. - \n For the purpose of status, an attachment is considered - successful as long as the parent resource accepts it partially. - For example, Gateway listeners can restrict which Routes can - attach to them by Route kind, namespace, or hostname. If 1 - of 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. \n - Support: Extended \n " - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. * Service: Port Name. When both Port (experimental) - and SectionName are specified, the name and port of the selected - listener must match both specified values. Note that attaching - Routes to Services as Parents is part of experimental Mesh - support and is not supported for any other purpose. \n Implementations - MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this will - reference the entire resource. For the purpose of status, - an attachment is considered successful if at least one section - in the parent resource accepts it. For example, Gateway listeners - can restrict which Routes can attach to them by Route kind, - namespace, or hostname. If 1 of 2 Gateway listeners accept - attachment from the referencing Route, the Route MUST be considered - successfully attached. If no Gateway listeners accept attachment - from this Route, the Route MUST be considered detached from - the Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - x-kubernetes-validations: - - message: sectionName or port must be specified when parentRefs includes - 2 or more references to the same parent - rule: 'self.all(p1, self.all(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '''') && (!has(p2.__namespace__) || p2.__namespace__ - == '''')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__)) ? ((!has(p1.sectionName) - || p1.sectionName == '''') == (!has(p2.sectionName) || p2.sectionName - == '''') && (!has(p1.port) || p1.port == 0) == (!has(p2.port) - || p2.port == 0)): true))' - - message: sectionName or port must be unique when parentRefs includes - 2 or more references to the same parent - rule: self.all(p1, self.exists_one(p2, p1.group == p2.group && p1.kind - == p2.kind && p1.name == p2.name && (((!has(p1.__namespace__) - || p1.__namespace__ == '') && (!has(p2.__namespace__) || p2.__namespace__ - == '')) || (has(p1.__namespace__) && has(p2.__namespace__) && - p1.__namespace__ == p2.__namespace__ )) && (((!has(p1.sectionName) - || p1.sectionName == '') && (!has(p2.sectionName) || p2.sectionName - == '')) || ( has(p1.sectionName) && has(p2.sectionName) && p1.sectionName - == p2.sectionName)) && (((!has(p1.port) || p1.port == 0) && (!has(p2.port) - || p2.port == 0)) || (has(p1.port) && has(p2.port) && p1.port - == p2.port)))) - rules: - description: Rules are a list of GRPC matchers, filters and actions. - items: - description: GRPCRouteRule defines the semantics for matching a - gRPC request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive an `UNAVAILABLE` status. - \n See the GRPCBackendRef definition for the rules about what - makes a single GRPCBackendRef invalid. \n When a GRPCBackendRef - is invalid, `UNAVAILABLE` statuses MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive an `UNAVAILABLE` - status. \n For example, if two backends are specified with - equal weights, and one is invalid, 50 percent of traffic MUST - receive an `UNAVAILABLE` status. Implementations may choose - how that 50 percent is determined. \n Support: Core for Kubernetes - Service \n Support: Implementation-specific for any other - resource \n Support for weight: Core" - items: - description: "GRPCBackendRef defines how a GRPCRoute forwards - a gRPC request. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow that - namespace's owner to accept the reference. See the ReferenceGrant - documentation for details. \n - \n When the BackendRef points to a Kubernetes Service, implementations - SHOULD honor the appProtocol field if it is set for the - target Service Port. \n Implementations supporting appProtocol - SHOULD recognize the Kubernetes Standard Application Protocols - defined in KEP-3726. \n If a Service appProtocol isn't specified, - an implementation MAY infer the backend protocol through - its own means. Implementations MAY infer the protocol from - the Route type referring to the backend Service. \n If a - Route is not able to send traffic to the backend using the - specified protocol then the backend is considered invalid. - Implementations MUST set the \"ResolvedRefs\" condition - to \"False\" with the \"UnsupportedProtocol\" reason. \n - " - properties: - filters: - description: "Filters defined at this level MUST be executed - if and only if the request is being forwarded to the - backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in GRPCRouteRule.)" - items: - description: GRPCRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. GRPCRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific \n - This filter can be used multiple times within - the same rule." - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo HTTP/1.1 - my-header: foo \n Config: add: - name: \"my-header\" - value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 - my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - my-header2: bar my-header3: baz \n Config: - remove: [\"my-header1\", \"my-header3\"] \n - Output: GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - value: \"bar\" \n Output: GET /foo HTTP/1.1 - my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n This filter can - be used multiple times within the same rule. Note - that not all implementations will be able to support - mirroring to multiple backends. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n Mirrored - requests must be sent only to a single destination - endpoint within this BackendRef, irrespective - of how many endpoints are present within this - BackendRef. \n If the referent cannot be found, - this BackendRef is invalid and must be dropped - from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route - status is set to `status: False` and not configure - this backend in the underlying implementation. - \n If there is a cross-namespace reference - to an *existing* object that is not allowed - by a ReferenceGrant, the controller must ensure - the \"ResolvedRefs\" condition on the Route - is set to `status: False`, with the \"RefNotPermitted\" - reason and not configure this backend in the - underlying implementation. \n In either error - case, the Message of the `ResolvedRefs` Condition - should be used to provide more detail about - the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific - for any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource - kind of the referent. For example \"Service\". - \n Defaults to \"Service\" when not specified. - \n ExternalName services can refer to - CNAME DNS records that may live outside - of the cluster and as such are difficult - to reason about in terms of conformance. - They also may not be safe to forward to - (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName - Services. \n Support: Core (Services with - a type other than ExternalName) \n Support: - Implementation-specific (Services with - type ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace different than the local - namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind - == ''Service'') ? has(self.port) : true' - required: - - backendRef - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n - Support: Extended" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo HTTP/1.1 - my-header: foo \n Config: add: - name: \"my-header\" - value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 - my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - my-header2: bar my-header3: baz \n Config: - remove: [\"my-header1\", \"my-header3\"] \n - Output: GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - value: \"bar\" \n Output: GET /foo HTTP/1.1 - my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - supporting GRPCRoute MUST support core filters. - \n - Extended: Filter types and their corresponding - configuration defined by \"Support: Extended\" - in this package, e.g. \"RequestMirror\". Implementers - are encouraged to support extended filters. \n - - Implementation-specific: Filters that are defined - and supported by specific vendors. In the future, - filters showing convergence in behavior across - multiple implementations will be considered for - inclusion in extended or core conformance levels. - Filter-specific configuration for such filters - is specified using the ExtensionRef field. `Type` - MUST be set to \"ExtensionRef\" for custom filters. - \n Implementers are encouraged to define custom - implementation types to extend the core API with - implementation-specific behavior. \n If a reference - to a custom filter type cannot be resolved, the - filter MUST NOT be skipped. Instead, requests - that would have been processed by that filter - MUST receive a HTTP error response. \n " - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil - if the filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type - != ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type - == ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil - if the filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type - != ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for - RequestMirror filter.type - rule: '!(!has(self.requestMirror) && self.type == - ''RequestMirror'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for - ExtensionRef filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource kind of - the referent. For example \"Service\". \n Defaults to - \"Service\" when not specified. \n ExternalName services - can refer to CNAME DNS records that may live outside - of the cluster and as such are difficult to reason about - in terms of conformance. They also may not be safe to - forward to (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName Services. - \n Support: Core (Services with a type other than ExternalName) - \n Support: Implementation-specific (Services with type - ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace different than the local - namespace is specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations that support GRPCRoute. - Implementers - are encouraged to support extended filters. - Implementation-specific - custom filters have no API guarantees across implementations. - \n Specifying the same filter multiple times is not supported - unless explicitly indicated in the filter. \n If an implementation - can not support a combination of filters, it must clearly - document that limitation. In cases where incompatible or unsupported - filters are specified and cause the `Accepted` condition to - be set to status `False`, implementations may use the `IncompatibleFilters` - reason to specify this configuration error. \n Support: Core" - items: - description: GRPCRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - GRPCRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific \n This - filter can be used multiple times within the same rule." - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: foo - \n Config: add: - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: - bar my-header3: baz \n Config: remove: [\"my-header1\", - \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - set: - name: \"my-header\" value: \"bar\" \n Output: - GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n This filter can be used multiple times within - the same rule. Note that not all implementations will - be able to support mirroring to multiple backends. \n - Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n Mirrored requests - must be sent only to a single destination endpoint - within this BackendRef, irrespective of how many - endpoints are present within this BackendRef. \n - If the referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the underlying - implementation. \n If there is a cross-namespace - reference to an *existing* object that is not allowed - by a ReferenceGrant, the controller must ensure - the \"ResolvedRefs\" condition on the Route is - set to `status: False`, with the \"RefNotPermitted\" - reason and not configure this backend in the underlying - implementation. \n In either error case, the Message - of the `ResolvedRefs` Condition should be used to - provide more detail about the problem. \n Support: - Extended for Kubernetes Service \n Support: Implementation-specific - for any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: "Kind is the Kubernetes resource - kind of the referent. For example \"Service\". - \n Defaults to \"Service\" when not specified. - \n ExternalName services can refer to CNAME - DNS records that may live outside of the cluster - and as such are difficult to reason about in - terms of conformance. They also may not be safe - to forward to (see CVE-2021-25740 for more information). - Implementations SHOULD NOT support ExternalName - Services. \n Support: Core (Services with a - type other than ExternalName) \n Support: Implementation-specific - (Services with type ExternalName)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace different - than the local namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept the - reference. See the ReferenceGrant documentation - for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - x-kubernetes-validations: - - message: Must have port for Service reference - rule: '(size(self.group) == 0 && self.kind == ''Service'') - ? has(self.port) : true' - required: - - backendRef - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n Support: - Extended" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: foo - \n Config: add: - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo my-header2: - bar my-header3: baz \n Config: remove: [\"my-header1\", - \"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - x-kubernetes-list-type: set - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - set: - name: \"my-header\" value: \"bar\" \n Output: - GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations supporting GRPCRoute MUST support - core filters. \n - Extended: Filter types and their - corresponding configuration defined by \"Support: Extended\" - in this package, e.g. \"RequestMirror\". Implementers - are encouraged to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific vendors. - In the future, filters showing convergence in behavior - across multiple implementations will be considered for - inclusion in extended or core conformance levels. Filter-specific - configuration for such filters is specified using the - ExtensionRef field. `Type` MUST be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged to - define custom implementation types to extend the core - API with implementation-specific behavior. \n If a reference - to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have - been processed by that filter MUST receive a HTTP error - response. \n " - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - x-kubernetes-validations: - - message: filter.requestHeaderModifier must be nil if the - filter.type is not RequestHeaderModifier - rule: '!(has(self.requestHeaderModifier) && self.type != - ''RequestHeaderModifier'')' - - message: filter.requestHeaderModifier must be specified - for RequestHeaderModifier filter.type - rule: '!(!has(self.requestHeaderModifier) && self.type == - ''RequestHeaderModifier'')' - - message: filter.responseHeaderModifier must be nil if the - filter.type is not ResponseHeaderModifier - rule: '!(has(self.responseHeaderModifier) && self.type != - ''ResponseHeaderModifier'')' - - message: filter.responseHeaderModifier must be specified - for ResponseHeaderModifier filter.type - rule: '!(!has(self.responseHeaderModifier) && self.type - == ''ResponseHeaderModifier'')' - - message: filter.requestMirror must be nil if the filter.type - is not RequestMirror - rule: '!(has(self.requestMirror) && self.type != ''RequestMirror'')' - - message: filter.requestMirror must be specified for RequestMirror - filter.type - rule: '!(!has(self.requestMirror) && self.type == ''RequestMirror'')' - - message: filter.extensionRef must be nil if the filter.type - is not ExtensionRef - rule: '!(has(self.extensionRef) && self.type != ''ExtensionRef'')' - - message: filter.extensionRef must be specified for ExtensionRef - filter.type - rule: '!(!has(self.extensionRef) && self.type == ''ExtensionRef'')' - maxItems: 16 - type: array - x-kubernetes-validations: - - message: RequestHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'RequestHeaderModifier').size() - <= 1 - - message: ResponseHeaderModifier filter cannot be repeated - rule: self.filter(f, f.type == 'ResponseHeaderModifier').size() - <= 1 - matches: - description: "Matches define conditions used for matching the - rule against incoming gRPC requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - method: service: foo.bar headers: values: - version: 2 - method: service: foo.bar.v2 ``` \n For a request - to match against this rule, it MUST satisfy EITHER of the - two conditions: \n - service of foo.bar AND contains the header - `version: 2` - service of foo.bar.v2 \n See the documentation - for GRPCRouteMatch on how to specify multiple match conditions - to be ANDed together. \n If no matches are specified, the - implementation MUST match every gRPC request. \n Proxy or - Load Balancer routing configuration generated from GRPCRoutes - MUST prioritize rules based on the following criteria, continuing - on ties. Merging MUST not be done between GRPCRoutes and HTTPRoutes. - Precedence MUST be given to the rule with the largest number - of: \n * Characters in a matching non-wildcard hostname. * - Characters in a matching hostname. * Characters in a matching - service. * Characters in a matching method. * Header matches. - \n If ties still exist across multiple Routes, matching precedence - MUST be determined in order of the following criteria, continuing - on ties: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n If ties still exist within the Route that has been given - precedence, matching precedence MUST be granted to the first - matching rule meeting the above criteria." - items: - description: "GRPCRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a gRPC request only if its service is `foo` - AND it contains the `version: v1` header: \n ``` matches: - - method: type: Exact service: \"foo\" headers: - name: - \"version\" value \"v1\" \n ```" - properties: - headers: - description: Headers specifies gRPC request header matchers. - Multiple match values are ANDed together, meaning, a - request MUST match all the specified headers to select - the route. - items: - description: GRPCHeaderMatch describes how to select - a gRPC route by matching gRPC request headers. - properties: - name: - description: "Name is the name of the gRPC Header - to be matched. \n If multiple entries specify - equivalent header names, only the first entry - with an equivalent name MUST be considered for - a match. Subsequent entries with an equivalent - header name MUST be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: Type specifies how to match against - the value of the header. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of the gRPC Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: Method specifies a gRPC request service/method - matcher. If this field is not specified, all services - and methods will match. - properties: - method: - description: "Value of the method to match against. - If left empty or omitted, will match all services. - \n At least one of Service and Method MUST be a - non-empty string." - maxLength: 1024 - type: string - service: - description: "Value of the service to match against. - If left empty or omitted, will match any service. - \n At least one of Service and Method MUST be a - non-empty string." - maxLength: 1024 - type: string - type: - default: Exact - description: "Type specifies how to match against - the service and/or method. Support: Core (Exact - with service and method specified) \n Support: Implementation-specific - (Exact with method specified but no service specified) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - RegularExpression - type: string - type: object - x-kubernetes-validations: - - message: One or both of 'service' or 'method' must be - specified - rule: 'has(self.type) ? has(self.service) || has(self.method) - : true' - - message: service must only contain valid characters - (matching ^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$) - rule: '(!has(self.type) || self.type == ''Exact'') && - has(self.service) ? self.service.matches(r"""^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$"""): - true' - - message: method must only contain valid characters (matching - ^[A-Za-z_][A-Za-z_0-9]*$) - rule: '(!has(self.type) || self.type == ''Exact'') && - has(self.method) ? self.method.matches(r"""^[A-Za-z_][A-Za-z_0-9]*$"""): - true' - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of GRPCRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n type FooStatus struct{ - // Represents the observations of a foo's current state. - // Known .status.conditions.type are: \"Available\", \"Progressing\", - and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields - }" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n There are - two kinds of parent resources with \"Core\" support: \n - * Gateway (Gateway conformance profile) * Service (Mesh - conformance profile, experimental, ClusterIP Services - only) \n Support for other resources is Implementation-Specific." - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n ParentRefs from a Route to a Service in - the same namespace are \"producer\" routes, which apply - default routing rules to inbound connections from any - namespace to the Service. \n ParentRefs from a Route to - a Service in a different namespace are \"consumer\" routes, - and these routing rules are only applied to outbound connections - originating from the same namespace as the Route, for - which the intended destination of the connections are - a Service targeted as a ParentRef of the Route. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: "Port is the network port this Route targets. - It can be interpreted differently based on the type of - parent resource. \n When the parent resource is a Gateway, - this targets all listeners listening on the specified - port that also support this kind of Route(and select this - Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to - a specific port as opposed to a listener(s) whose port(s) - may be changed. When both Port and SectionName are specified, - the name and port of the selected listener must match - both specified values. \n When the parent resource is - a Service, this targets a specific port in the Service - spec. When both Port (experimental) and SectionName are - specified, the name and port of the selected port must - match both specified values. \n Implementations MAY choose - to support other parent resources. Implementations supporting - other types of parent resources MUST clearly document - how/if Port is interpreted. \n For the purpose of status, - an attachment is considered successful as long as the - parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them - by Route kind, namespace, or hostname. If 1 of 2 Gateway - listeners accept attachment from the referencing Route, - the Route MUST be considered successfully attached. If - no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Extended \n " - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. * Service: Port Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match - both specified values. Note that attaching Routes to Services - as Parents is part of experimental Mesh support and is - not supported for any other purpose. \n Implementations - MAY choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: null - storedVersions: null diff --git a/config/crds/kustomization.yaml b/config/crds/kustomization.yaml index f94e5067..b8a114ad 100644 --- a/config/crds/kustomization.yaml +++ b/config/crds/kustomization.yaml @@ -1,9 +1,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: - - bases/k8s-gateway-v0.6.1.yaml - bases/gateway.networking.k8s.io_tlsroutes.yaml - - bases/externaldns.k8s.io_dnsendpoints.yaml - bases/application-networking.k8s.aws_serviceexports.yaml - bases/application-networking.k8s.aws_serviceimports.yaml - bases/application-networking.k8s.aws_targetgrouppolicies.yaml diff --git a/docs/api-reference.md b/docs/api-reference.md index e98fcda2..edb811e2 100644 --- a/docs/api-reference.md +++ b/docs/api-reference.md @@ -99,7 +99,7 @@ Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stre targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -198,7 +198,7 @@ string targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -529,7 +529,7 @@ this field value will be ignored as GRPC is only supported through HTTP/2.

targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -660,7 +660,7 @@ bool targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -720,7 +720,7 @@ Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stre targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -1019,7 +1019,7 @@ string targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -1492,7 +1492,7 @@ this field value will be ignored as GRPC is only supported through HTTP/2.

targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference @@ -1609,7 +1609,7 @@ bool targetRef
-sigs.k8s.io/gateway-api/apis/v1alpha2.PolicyTargetReference +sigs.k8s.io/gateway-api/apis/v1alpha2.NamespacedPolicyTargetReference diff --git a/docs/contributing/developer-cheat-sheet.md b/docs/contributing/developer-cheat-sheet.md index 158c7f7a..c20e57c9 100644 --- a/docs/contributing/developer-cheat-sheet.md +++ b/docs/contributing/developer-cheat-sheet.md @@ -33,7 +33,7 @@ import ( "github.com/aws/aws-sdk-go/aws" // no alias corev1 "k8s.io/api/core/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ctrl "sigs.k8s.io/controller-runtime" pkg_aws "github.com/aws/aws-application-networking-k8s/pkg/aws" diff --git a/go.mod b/go.mod index 85456b78..60273ccb 100644 --- a/go.mod +++ b/go.mod @@ -1,45 +1,45 @@ module github.com/aws/aws-application-networking-k8s -go 1.20 +go 1.23 require ( - github.com/aws/aws-sdk-go v1.53.7 - github.com/go-logr/zapr v1.2.4 + github.com/aws/aws-sdk-go v1.55.5 + github.com/go-logr/zapr v1.3.0 github.com/golang/mock v1.6.0 - github.com/google/uuid v1.3.1 + github.com/google/uuid v1.6.0 github.com/hashicorp/golang-lru/v2 v2.0.7 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.27.10 + github.com/onsi/gomega v1.34.2 github.com/pkg/errors v0.9.1 - github.com/prometheus/client_golang v1.17.0 - github.com/stretchr/testify v1.8.4 - go.uber.org/zap v1.26.0 - golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa + github.com/prometheus/client_golang v1.20.0 + github.com/stretchr/testify v1.9.0 + go.uber.org/zap v1.27.0 + golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f gomodules.xyz/jsonpatch/v2 v2.4.0 - k8s.io/api v0.28.3 - k8s.io/apimachinery v0.28.3 - k8s.io/client-go v0.28.3 - k8s.io/utils v0.0.0-20230726121419-3b25d923346b - sigs.k8s.io/controller-runtime v0.16.3 - sigs.k8s.io/external-dns v0.13.5 - sigs.k8s.io/gateway-api v1.0.0 + k8s.io/api v0.31.1 + k8s.io/apimachinery v0.31.1 + k8s.io/client-go v0.31.1 + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 + sigs.k8s.io/controller-runtime v0.19.1 + sigs.k8s.io/external-dns v0.15.0 + sigs.k8s.io/gateway-api v1.2.0 ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v5.7.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.7.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.4 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -47,36 +47,36 @@ require ( github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect + github.com/klauspost/compress v1.17.9 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/nxadm/tail v1.4.8 // indirect - github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_model v0.5.0 // indirect - github.com/prometheus/common v0.45.0 // indirect - github.com/prometheus/procfs v0.12.0 // indirect - github.com/sirupsen/logrus v1.9.0 // indirect + github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.13.0 // indirect - golang.org/x/sys v0.14.0 // indirect - golang.org/x/term v0.13.0 // indirect - golang.org/x/text v0.13.0 // indirect - golang.org/x/time v0.3.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/protobuf v1.31.0 // indirect + golang.org/x/net v0.28.0 // indirect + golang.org/x/oauth2 v0.22.0 // indirect + golang.org/x/sys v0.24.0 // indirect + golang.org/x/term v0.23.0 // indirect + golang.org/x/text v0.17.0 // indirect + golang.org/x/time v0.6.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.28.3 // indirect - k8s.io/component-base v0.28.3 // indirect - k8s.io/klog/v2 v2.100.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/apiextensions-apiserver v0.31.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 6c90dd73..88fda7d4 100644 --- a/go.sum +++ b/go.sum @@ -1,39 +1,39 @@ -github.com/aws/aws-sdk-go v1.53.7 h1:ZSsRYHLRxsbO2rJR2oPMz0SUkJLnBkN+1meT95B6Ixs= -github.com/aws/aws-sdk-go v1.53.7/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= +github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU= +github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= -github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= @@ -47,25 +47,23 @@ github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrU github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= +github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= @@ -81,17 +79,16 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -106,84 +103,72 @@ github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU= +github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo= +github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= -github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= +github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= -github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= -github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= -github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= -github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= -github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= -github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= -github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.20.0 h1:jBzTZ7B099Rg24tny+qngoynol8LtVYlA2bqx3vEloI= +github.com/prometheus/client_golang v1.20.0/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= +golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -196,56 +181,45 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= -golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= +golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= +golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= +golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= +golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= @@ -260,31 +234,29 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= -k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc= -k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= -k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= -k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= -k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= -k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= -k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= -k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= -k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= -sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= -sigs.k8s.io/external-dns v0.13.5 h1:yJXhttH2SO08bAUxWfzMxhpSKTWr8f57OTDD6Ajq0Z4= -sigs.k8s.io/external-dns v0.13.5/go.mod h1:X7fyG4FwVFXFavj3XV4LlRs3QM0JgKWg9FnYbsZgmHo= -sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= -sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= +k8s.io/api v0.31.1 h1:Xe1hX/fPW3PXYYv8BlozYqw63ytA92snr96zMW9gWTU= +k8s.io/api v0.31.1/go.mod h1:sbN1g6eY6XVLeqNsZGLnI5FwVseTrZX7Fv3O26rhAaI= +k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/N6E40= +k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ= +k8s.io/apimachinery v0.31.1 h1:mhcUBbj7KUjaVhyXILglcVjuS4nYXiwC+KKFBgIVy7U= +k8s.io/apimachinery v0.31.1/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/client-go v0.31.1 h1:f0ugtWSbWpxHR7sjVpQwuvw9a3ZKLXX0u0itkFXufb0= +k8s.io/client-go v0.31.1/go.mod h1:sKI8871MJN2OyeqRlmA4W4KM9KBdBUpDLu/43eGemCg= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f h1:0LQagt0gDpKqvIkAMPaRGcXawNMouPECM1+F9BVxEaM= +k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f/go.mod h1:S9tOR0FxgyusSNR+MboCuiDpVWkAifZvaYI1Q2ubgro= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk= +sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= +sigs.k8s.io/external-dns v0.15.0 h1:4NCSLHONsTmJXD8KReb4hubSz9Cx4goCHz3Dl+pGR+Q= +sigs.k8s.io/external-dns v0.15.0/go.mod h1:QdocdJu3mk9l4u80fu992lZEKqKd1130h17yNisIC78= +sigs.k8s.io/gateway-api v1.2.0 h1:LrToiFwtqKTKZcZtoQPTuo3FxhrrhTgzQG0Te+YGSo8= +sigs.k8s.io/gateway-api v1.2.0/go.mod h1:EpNfEXNjiYfUJypf0eZ0P5iXA9ekSGWaS1WgPaM42X0= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/helm/crds/k8s-gateway-v0.6.1.yaml b/helm/crds/k8s-gateway-v0.6.1.yaml deleted file mode 100644 index dae199c3..00000000 --- a/helm/crds/k8s-gateway-v0.6.1.yaml +++ /dev/null @@ -1,6145 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gatewayclasses.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GatewayClass - listKind: GatewayClassList - plural: gatewayclasses - shortNames: - - gc - singular: gatewayclass - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - deprecated: true - deprecationWarning: The v1alpha2 version of GatewayClass has been deprecated and - will be removed in a future release of the API. Please upgrade to v1beta1. - name: v1alpha2 - schema: - openAPIV3Schema: - description: "GatewayClass describes a class of Gateways available to the - user for creating Gateway resources. \n It is recommended that this resource - be used as a template for Gateways. This means that a Gateway is based on - the state of the GatewayClass at the time it was created and changes to - the GatewayClass or associated parameters are not propagated down to existing - Gateways. This recommendation is intended to limit the blast radius of changes - to GatewayClass or associated parameters. If implementations choose to propagate - GatewayClass changes to existing Gateways, that MUST be clearly documented - by the implementation. \n Whenever one or more Gateways are using a GatewayClass, - implementations MUST add the `gateway-exists-finalizer.gateway.networking.k8s.io` - finalizer on the associated GatewayClass. This ensures that a GatewayClass - associated with a Gateway is not deleted while in use. \n GatewayClass is - a Cluster level resource." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: "ControllerName is the name of the controller that is - managing Gateways of this class. The value of this field MUST be - a domain prefixed path. \n Example: \"example.net/gateway-controller\". - \n This field is not mutable and cannot be empty. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: "ParametersRef is a reference to a resource that contains - the configuration parameters corresponding to the GatewayClass. - This is optional if the controller does not require any additional - configuration. \n ParametersRef can reference a standard Kubernetes - resource, i.e. ConfigMap, or an implementation-specific custom resource. - The resource can be cluster-scoped or namespace-scoped. \n If the - referent cannot be found, the GatewayClass's \"InvalidParameters\" - status condition will be true. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Waiting - status: Unknown - type: Accepted - description: Status defines the current state of GatewayClass. - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: "Conditions is the current status from the controller - for this GatewayClass. \n Controllers should prefer to publish conditions - using values of GatewayClassConditionType for the type of each Condition." - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.controllerName - name: Controller - type: string - - jsonPath: .status.conditions[?(@.type=="Accepted")].status - name: Accepted - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - - jsonPath: .spec.description - name: Description - priority: 1 - type: string - name: v1beta1 - schema: - openAPIV3Schema: - description: "GatewayClass describes a class of Gateways available to the - user for creating Gateway resources. \n It is recommended that this resource - be used as a template for Gateways. This means that a Gateway is based on - the state of the GatewayClass at the time it was created and changes to - the GatewayClass or associated parameters are not propagated down to existing - Gateways. This recommendation is intended to limit the blast radius of changes - to GatewayClass or associated parameters. If implementations choose to propagate - GatewayClass changes to existing Gateways, that MUST be clearly documented - by the implementation. \n Whenever one or more Gateways are using a GatewayClass, - implementations MUST add the `gateway-exists-finalizer.gateway.networking.k8s.io` - finalizer on the associated GatewayClass. This ensures that a GatewayClass - associated with a Gateway is not deleted while in use. \n GatewayClass is - a Cluster level resource." - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GatewayClass. - properties: - controllerName: - description: "ControllerName is the name of the controller that is - managing Gateways of this class. The value of this field MUST be - a domain prefixed path. \n Example: \"example.net/gateway-controller\". - \n This field is not mutable and cannot be empty. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - description: - description: Description helps describe a GatewayClass with more details. - maxLength: 64 - type: string - parametersRef: - description: "ParametersRef is a reference to a resource that contains - the configuration parameters corresponding to the GatewayClass. - This is optional if the controller does not require any additional - configuration. \n ParametersRef can reference a standard Kubernetes - resource, i.e. ConfigMap, or an implementation-specific custom resource. - The resource can be cluster-scoped or namespace-scoped. \n If the - referent cannot be found, the GatewayClass's \"InvalidParameters\" - status condition will be true. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: Namespace is the namespace of the referent. This - field is required when referring to a Namespace-scoped resource - and MUST be unset when referring to a Cluster-scoped resource. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - group - - kind - - name - type: object - required: - - controllerName - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Waiting - status: Unknown - type: Accepted - description: Status defines the current state of GatewayClass. - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - description: "Conditions is the current status from the controller - for this GatewayClass. \n Controllers should prefer to publish conditions - using values of GatewayClassConditionType for the type of each Condition." - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: gateways.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: Gateway - listKind: GatewayList - plural: gateways - shortNames: - - gtw - singular: gateway - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: The v1alpha2 version of Gateway has been deprecated and will - be removed in a future release of the API. Please upgrade to v1beta1. - name: v1alpha2 - schema: - openAPIV3Schema: - description: Gateway represents an instance of a service-traffic handling - infrastructure by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: "Addresses requested for this Gateway. This is optional - and behavior can depend on the implementation. If a value is set - in the spec and the requested address is invalid or unavailable, - the implementation MUST indicate this in the associated entry in - GatewayStatus.Addresses. \n The Addresses field represents a request - for the address(es) on the \"outside of the Gateway\", that traffic - bound for this Gateway will use. This could be the IP address or - hostname of an external load balancer or other networking infrastructure, - or some other address that traffic will be sent to. \n The .listener.hostname - field is used to route traffic that has already arrived at the Gateway - to the correct in-cluster destination. \n If no Addresses are specified, - the implementation MAY schedule the Gateway in an implementation-specific - manner, assigning an appropriate set of Addresses. \n The implementation - MUST bind all Listeners to every GatewayAddress that it assigns - to the Gateway and add a corresponding entry in GatewayStatus.Addresses. - \n Support: Extended" - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - gatewayClassName: - description: GatewayClassName used for this Gateway. This is the name - of a GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - listeners: - description: "Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. At - least one Listener MUST be specified. \n Each listener in a Gateway - must have a unique combination of Hostname, Port, and Protocol. - \n An implementation MAY group Listeners by Port and then collapse - each group of Listeners into a single Listener if the implementation - determines that the Listeners in the group are \"compatible\". An - implementation MAY also group together and collapse compatible Listeners - belonging to different Gateways. \n For example, an implementation - might consider Listeners to be compatible with each other if all - of the following conditions are met: \n 1. Either each Listener - within the group specifies the \"HTTP\" Protocol or each Listener - within the group specifies either the \"HTTPS\" or \"TLS\" Protocol. - \n 2. Each Listener within the group specifies a Hostname that is - unique within the group. \n 3. As a special case, one Listener - within a group may omit Hostname, in which case this Listener - matches when no other Listener matches. \n If the implementation - does collapse compatible Listeners, the hostname provided in the - incoming client request MUST be matched to a Listener to find the - correct set of Routes. The incoming hostname MUST be matched using - the Hostname field for each Listener in order of most to least specific. - That is, exact matches must be processed before wildcard matches. - \n If this field specifies multiple Listeners that have the same - Port value but are not compatible, the implementation must raise - a \"Conflicted\" condition in the Listener status. \n Support: Core" - items: - description: Listener embodies the concept of a logical endpoint - where a Gateway accepts network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: "AllowedRoutes defines the types of routes that - MAY be attached to a Listener and the trusted namespaces where - those Route resources MAY be present. \n Although a client - request may match multiple route rules, only one rule may - ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: \n * The most - specific match as defined by the Route type. * The oldest - Route based on creation timestamp. For example, a Route with - \ a creation timestamp of \"2020-09-08 01:02:03\" is given - precedence over a Route with a creation timestamp of \"2020-09-08 - 01:02:04\". * If everything else is equivalent, the Route - appearing first in alphabetical order (namespace/name) should - be given precedence. For example, foo/bar is given precedence - over foo/baz. \n All valid rules within a Route attached to - this Listener should be implemented. Invalid Route rules can - be ignored (sometimes that will mean the full Route). If a - Route rule transitions from valid to invalid, support for - that Route rule should be dropped to ensure consistency. For - example, even if a filter specified by a Route rule is invalid, - the rest of the rules within that Route should still be supported. - \n Support: Core" - properties: - kinds: - description: "Kinds specifies the groups and kinds of Routes - that are allowed to bind to this Gateway Listener. When - unspecified or empty, the kinds of Routes selected are - determined using the Listener protocol. \n A RouteGroupKind - MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's - Protocol field. If an implementation does not support - or recognize this resource type, it MUST set the \"ResolvedRefs\" - condition to False for this Listener with the \"InvalidRouteKinds\" - reason. \n Support: Core" - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: "Namespaces indicates namespaces from which - Routes may be attached to this Listener. This is restricted - to the namespace of this Gateway by default. \n Support: - Core" - properties: - from: - default: Same - description: "From indicates where Routes will be selected - for this Gateway. Possible values are: * All: Routes - in all namespaces may be used by this Gateway. * Selector: - Routes in namespaces selected by the selector may - be used by this Gateway. * Same: Only Routes in - the same namespace may be used by this Gateway. \n - Support: Core" - enum: - - All - - Selector - - Same - type: string - selector: - description: "Selector must be specified when From is - set to \"Selector\". In that case, only Routes in - Namespaces matching this Selector will be selected - by this Gateway. This field is ignored for other values - of \"From\". \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - type: object - type: object - hostname: - description: "Hostname specifies the virtual hostname to match - for protocol types that define this concept. When unspecified, - all hostnames are matched. This field is ignored for protocols - that don't require hostname based matching. \n Implementations - MUST apply Hostname matching appropriately for each of the - following protocols: \n * TLS: The Listener Hostname MUST - match the SNI. * HTTP: The Listener Hostname MUST match the - Host header of the request. * HTTPS: The Listener Hostname - SHOULD match at both the TLS and HTTP protocol layers as - described above. If an implementation does not ensure that - both the SNI and Host header match the Listener hostname, - \ it MUST clearly document that. \n For HTTPRoute and TLSRoute - resources, there is an interaction with the `spec.hostnames` - array. When both listener and route specify hostnames, there - MUST be an intersection between the values for a Route to - be accepted. For more information, refer to the Route specific - Hostnames documentation. \n Hostnames that are prefixed with - a wildcard label (`*.`) are interpreted as a suffix match. - That means that a match for `*.example.com` would match both - `test.example.com`, and `foo.test.example.com`, but not `example.com`. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: "Name is the name of the Listener. This name MUST - be unique within a Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the network port. Multiple listeners may - use the same port, subject to the Listener compatibility rules. - \n Support: Core" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: "Protocol specifies the network protocol this listener - expects to receive. \n Support: Core" - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: "TLS is the TLS configuration for the Listener. - This field is required if the Protocol field is \"HTTPS\" - or \"TLS\". It is invalid to set this field if the Protocol - field is \"HTTP\", \"TCP\", or \"UDP\". \n The association - of SNIs to Certificate defined in GatewayTLSConfig is defined - based on the Hostname field for this listener. \n The GatewayClass - MUST use the longest matching SNI out of all available certificates - for any TLS handshake. \n Support: Core" - properties: - certificateRefs: - description: "CertificateRefs contains a series of references - to Kubernetes objects that contains TLS certificates and - private keys. These certificates are used to establish - a TLS handshake for requests that match the hostname of - the associated listener. \n A single CertificateRef to - a Kubernetes Secret has \"Core\" support. Implementations - MAY choose to support attaching multiple certificates - to a Listener, but this behavior is implementation-specific. - \n References to a resource in different namespace are - invalid UNLESS there is a ReferenceGrant in the target - namespace that allows the certificate to be attached. - If a ReferenceGrant does not allow this reference, the - \"ResolvedRefs\" condition MUST be set to False for this - listener with the \"RefNotPermitted\" reason. \n This - field is required to have at least one element when the - mode is set to \"Terminate\" (default) and is optional - otherwise. \n CertificateRefs can reference to standard - Kubernetes resources, i.e. Secret, or implementation-specific - custom resources. \n Support: Core - A single reference - to a Kubernetes Secret of type kubernetes.io/tls \n Support: - Implementation-specific (More than one reference or other - resource types)" - items: - description: "SecretObjectReference identifies an API - object including its namespace, defaulting to Secret. - \n The API object must be valid in the cluster; the - Group and Kind must be registered in the cluster for - this reference to be valid. \n References to objects - with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate - Conditions set on the containing object." - properties: - group: - default: "" - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. - \n Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to - allow that namespace's owner to accept the reference. - See the ReferenceGrant documentation for details. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: "Mode defines the TLS behavior for the TLS - session initiated by the client. There are two possible - modes: \n - Terminate: The TLS session between the downstream - client and the Gateway is terminated at the Gateway. - This mode requires certificateRefs to be set and contain - at least one element. - Passthrough: The TLS session is - NOT terminated by the Gateway. This implies that the - Gateway can't decipher the TLS stream except for the - ClientHello message of the TLS protocol. CertificateRefs - field is ignored in this mode. \n Support: Core" - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: AnnotationValue is the value of an annotation - in Gateway API. This is used for validation of maps - such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation - in that case is based on the entire size of the annotations - struct. - maxLength: 4096 - minLength: 0 - type: string - description: "Options are a list of key/value pairs to enable - extended TLS configuration for each implementation. For - example, configuring the minimum TLS version or supported - cipher suites. \n A set of common keys MAY be defined - by the API in the future. To avoid any ambiguity, implementation-specific - definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by - Gateway API. \n Support: Implementation-specific" - maxProperties: 16 - type: object - type: object - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: NotReconciled - status: Unknown - type: Accepted - description: Status defines the current state of Gateway. - properties: - addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses - in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: "Conditions describe the current conditions of the Gateway. - \n Implementations should prefer to express Gateway conditions using - the `GatewayConditionType` and `GatewayConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe Gateway state. \n Known condition types are: \n * \"Accepted\" - * \"Ready\"" - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: AttachedRoutes represents the total number of Routes - that have been successfully attached to this Listener. - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: "SupportedKinds is the list indicating the Kinds - supported by this listener. This MUST represent the kinds - an implementation supports for that Listener configuration. - \n If kinds are specified in Spec that are not supported, - they MUST NOT appear in this list and an implementation MUST - set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\" - reason. If both valid and invalid Route kinds are specified, - the implementation MUST reference the valid Route kinds that - have been specified." - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.gatewayClassName - name: Class - type: string - - jsonPath: .status.addresses[*].value - name: Address - type: string - - jsonPath: .status.conditions[?(@.type=="Programmed")].status - name: Programmed - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Gateway represents an instance of a service-traffic handling - infrastructure by binding Listeners to a set of IP addresses. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Gateway. - properties: - addresses: - description: "Addresses requested for this Gateway. This is optional - and behavior can depend on the implementation. If a value is set - in the spec and the requested address is invalid or unavailable, - the implementation MUST indicate this in the associated entry in - GatewayStatus.Addresses. \n The Addresses field represents a request - for the address(es) on the \"outside of the Gateway\", that traffic - bound for this Gateway will use. This could be the IP address or - hostname of an external load balancer or other networking infrastructure, - or some other address that traffic will be sent to. \n The .listener.hostname - field is used to route traffic that has already arrived at the Gateway - to the correct in-cluster destination. \n If no Addresses are specified, - the implementation MAY schedule the Gateway in an implementation-specific - manner, assigning an appropriate set of Addresses. \n The implementation - MUST bind all Listeners to every GatewayAddress that it assigns - to the Gateway and add a corresponding entry in GatewayStatus.Addresses. - \n Support: Extended" - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - gatewayClassName: - description: GatewayClassName used for this Gateway. This is the name - of a GatewayClass resource. - maxLength: 253 - minLength: 1 - type: string - listeners: - description: "Listeners associated with this Gateway. Listeners define - logical endpoints that are bound on this Gateway's addresses. At - least one Listener MUST be specified. \n Each listener in a Gateway - must have a unique combination of Hostname, Port, and Protocol. - \n An implementation MAY group Listeners by Port and then collapse - each group of Listeners into a single Listener if the implementation - determines that the Listeners in the group are \"compatible\". An - implementation MAY also group together and collapse compatible Listeners - belonging to different Gateways. \n For example, an implementation - might consider Listeners to be compatible with each other if all - of the following conditions are met: \n 1. Either each Listener - within the group specifies the \"HTTP\" Protocol or each Listener - within the group specifies either the \"HTTPS\" or \"TLS\" Protocol. - \n 2. Each Listener within the group specifies a Hostname that is - unique within the group. \n 3. As a special case, one Listener - within a group may omit Hostname, in which case this Listener - matches when no other Listener matches. \n If the implementation - does collapse compatible Listeners, the hostname provided in the - incoming client request MUST be matched to a Listener to find the - correct set of Routes. The incoming hostname MUST be matched using - the Hostname field for each Listener in order of most to least specific. - That is, exact matches must be processed before wildcard matches. - \n If this field specifies multiple Listeners that have the same - Port value but are not compatible, the implementation must raise - a \"Conflicted\" condition in the Listener status. \n Support: Core" - items: - description: Listener embodies the concept of a logical endpoint - where a Gateway accepts network connections. - properties: - allowedRoutes: - default: - namespaces: - from: Same - description: "AllowedRoutes defines the types of routes that - MAY be attached to a Listener and the trusted namespaces where - those Route resources MAY be present. \n Although a client - request may match multiple route rules, only one rule may - ultimately receive the request. Matching precedence MUST be - determined in order of the following criteria: \n * The most - specific match as defined by the Route type. * The oldest - Route based on creation timestamp. For example, a Route with - \ a creation timestamp of \"2020-09-08 01:02:03\" is given - precedence over a Route with a creation timestamp of \"2020-09-08 - 01:02:04\". * If everything else is equivalent, the Route - appearing first in alphabetical order (namespace/name) should - be given precedence. For example, foo/bar is given precedence - over foo/baz. \n All valid rules within a Route attached to - this Listener should be implemented. Invalid Route rules can - be ignored (sometimes that will mean the full Route). If a - Route rule transitions from valid to invalid, support for - that Route rule should be dropped to ensure consistency. For - example, even if a filter specified by a Route rule is invalid, - the rest of the rules within that Route should still be supported. - \n Support: Core" - properties: - kinds: - description: "Kinds specifies the groups and kinds of Routes - that are allowed to bind to this Gateway Listener. When - unspecified or empty, the kinds of Routes selected are - determined using the Listener protocol. \n A RouteGroupKind - MUST correspond to kinds of Routes that are compatible - with the application protocol specified in the Listener's - Protocol field. If an implementation does not support - or recognize this resource type, it MUST set the \"ResolvedRefs\" - condition to False for this Listener with the \"InvalidRouteKinds\" - reason. \n Support: Core" - items: - description: RouteGroupKind indicates the group and kind - of a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - namespaces: - default: - from: Same - description: "Namespaces indicates namespaces from which - Routes may be attached to this Listener. This is restricted - to the namespace of this Gateway by default. \n Support: - Core" - properties: - from: - default: Same - description: "From indicates where Routes will be selected - for this Gateway. Possible values are: * All: Routes - in all namespaces may be used by this Gateway. * Selector: - Routes in namespaces selected by the selector may - be used by this Gateway. * Same: Only Routes in - the same namespace may be used by this Gateway. \n - Support: Core" - enum: - - All - - Selector - - Same - type: string - selector: - description: "Selector must be specified when From is - set to \"Selector\". In that case, only Routes in - Namespaces matching this Selector will be selected - by this Gateway. This field is ignored for other values - of \"From\". \n Support: Core" - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - type: object - type: object - hostname: - description: "Hostname specifies the virtual hostname to match - for protocol types that define this concept. When unspecified, - all hostnames are matched. This field is ignored for protocols - that don't require hostname based matching. \n Implementations - MUST apply Hostname matching appropriately for each of the - following protocols: \n * TLS: The Listener Hostname MUST - match the SNI. * HTTP: The Listener Hostname MUST match the - Host header of the request. * HTTPS: The Listener Hostname - SHOULD match at both the TLS and HTTP protocol layers as - described above. If an implementation does not ensure that - both the SNI and Host header match the Listener hostname, - \ it MUST clearly document that. \n For HTTPRoute and TLSRoute - resources, there is an interaction with the `spec.hostnames` - array. When both listener and route specify hostnames, there - MUST be an intersection between the values for a Route to - be accepted. For more information, refer to the Route specific - Hostnames documentation. \n Hostnames that are prefixed with - a wildcard label (`*.`) are interpreted as a suffix match. - That means that a match for `*.example.com` would match both - `test.example.com`, and `foo.test.example.com`, but not `example.com`. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - name: - description: "Name is the name of the Listener. This name MUST - be unique within a Gateway. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the network port. Multiple listeners may - use the same port, subject to the Listener compatibility rules. - \n Support: Core" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - protocol: - description: "Protocol specifies the network protocol this listener - expects to receive. \n Support: Core" - maxLength: 255 - minLength: 1 - pattern: ^[a-zA-Z0-9]([-a-zSA-Z0-9]*[a-zA-Z0-9])?$|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9]+$ - type: string - tls: - description: "TLS is the TLS configuration for the Listener. - This field is required if the Protocol field is \"HTTPS\" - or \"TLS\". It is invalid to set this field if the Protocol - field is \"HTTP\", \"TCP\", or \"UDP\". \n The association - of SNIs to Certificate defined in GatewayTLSConfig is defined - based on the Hostname field for this listener. \n The GatewayClass - MUST use the longest matching SNI out of all available certificates - for any TLS handshake. \n Support: Core" - properties: - certificateRefs: - description: "CertificateRefs contains a series of references - to Kubernetes objects that contains TLS certificates and - private keys. These certificates are used to establish - a TLS handshake for requests that match the hostname of - the associated listener. \n A single CertificateRef to - a Kubernetes Secret has \"Core\" support. Implementations - MAY choose to support attaching multiple certificates - to a Listener, but this behavior is implementation-specific. - \n References to a resource in different namespace are - invalid UNLESS there is a ReferenceGrant in the target - namespace that allows the certificate to be attached. - If a ReferenceGrant does not allow this reference, the - \"ResolvedRefs\" condition MUST be set to False for this - listener with the \"RefNotPermitted\" reason. \n This - field is required to have at least one element when the - mode is set to \"Terminate\" (default) and is optional - otherwise. \n CertificateRefs can reference to standard - Kubernetes resources, i.e. Secret, or implementation-specific - custom resources. \n Support: Core - A single reference - to a Kubernetes Secret of type kubernetes.io/tls \n Support: - Implementation-specific (More than one reference or other - resource types)" - items: - description: "SecretObjectReference identifies an API - object including its namespace, defaulting to Secret. - \n The API object must be valid in the cluster; the - Group and Kind must be registered in the cluster for - this reference to be valid. \n References to objects - with invalid Group and Kind are not valid, and must - be rejected by the implementation, with appropriate - Conditions set on the containing object." - properties: - group: - default: "" - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Secret - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. - \n Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to - allow that namespace's owner to accept the reference. - See the ReferenceGrant documentation for details. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - required: - - name - type: object - maxItems: 64 - type: array - mode: - default: Terminate - description: "Mode defines the TLS behavior for the TLS - session initiated by the client. There are two possible - modes: \n - Terminate: The TLS session between the downstream - client and the Gateway is terminated at the Gateway. - This mode requires certificateRefs to be set and contain - at least one element. - Passthrough: The TLS session is - NOT terminated by the Gateway. This implies that the - Gateway can't decipher the TLS stream except for the - ClientHello message of the TLS protocol. CertificateRefs - field is ignored in this mode. \n Support: Core" - enum: - - Terminate - - Passthrough - type: string - options: - additionalProperties: - description: AnnotationValue is the value of an annotation - in Gateway API. This is used for validation of maps - such as TLS options. This roughly matches Kubernetes - annotation validation, although the length validation - in that case is based on the entire size of the annotations - struct. - maxLength: 4096 - minLength: 0 - type: string - description: "Options are a list of key/value pairs to enable - extended TLS configuration for each implementation. For - example, configuring the minimum TLS version or supported - cipher suites. \n A set of common keys MAY be defined - by the API in the future. To avoid any ambiguity, implementation-specific - definitions MUST use domain-prefixed names, such as `example.com/my-custom-option`. - Un-prefixed names are reserved for key names defined by - Gateway API. \n Support: Implementation-specific" - maxProperties: 16 - type: object - type: object - required: - - name - - port - - protocol - type: object - maxItems: 64 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - required: - - gatewayClassName - - listeners - type: object - status: - default: - conditions: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: NotReconciled - status: Unknown - type: Accepted - description: Status defines the current state of Gateway. - properties: - addresses: - description: Addresses lists the IP addresses that have actually been - bound to the Gateway. These addresses may differ from the addresses - in the Spec, e.g. if the Gateway automatically assigns an address - from a reserved pool. - items: - description: GatewayAddress describes an address that can be bound - to a Gateway. - properties: - type: - default: IPAddress - description: Type of the address. - maxLength: 253 - minLength: 1 - pattern: ^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - value: - description: "Value of the address. The validity of the values - will depend on the type and support by the controller. \n - Examples: `1.2.3.4`, `128::1`, `my-ip-address`." - maxLength: 253 - minLength: 1 - type: string - required: - - value - type: object - maxItems: 16 - type: array - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Accepted - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Waiting for controller - reason: Pending - status: Unknown - type: Programmed - description: "Conditions describe the current conditions of the Gateway. - \n Implementations should prefer to express Gateway conditions using - the `GatewayConditionType` and `GatewayConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe Gateway state. \n Known condition types are: \n * \"Accepted\" - * \"Ready\"" - items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n \ttype FooStatus struct{ \t // Represents the observations - of a foo's current state. \t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\" \t // - +patchMergeKey=type \t // +patchStrategy=merge \t // +listType=map - \t // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other fields - \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - listeners: - description: Listeners provide status for each unique listener port - defined in the Spec. - items: - description: ListenerStatus is the status associated with a Listener. - properties: - attachedRoutes: - description: AttachedRoutes represents the total number of Routes - that have been successfully attached to this Listener. - format: int32 - type: integer - conditions: - description: Conditions describe the current condition of this - listener. - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - name: - description: Name is the name of the Listener that this status - corresponds to. - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - supportedKinds: - description: "SupportedKinds is the list indicating the Kinds - supported by this listener. This MUST represent the kinds - an implementation supports for that Listener configuration. - \n If kinds are specified in Spec that are not supported, - they MUST NOT appear in this list and an implementation MUST - set the \"ResolvedRefs\" condition to \"False\" with the \"InvalidRouteKinds\" - reason. If both valid and invalid Route kinds are specified, - the implementation MUST reference the valid Route kinds that - have been specified." - items: - description: RouteGroupKind indicates the group and kind of - a Route resource. - properties: - group: - default: gateway.networking.k8s.io - description: Group is the group of the Route. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is the kind of the Route. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - required: - - kind - type: object - maxItems: 8 - type: array - required: - - attachedRoutes - - conditions - - name - - supportedKinds - type: object - maxItems: 64 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: standard - creationTimestamp: null - name: httproutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: HTTPRoute - listKind: HTTPRouteList - plural: httproutes - singular: httproute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - deprecated: true - deprecationWarning: The v1alpha2 version of HTTPRoute has been deprecated and - will be removed in a future release of the API. Please upgrade to v1beta1. - name: v1alpha2 - schema: - openAPIV3Schema: - description: HTTPRoute provides a way to route HTTP requests. This includes - the capability to match requests by hostname, path, header, or query param. - Filters can be used to specify additional processing steps. Backends specify - where matching requests should be routed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostname that should match - against the HTTP Host header to select a HTTPRoute to process the - request. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname may - be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n If a hostname is specified - by both the Listener and HTTPRoute, there must be at least one intersecting - hostname for the HTTPRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - HTTPRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - \ that have either not specified any hostnames or have specified - at least one hostname that matches the Listener hostname. For - example, `*.example.com`, `test.example.com`, and `foo.test.example.com` - would all match. On the other hand, `example.com` and `test.example.net` - would not match. \n Hostnames that are prefixed with a wildcard - label (`*.`) are interpreted as a suffix match. That means that - a match for `*.example.com` would match both `test.example.com`, - and `foo.test.example.com`, but not `example.com`. \n If both the - Listener and HTTPRoute have specified hostnames, any HTTPRoute hostnames - that do not match the Listener hostname MUST be ignored. For example, - if a Listener specified `*.example.com`, and the HTTPRoute specified - `test.example.com` and `test.example.net`, `test.example.net` must - not be considered for a match. \n If both the Listener and HTTPRoute - have specified hostnames, and none match with the criteria above, - then the HTTPRoute is not accepted. The implementation must raise - an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n In the event that multiple HTTPRoutes specify - intersecting hostnames (e.g. overlapping wildcard matching and exact - matching hostnames), precedence must be given to rules from the - HTTPRoute with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. \n If - ties exist across multiple Routes, the matching precedence rules - for HTTPRouteMatches takes over. \n Support: Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. \n The only kind of parent resource - with \"Core\" support is Gateway. This API may be extended in the - future to support additional kinds of parent resources such as one - of the route kinds. \n It is invalid to reference an identical parent - more than once. It is valid to reference multiple distinct sections - within the same parent resource, such as 2 Listeners within a Gateway. - \n It is possible to separately reference multiple distinct objects - that may be collapsed by an implementation. For example, some implementations - may choose to merge compatible Gateway Listeners together. If that - is the case, the list of routes attached to those resources should - also be merged. \n Note that for ParentRefs that cross namespace - boundaries, there are specific rules. Cross-namespace references - are only valid if they are explicitly allowed by something in the - namespace they are referring to. For example, Gateway has the AllowedRoutes - field, and ReferenceGrant provides a generic way to enable any other - kind of cross-namespace reference." - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). The only kind of parent resource with \"Core\" support - is Gateway. This API may be extended in the future to support - additional kinds of parent resources, such as HTTPRoute. \n The - API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: Core - (Gateway) \n Support: Implementation-specific (Other Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. \n Implementations MAY choose to support - attaching Routes to other resources. If that is the case, - they MUST clearly document how SectionName is interpreted. - \n When unspecified (empty string), this will reference the - entire resource. For the purpose of status, an attachment - is considered successful if at least one section in the parent - resource accepts it. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: Rules are a list of HTTP matchers, filters and actions. - items: - description: HTTPRouteRule defines semantics for matching an HTTP - request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive a 500 status code. \n - See the HTTPBackendRef definition for the rules about what - makes a single HTTPBackendRef invalid. \n When a HTTPBackendRef - is invalid, 500 status codes MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive a 500 status code. - \n For example, if two backends are specified with equal weights, - and one is invalid, 50 percent of traffic must receive a 500. - Implementations may choose how that 50 percent is determined. - \n Support: Core for Kubernetes Service \n Support: Implementation-specific - for any other resource \n Support for weight: Core" - items: - description: HTTPBackendRef defines how a HTTPRoute should - forward an HTTP request. - properties: - filters: - description: "Filters defined at this level should be - executed if and only if the request is being forwarded - to the backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in HTTPRouteRule.)" - items: - description: HTTPRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n If the - referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the - underlying implementation. \n If there is - a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: - False`, with the \"RefNotPermitted\" reason - and not configure this backend in the underlying - implementation. \n In either error case, the - Message of the `ResolvedRefs` Condition should - be used to provide more detail about the problem. - \n Support: Extended for Kubernetes Service - \n Support: Implementation-specific for any - other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. - For example "HTTPRoute" or "Service". - Defaults to "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for - a filter that responds to the request with an - HTTP redirection. \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be - used in the value of the `Location` header - in the response. When empty, the hostname - of the request is used. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in - the value of the `Location` header in the - response. When empty, port (if specified) - of the request is used. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used - in the value of the `Location` header in the - response. When empty, the scheme of the request - is used. \n Note that values may be added - to this enum, implementations must ensure - that unknown values will not cause a crash. - \n Unknown values here must result in the - implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status - code to be used in response. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result - in the implementation setting the Accepted - Condition for the Route to `status: False`, - with a Reason of `UnsupportedValue`. \n Support: - Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - must support core filters. \n - Extended: Filter - types and their corresponding configuration defined - by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations - will be considered for inclusion in extended or - core conformance levels. Filter-specific configuration - for such filters is specified using the ExtensionRef - field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result in - the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". Defaults to "Service" when - not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow - that namespace's owner to accept the reference. See - the ReferenceGrant documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations. - Implementers are encouraged to support - extended filters. - Implementation-specific custom filters - have no API guarantees across implementations. \n Specifying - a core filter multiple times has unspecified or implementation-specific - conformance. \n All filters are expected to be compatible - with each other except for the URLRewrite and RequestRedirect - filters, which may not be combined. If an implementation can - not support other combinations of filters, they must clearly - document that limitation. In all cases where incompatible - or unsupported filters are specified, implementations MUST - add a warning condition to status. \n Support: Core" - items: - description: HTTPRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - HTTPRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n If the referent cannot - be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route status - is set to `status: False` and not configure this - backend in the underlying implementation. \n If - there is a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: False`, - with the \"RefNotPermitted\" reason and not configure - this backend in the underlying implementation. \n - In either error case, the Message of the `ResolvedRefs` - Condition should be used to provide more detail - about the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific for - any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". Defaults to - "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace is - specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for a filter - that responds to the request with an HTTP redirection. - \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be used - in the value of the `Location` header in the response. - When empty, the hostname of the request is used. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in the value - of the `Location` header in the response. When empty, - port (if specified) of the request is used. \n Support: - Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used in the - value of the `Location` header in the response. - When empty, the scheme of the request is used. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a - crash. \n Unknown values here must result in the - implementation setting the Accepted Condition for - the Route to `status: False`, with a Reason of `UnsupportedValue`. - \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status code to - be used in response. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. \n Unknown - values here must result in the implementation setting - the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n - Support: Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations must support core filters. \n - - Extended: Filter types and their corresponding configuration - defined by \"Support: Extended\" in this package, - e.g. \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations will be - considered for inclusion in extended or core conformance - levels. Filter-specific configuration for such filters - \ is specified using the ExtensionRef field. `Type` - should be set to \"ExtensionRef\" for custom filters. - \n Implementers are encouraged to define custom implementation - types to extend the core API with implementation-specific - behavior. \n If a reference to a custom filter type - cannot be resolved, the filter MUST NOT be skipped. - Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. \n Note - that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - \n Unknown values here must result in the implementation - setting the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - matches: - default: - - path: - type: PathPrefix - value: / - description: "Matches define conditions used for matching the - rule against incoming HTTP requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - path: value: \"/foo\" headers: - - name: \"version\" value: \"v2\" - path: value: \"/v2/foo\" - ``` \n For a request to match against this rule, a request - must satisfy EITHER of the two conditions: \n - path prefixed - with `/foo` AND contains the header `version: v2` - path prefix - of `/v2/foo` \n See the documentation for HTTPRouteMatch on - how to specify multiple match conditions that should be ANDed - together. \n If no matches are specified, the default is a - prefix path match on \"/\", which has the effect of matching - every HTTP request. \n Proxy or Load Balancer routing configuration - generated from HTTPRoutes MUST prioritize matches based on - the following criteria, continuing on ties. Across all rules - specified on applicable Routes, precedence must be given to - the match with the largest number of: \n * Characters in a - matching path. * Header matches. * Query param matches. \n - If ties still exist across multiple Routes, matching precedence - MUST be determined in order of the following criteria, continuing - on ties: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n If ties still exist within an HTTPRoute, matching precedence - MUST be granted to the FIRST matching rule (in list order) - with a match meeting the above criteria. \n When no rules - matching a request have been successfully attached to the - parent a request is coming from, a HTTP 404 status code MUST - be returned." - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a HTTP request only if its path starts - with `/foo` AND it contains the `version: v1` header: \n - ``` match: \n \tpath: \t value: \"/foo\" \theaders: \t- - name: \"version\" \t value \"v1\" \n ```" - properties: - headers: - description: Headers specifies HTTP request header matchers. - Multiple match values are ANDed together, meaning, a - request must match all the specified headers to select - the route. - items: - description: HTTPHeaderMatch describes how to select - a HTTP route by matching HTTP request headers. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case insensitive. - (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent header - names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be - ignored. Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered equivalent. - \n When a header is repeated in an HTTP request, - it is implementation-specific behavior as to how - this is represented. Generally, proxies should - follow the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, with special - handling for \"Set-Cookie\"." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the header. \n Support: Core (Exact) - \n Support: Implementation-specific (RegularExpression) - \n Since RegularExpression HeaderMatchType has - implementation-specific conformance, implementations - can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's - documentation to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: "Method specifies HTTP method matcher. When - specified, this route will be matched only if the request - has the specified method. \n Support: Extended" - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: Path specifies a HTTP request path matcher. - If this field is not specified, a default prefix match - on the "/" path is provided. - properties: - type: - default: PathPrefix - description: "Type specifies how to match against - the path Value. \n Support: Core (Exact, PathPrefix) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - queryParams: - description: "QueryParams specifies HTTP query parameter - matchers. Multiple match values are ANDed together, - meaning, a request must match all the specified query - parameters to select the route. \n Support: Extended" - items: - description: HTTPQueryParamMatch describes how to select - a HTTP route by matching HTTP query parameters. - properties: - name: - description: "Name is the name of the HTTP query - param to be matched. This must be an exact string - match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent query - param names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST - be ignored. \n If a query param is repeated in - an HTTP request, the behavior is purposely left - undefined, since different data planes have different - capabilities. However, it is *recommended* that - implementations should match against the first - value of the param if the data plane supports - it, as this behavior is expected in other load - balancing contexts outside of the Gateway API. - \n Users SHOULD NOT route traffic based on repeated - query params to guard themselves against potential - differences in the implementations." - maxLength: 256 - minLength: 1 - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the query parameter. \n Support: - Extended (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, - PCRE or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: - Core (Gateway) \n Support: Implementation-specific (Other - Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY - choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: false - subresources: - status: {} - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: HTTPRoute provides a way to route HTTP requests. This includes - the capability to match requests by hostname, path, header, or query param. - Filters can be used to specify additional processing steps. Backends specify - where matching requests should be routed. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of HTTPRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostname that should match - against the HTTP Host header to select a HTTPRoute to process the - request. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname may - be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n If a hostname is specified - by both the Listener and HTTPRoute, there must be at least one intersecting - hostname for the HTTPRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - HTTPRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches HTTPRoutes - \ that have either not specified any hostnames or have specified - at least one hostname that matches the Listener hostname. For - example, `*.example.com`, `test.example.com`, and `foo.test.example.com` - would all match. On the other hand, `example.com` and `test.example.net` - would not match. \n Hostnames that are prefixed with a wildcard - label (`*.`) are interpreted as a suffix match. That means that - a match for `*.example.com` would match both `test.example.com`, - and `foo.test.example.com`, but not `example.com`. \n If both the - Listener and HTTPRoute have specified hostnames, any HTTPRoute hostnames - that do not match the Listener hostname MUST be ignored. For example, - if a Listener specified `*.example.com`, and the HTTPRoute specified - `test.example.com` and `test.example.net`, `test.example.net` must - not be considered for a match. \n If both the Listener and HTTPRoute - have specified hostnames, and none match with the criteria above, - then the HTTPRoute is not accepted. The implementation must raise - an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n In the event that multiple HTTPRoutes specify - intersecting hostnames (e.g. overlapping wildcard matching and exact - matching hostnames), precedence must be given to rules from the - HTTPRoute with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. \n If - ties exist across multiple Routes, the matching precedence rules - for HTTPRouteMatches takes over. \n Support: Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. \n The only kind of parent resource - with \"Core\" support is Gateway. This API may be extended in the - future to support additional kinds of parent resources such as one - of the route kinds. \n It is invalid to reference an identical parent - more than once. It is valid to reference multiple distinct sections - within the same parent resource, such as 2 Listeners within a Gateway. - \n It is possible to separately reference multiple distinct objects - that may be collapsed by an implementation. For example, some implementations - may choose to merge compatible Gateway Listeners together. If that - is the case, the list of routes attached to those resources should - also be merged. \n Note that for ParentRefs that cross namespace - boundaries, there are specific rules. Cross-namespace references - are only valid if they are explicitly allowed by something in the - namespace they are referring to. For example, Gateway has the AllowedRoutes - field, and ReferenceGrant provides a generic way to enable any other - kind of cross-namespace reference." - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). The only kind of parent resource with \"Core\" support - is Gateway. This API may be extended in the future to support - additional kinds of parent resources, such as HTTPRoute. \n The - API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: Core - (Gateway) \n Support: Implementation-specific (Other Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. \n Implementations MAY choose to support - attaching Routes to other resources. If that is the case, - they MUST clearly document how SectionName is interpreted. - \n When unspecified (empty string), this will reference the - entire resource. For the purpose of status, an attachment - is considered successful if at least one section in the parent - resource accepts it. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - rules: - default: - - matches: - - path: - type: PathPrefix - value: / - description: Rules are a list of HTTP matchers, filters and actions. - items: - description: HTTPRouteRule defines semantics for matching an HTTP - request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive a 500 status code. \n - See the HTTPBackendRef definition for the rules about what - makes a single HTTPBackendRef invalid. \n When a HTTPBackendRef - is invalid, 500 status codes MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive a 500 status code. - \n For example, if two backends are specified with equal weights, - and one is invalid, 50 percent of traffic must receive a 500. - Implementations may choose how that 50 percent is determined. - \n Support: Core for Kubernetes Service \n Support: Implementation-specific - for any other resource \n Support for weight: Core" - items: - description: HTTPBackendRef defines how a HTTPRoute should - forward an HTTP request. - properties: - filters: - description: "Filters defined at this level should be - executed if and only if the request is being forwarded - to the backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in HTTPRouteRule.)" - items: - description: HTTPRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. HTTPRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n If the - referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the - underlying implementation. \n If there is - a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: - False`, with the \"RefNotPermitted\" reason - and not configure this backend in the underlying - implementation. \n In either error case, the - Message of the `ResolvedRefs` Condition should - be used to provide more detail about the problem. - \n Support: Extended for Kubernetes Service - \n Support: Implementation-specific for any - other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. - For example "HTTPRoute" or "Service". - Defaults to "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for - a filter that responds to the request with an - HTTP redirection. \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be - used in the value of the `Location` header - in the response. When empty, the hostname - of the request is used. \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in - the value of the `Location` header in the - response. When empty, port (if specified) - of the request is used. \n Support: Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used - in the value of the `Location` header in the - response. When empty, the scheme of the request - is used. \n Note that values may be added - to this enum, implementations must ensure - that unknown values will not cause a crash. - \n Unknown values here must result in the - implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status - code to be used in response. \n Note that - values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result - in the implementation setting the Accepted - Condition for the Route to `status: False`, - with a Reason of `UnsupportedValue`. \n Support: - Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - must support core filters. \n - Extended: Filter - types and their corresponding configuration defined - by \"Support: Extended\" in this package, e.g. - \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations - will be considered for inclusion in extended or - core conformance levels. Filter-specific configuration - for such filters is specified using the ExtensionRef - field. `Type` should be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause - a crash. \n Unknown values here must result in - the implementation setting the Accepted Condition - for the Route to `status: False`, with a Reason - of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". Defaults to "Service" when - not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow - that namespace's owner to accept the reference. See - the ReferenceGrant documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations. - Implementers are encouraged to support - extended filters. - Implementation-specific custom filters - have no API guarantees across implementations. \n Specifying - a core filter multiple times has unspecified or implementation-specific - conformance. \n All filters are expected to be compatible - with each other except for the URLRewrite and RequestRedirect - filters, which may not be combined. If an implementation can - not support other combinations of filters, they must clearly - document that limitation. In all cases where incompatible - or unsupported filters are specified, implementations MUST - add a warning condition to status. \n Support: Core" - items: - description: HTTPRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - HTTPRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n If the referent cannot - be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route status - is set to `status: False` and not configure this - backend in the underlying implementation. \n If - there is a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: False`, - with the \"RefNotPermitted\" reason and not configure - this backend in the underlying implementation. \n - In either error case, the Message of the `ResolvedRefs` - Condition should be used to provide more detail - about the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific for - any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". Defaults to - "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace is - specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - requestRedirect: - description: "RequestRedirect defines a schema for a filter - that responds to the request with an HTTP redirection. - \n Support: Core" - properties: - hostname: - description: "Hostname is the hostname to be used - in the value of the `Location` header in the response. - When empty, the hostname of the request is used. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - port: - description: "Port is the port to be used in the value - of the `Location` header in the response. When empty, - port (if specified) of the request is used. \n Support: - Extended" - format: int32 - maximum: 65535 - minimum: 1 - type: integer - scheme: - description: "Scheme is the scheme to be used in the - value of the `Location` header in the response. - When empty, the scheme of the request is used. \n - Note that values may be added to this enum, implementations - must ensure that unknown values will not cause a - crash. \n Unknown values here must result in the - implementation setting the Accepted Condition for - the Route to `status: False`, with a Reason of `UnsupportedValue`. - \n Support: Extended" - enum: - - http - - https - type: string - statusCode: - default: 302 - description: "StatusCode is the HTTP status code to - be used in response. \n Note that values may be - added to this enum, implementations must ensure - that unknown values will not cause a crash. \n Unknown - values here must result in the implementation setting - the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n - Support: Core" - enum: - - 301 - - 302 - type: integer - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations must support core filters. \n - - Extended: Filter types and their corresponding configuration - defined by \"Support: Extended\" in this package, - e.g. \"RequestMirror\". Implementers are encouraged - to support extended filters. \n - Implementation-specific: - Filters that are defined and supported by specific - vendors. In the future, filters showing convergence - in behavior across multiple implementations will be - considered for inclusion in extended or core conformance - levels. Filter-specific configuration for such filters - \ is specified using the ExtensionRef field. `Type` - should be set to \"ExtensionRef\" for custom filters. - \n Implementers are encouraged to define custom implementation - types to extend the core API with implementation-specific - behavior. \n If a reference to a custom filter type - cannot be resolved, the filter MUST NOT be skipped. - Instead, requests that would have been processed by - that filter MUST receive a HTTP error response. \n Note - that values may be added to this enum, implementations - must ensure that unknown values will not cause a crash. - \n Unknown values here must result in the implementation - setting the Accepted Condition for the Route to `status: - False`, with a Reason of `UnsupportedValue`. \n " - enum: - - RequestHeaderModifier - - RequestMirror - - RequestRedirect - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - matches: - default: - - path: - type: PathPrefix - value: / - description: "Matches define conditions used for matching the - rule against incoming HTTP requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - path: value: \"/foo\" headers: - - name: \"version\" value: \"v2\" - path: value: \"/v2/foo\" - ``` \n For a request to match against this rule, a request - must satisfy EITHER of the two conditions: \n - path prefixed - with `/foo` AND contains the header `version: v2` - path prefix - of `/v2/foo` \n See the documentation for HTTPRouteMatch on - how to specify multiple match conditions that should be ANDed - together. \n If no matches are specified, the default is a - prefix path match on \"/\", which has the effect of matching - every HTTP request. \n Proxy or Load Balancer routing configuration - generated from HTTPRoutes MUST prioritize matches based on - the following criteria, continuing on ties. Across all rules - specified on applicable Routes, precedence must be given to - the match with the largest number of: \n * Characters in a - matching path. * Header matches. * Query param matches. \n - If ties still exist across multiple Routes, matching precedence - MUST be determined in order of the following criteria, continuing - on ties: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n If ties still exist within an HTTPRoute, matching precedence - MUST be granted to the FIRST matching rule (in list order) - with a match meeting the above criteria. \n When no rules - matching a request have been successfully attached to the - parent a request is coming from, a HTTP 404 status code MUST - be returned." - items: - description: "HTTPRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a HTTP request only if its path starts - with `/foo` AND it contains the `version: v1` header: \n - ``` match: \n \tpath: \t value: \"/foo\" \theaders: \t- - name: \"version\" \t value \"v1\" \n ```" - properties: - headers: - description: Headers specifies HTTP request header matchers. - Multiple match values are ANDed together, meaning, a - request must match all the specified headers to select - the route. - items: - description: HTTPHeaderMatch describes how to select - a HTTP route by matching HTTP request headers. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case insensitive. - (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent header - names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST be - ignored. Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered equivalent. - \n When a header is repeated in an HTTP request, - it is implementation-specific behavior as to how - this is represented. Generally, proxies should - follow the guidance from the RFC: https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2 - regarding processing a repeated header, with special - handling for \"Set-Cookie\"." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the header. \n Support: Core (Exact) - \n Support: Implementation-specific (RegularExpression) - \n Since RegularExpression HeaderMatchType has - implementation-specific conformance, implementations - can support POSIX, PCRE or any other dialects - of regular expressions. Please read the implementation's - documentation to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP Header to - be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - description: "Method specifies HTTP method matcher. When - specified, this route will be matched only if the request - has the specified method. \n Support: Extended" - enum: - - GET - - HEAD - - POST - - PUT - - DELETE - - CONNECT - - OPTIONS - - TRACE - - PATCH - type: string - path: - default: - type: PathPrefix - value: / - description: Path specifies a HTTP request path matcher. - If this field is not specified, a default prefix match - on the "/" path is provided. - properties: - type: - default: PathPrefix - description: "Type specifies how to match against - the path Value. \n Support: Core (Exact, PathPrefix) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - PathPrefix - - RegularExpression - type: string - value: - default: / - description: Value of the HTTP path to match against. - maxLength: 1024 - type: string - type: object - queryParams: - description: "QueryParams specifies HTTP query parameter - matchers. Multiple match values are ANDed together, - meaning, a request must match all the specified query - parameters to select the route. \n Support: Extended" - items: - description: HTTPQueryParamMatch describes how to select - a HTTP route by matching HTTP query parameters. - properties: - name: - description: "Name is the name of the HTTP query - param to be matched. This must be an exact string - match. (See https://tools.ietf.org/html/rfc7230#section-2.7.3). - \n If multiple entries specify equivalent query - param names, only the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent query param name MUST - be ignored. \n If a query param is repeated in - an HTTP request, the behavior is purposely left - undefined, since different data planes have different - capabilities. However, it is *recommended* that - implementations should match against the first - value of the param if the data plane supports - it, as this behavior is expected in other load - balancing contexts outside of the Gateway API. - \n Users SHOULD NOT route traffic based on repeated - query params to guard themselves against potential - differences in the implementations." - maxLength: 256 - minLength: 1 - type: string - type: - default: Exact - description: "Type specifies how to match against - the value of the query parameter. \n Support: - Extended (Exact) \n Support: Implementation-specific - (RegularExpression) \n Since RegularExpression - QueryParamMatchType has Implementation-specific - conformance, implementations can support POSIX, - PCRE or any other dialects of regular expressions. - Please read the implementation's documentation - to determine the supported dialect." - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of HTTP query param - to be matched. - maxLength: 1024 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of HTTPRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: - Core (Gateway) \n Support: Implementation-specific (Other - Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY - choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - required: - - spec - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1538 - gateway.networking.k8s.io/bundle-version: v0.6.1 - gateway.networking.k8s.io/channel: experimental - creationTimestamp: null - name: grpcroutes.gateway.networking.k8s.io -spec: - group: gateway.networking.k8s.io - names: - categories: - - gateway-api - kind: GRPCRoute - listKind: GRPCRouteList - plural: grpcroutes - singular: grpcroute - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.hostnames - name: Hostnames - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha2 - schema: - openAPIV3Schema: - description: "GRPCRoute provides a way to route gRPC requests. This includes - the capability to match requests by hostname, gRPC service, gRPC method, - or HTTP/2 header. Filters can be used to specify additional processing steps. - Backends specify where matching requests will be routed. \n GRPCRoute falls - under extended support within the Gateway API. Within the following specification, - the word \"MUST\" indicates that an implementation supporting GRPCRoute - must conform to the indicated requirement, but an implementation not supporting - this route type need not follow the requirement unless explicitly indicated. - \n Implementations supporting `GRPCRoute` with the `HTTPS` `ProtocolType` - MUST accept HTTP/2 connections without an initial upgrade from HTTP/1.1, - i.e. via ALPN. If the implementation does not support this, then it MUST - set the \"Accepted\" condition to \"False\" for the affected listener with - a reason of \"UnsupportedProtocol\". Implementations MAY also accept HTTP/2 - connections with an upgrade from HTTP/1. \n Implementations supporting `GRPCRoute` - with the `HTTP` `ProtocolType` MUST support HTTP/2 over cleartext TCP (h2c, - https://www.rfc-editor.org/rfc/rfc7540#section-3.1) without an initial upgrade - from HTTP/1.1, i.e. with prior knowledge (https://www.rfc-editor.org/rfc/rfc7540#section-3.4). - If the implementation does not support this, then it MUST set the \"Accepted\" - condition to \"False\" for the affected listener with a reason of \"UnsupportedProtocol\". - Implementations MAY also accept HTTP/2 connections with an upgrade from - HTTP/1, i.e. without prior knowledge. \n Support: Extended" - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of GRPCRoute. - properties: - hostnames: - description: "Hostnames defines a set of hostnames to match against - the GRPC Host header to select a GRPCRoute to process the request. - This matches the RFC 1123 definition of a hostname with 2 notable - exceptions: \n 1. IPs are not allowed. 2. A hostname may be prefixed - with a wildcard label (`*.`). The wildcard label MUST appear - by itself as the first label. \n If a hostname is specified by both - the Listener and GRPCRoute, there MUST be at least one intersecting - hostname for the GRPCRoute to be attached to the Listener. For example: - \n * A Listener with `test.example.com` as the hostname matches - GRPCRoutes that have either not specified any hostnames, or have - specified at least one of `test.example.com` or `*.example.com`. - * A Listener with `*.example.com` as the hostname matches GRPCRoutes - \ that have either not specified any hostnames or have specified - at least one hostname that matches the Listener hostname. For - example, `test.example.com` and `*.example.com` would both match. - On the other hand, `example.com` and `test.example.net` would - not match. \n Hostnames that are prefixed with a wildcard label - (`*.`) are interpreted as a suffix match. That means that a match - for `*.example.com` would match both `test.example.com`, and `foo.test.example.com`, - but not `example.com`. \n If both the Listener and GRPCRoute have - specified hostnames, any GRPCRoute hostnames that do not match the - Listener hostname MUST be ignored. For example, if a Listener specified - `*.example.com`, and the GRPCRoute specified `test.example.com` - and `test.example.net`, `test.example.net` MUST NOT be considered - for a match. \n If both the Listener and GRPCRoute have specified - hostnames, and none match with the criteria above, then the GRPCRoute - MUST NOT be accepted by the implementation. The implementation MUST - raise an 'Accepted' Condition with a status of `False` in the corresponding - RouteParentStatus. \n If a Route (A) of type HTTPRoute or GRPCRoute - is attached to a Listener and that listener already has another - Route (B) of the other type attached and the intersection of the - hostnames of A and B is non-empty, then the implementation MUST - accept exactly one of these two routes, determined by the following - criteria, in order: \n * The oldest Route based on creation timestamp. - * The Route appearing first in alphabetical order by \"{namespace}/{name}\". - \n The rejected Route MUST raise an 'Accepted' condition with a - status of 'False' in the corresponding RouteParentStatus. \n Support: - Core" - items: - description: "Hostname is the fully qualified domain name of a network - host. This matches the RFC 1123 definition of a hostname with - 2 notable exceptions: \n 1. IPs are not allowed. 2. A hostname - may be prefixed with a wildcard label (`*.`). The wildcard label - must appear by itself as the first label. \n Hostname can be \"precise\" - which is a domain name without the terminating dot of a network - host (e.g. \"foo.example.com\") or \"wildcard\", which is a domain - name prefixed with a single wildcard label (e.g. `*.example.com`). - \n Note that as per RFC1035 and RFC1123, a *label* must consist - of lower case alphanumeric characters or '-', and must start and - end with an alphanumeric character. No other punctuation is allowed." - maxLength: 253 - minLength: 1 - pattern: ^(\*\.)?[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - maxItems: 16 - type: array - parentRefs: - description: "ParentRefs references the resources (usually Gateways) - that a Route wants to be attached to. Note that the referenced parent - resource needs to allow this for the attachment to be complete. - For Gateways, that means the Gateway needs to allow attachment from - Routes of this kind and namespace. \n The only kind of parent resource - with \"Core\" support is Gateway. This API may be extended in the - future to support additional kinds of parent resources such as one - of the route kinds. \n It is invalid to reference an identical parent - more than once. It is valid to reference multiple distinct sections - within the same parent resource, such as 2 Listeners within a Gateway. - \n It is possible to separately reference multiple distinct objects - that may be collapsed by an implementation. For example, some implementations - may choose to merge compatible Gateway Listeners together. If that - is the case, the list of routes attached to those resources should - also be merged. \n Note that for ParentRefs that cross namespace - boundaries, there are specific rules. Cross-namespace references - are only valid if they are explicitly allowed by something in the - namespace they are referring to. For example, Gateway has the AllowedRoutes - field, and ReferenceGrant provides a generic way to enable any other - kind of cross-namespace reference." - items: - description: "ParentReference identifies an API object (usually - a Gateway) that can be considered a parent of this resource (usually - a route). The only kind of parent resource with \"Core\" support - is Gateway. This API may be extended in the future to support - additional kinds of parent resources, such as HTTPRoute. \n The - API object must be valid in the cluster; the Group and Kind must - be registered in the cluster for this reference to be valid." - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the core - API group (such as for a \"Service\" kind referent), Group - must be explicitly set to \"\" (empty string). \n Support: - Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: Core - (Gateway) \n Support: Implementation-specific (Other Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. When - unspecified, this refers to the local namespace of the Route. - \n Note that there are specific rules for ParentRefs which - cross namespace boundaries. Cross-namespace references are - only valid if they are explicitly allowed by something in - the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides a - generic way to enable any other kind of cross-namespace reference. - \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: "Port is the network port this Route targets. It - can be interpreted differently based on the type of parent - resource. \n When the parent resource is a Gateway, this targets - all listeners listening on the specified port that also support - this kind of Route(and select this Route). It's not recommended - to set `Port` unless the networking behaviors specified in - a Route must apply to a specific port as opposed to a listener(s) - whose port(s) may be changed. When both Port and SectionName - are specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY choose - to support other parent resources. Implementations supporting - other types of parent resources MUST clearly document how/if - Port is interpreted. \n For the purpose of status, an attachment - is considered successful as long as the parent resource accepts - it partially. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Extended \n " - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: "SectionName is the name of a section within the - target resource. In the following resources, SectionName is - interpreted as the following: \n * Gateway: Listener Name. - When both Port (experimental) and SectionName are specified, - the name and port of the selected listener must match both - specified values. \n Implementations MAY choose to support - attaching Routes to other resources. If that is the case, - they MUST clearly document how SectionName is interpreted. - \n When unspecified (empty string), this will reference the - entire resource. For the purpose of status, an attachment - is considered successful if at least one section in the parent - resource accepts it. For example, Gateway listeners can restrict - which Routes can attach to them by Route kind, namespace, - or hostname. If 1 of 2 Gateway listeners accept attachment - from the referencing Route, the Route MUST be considered successfully - attached. If no Gateway listeners accept attachment from this - Route, the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - maxItems: 32 - type: array - rules: - default: - - matches: - - method: - type: Exact - description: Rules are a list of GRPC matchers, filters and actions. - items: - description: GRPCRouteRule defines the semantics for matching an - gRPC request based on conditions (matches), processing it (filters), - and forwarding the request to an API object (backendRefs). - properties: - backendRefs: - description: "BackendRefs defines the backend(s) where matching - requests should be sent. \n Failure behavior here depends - on how many BackendRefs are specified and how many are invalid. - \n If *all* entries in BackendRefs are invalid, and there - are also no filters specified in this route rule, *all* traffic - which matches this rule MUST receive an `UNAVAILABLE` status. - \n See the GRPCBackendRef definition for the rules about what - makes a single GRPCBackendRef invalid. \n When a GRPCBackendRef - is invalid, `UNAVAILABLE` statuses MUST be returned for requests - that would have otherwise been routed to an invalid backend. - If multiple backends are specified, and some are invalid, - the proportion of requests that would otherwise have been - routed to an invalid backend MUST receive an `UNAVAILABLE` - status. \n For example, if two backends are specified with - equal weights, and one is invalid, 50 percent of traffic MUST - receive an `UNAVAILABLE` status. Implementations may choose - how that 50 percent is determined. \n Support: Core for Kubernetes - Service \n Support: Implementation-specific for any other - resource \n Support for weight: Core" - items: - description: GRPCBackendRef defines how a GRPCRoute forwards - a gRPC request. - properties: - filters: - description: "Filters defined at this level MUST be executed - if and only if the request is being forwarded to the - backend defined here. \n Support: Implementation-specific - (For broader support of filters, use the Filters field - in GRPCRouteRule.)" - items: - description: GRPCRouteFilter defines processing steps - that must be completed during the request or response - lifecycle. GRPCRouteFilters are meant as an extension - point to express processing that may be done in Gateway - implementations. Some examples include request or - response modification, implementing authentication - strategies, rate-limiting, and traffic shaping. API - guarantee/conformance is defined based on the type - of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core API - group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema - for a filter that modifies request headers. \n - Support: Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for - a filter that mirrors requests. Requests are sent - to the specified destination, but responses from - that destination are ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource - where mirrored requests are sent. \n If the - referent cannot be found, this BackendRef - is invalid and must be dropped from the Gateway. - The controller must ensure the \"ResolvedRefs\" - condition on the Route status is set to `status: - False` and not configure this backend in the - underlying implementation. \n If there is - a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: - False`, with the \"RefNotPermitted\" reason - and not configure this backend in the underlying - implementation. \n In either error case, the - Message of the `ResolvedRefs` Condition should - be used to provide more detail about the problem. - \n Support: Extended for Kubernetes Service - \n Support: Implementation-specific for any - other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". - When unspecified or empty string, core - API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. - For example "HTTPRoute" or "Service". - Defaults to "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace - of the backend. When unspecified, the - local namespace is inferred. \n Note that - when a namespace is specified, a ReferenceGrant - object is required in the referent namespace - to allow that namespace's owner to accept - the reference. See the ReferenceGrant - documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination - port number to use for this resource. - Port is required when the referent is - a Kubernetes Service. In this case, the - port number is the service port number, - not the target port. For other resources, - destination port might be derived from - the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n - Support: Extended \n " - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It - appends to any existing values associated - with the header name. \n Input: GET /foo - HTTP/1.1 my-header: foo \n Config: add: - \ - name: \"my-header\" value: \"bar,baz\" - \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from - the HTTP request before the action. The value - of Remove is a list of HTTP header names. - Note that the header names are case-insensitive - (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: - foo my-header2: bar my-header3: baz \n - Config: remove: [\"my-header1\", \"my-header3\"] - \n Output: GET /foo HTTP/1.1 my-header2: - bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with - the given header (name, value) before the - action. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: set: - name: \"my-header\" - \ value: \"bar\" \n Output: GET /foo - HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP - Header name and value as defined by RFC - 7230. - properties: - name: - description: "Name is the name of the - HTTP Header to be matched. Name matching - MUST be case insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an - equivalent name MUST be considered for - a match. Subsequent entries with an - equivalent header name MUST be ignored. - Due to the case-insensitivity of header - names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP - Header to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter - to apply. As with other API fields, types are - classified into three conformance levels: \n - - Core: Filter types and their corresponding configuration - defined by \"Support: Core\" in this package, - e.g. \"RequestHeaderModifier\". All implementations - supporting GRPCRoute MUST support core filters. - \n - Extended: Filter types and their corresponding - configuration defined by \"Support: Extended\" - in this package, e.g. \"RequestMirror\". Implementers - \ are encouraged to support extended filters. - \n - Implementation-specific: Filters that are - defined and supported by specific vendors. In - the future, filters showing convergence in behavior - across multiple implementations will be considered - for inclusion in extended or core conformance - levels. Filter-specific configuration for such - filters is specified using the ExtensionRef - field. `Type` MUST be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged - to define custom implementation types to extend - the core API with implementation-specific behavior. - \n If a reference to a custom filter type cannot - be resolved, the filter MUST NOT be skipped. Instead, - requests that would have been processed by that - filter MUST receive a HTTP error response. \n " - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - group: - default: "" - description: Group is the group of the referent. For example, - "gateway.networking.k8s.io". When unspecified or empty - string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". Defaults to "Service" when - not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the backend. - When unspecified, the local namespace is inferred. \n - Note that when a namespace is specified, a ReferenceGrant - object is required in the referent namespace to allow - that namespace's owner to accept the reference. See - the ReferenceGrant documentation for details. \n Support: - Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port number - to use for this resource. Port is required when the - referent is a Kubernetes Service. In this case, the - port number is the service port number, not the target - port. For other resources, destination port might be - derived from the referent resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - weight: - default: 1 - description: "Weight specifies the proportion of requests - forwarded to the referenced backend. This is computed - as weight/(sum of all weights in this BackendRefs list). - For non-zero values, there may be some epsilon from - the exact proportion defined here depending on the precision - an implementation supports. Weight is not a percentage - and the sum of weights does not need to equal 100. \n - If only one backend is specified and it has a weight - greater than 0, 100% of the traffic is forwarded to - that backend. If weight is set to 0, no traffic should - be forwarded for this entry. If unspecified, weight - defaults to 1. \n Support for this field varies based - on the context where used." - format: int32 - maximum: 1000000 - minimum: 0 - type: integer - required: - - name - type: object - maxItems: 16 - type: array - filters: - description: "Filters define the filters that are applied to - requests that match this rule. \n The effects of ordering - of multiple behaviors are currently unspecified. This can - change in the future based on feedback during the alpha stage. - \n Conformance-levels at this level are defined based on the - type of filter: \n - ALL core filters MUST be supported by - all implementations that support GRPCRoute. - Implementers - are encouraged to support extended filters. - Implementation-specific - custom filters have no API guarantees across implementations. - \n Specifying a core filter multiple times has unspecified - or implementation-specific conformance. Support: Core" - items: - description: GRPCRouteFilter defines processing steps that - must be completed during the request or response lifecycle. - GRPCRouteFilters are meant as an extension point to express - processing that may be done in Gateway implementations. - Some examples include request or response modification, - implementing authentication strategies, rate-limiting, and - traffic shaping. API guarantee/conformance is defined based - on the type of the filter. - properties: - extensionRef: - description: "ExtensionRef is an optional, implementation-specific - extension to the \"filter\" behavior. For example, - resource \"myroutefilter\" in group \"networking.example.net\"). - ExtensionRef MUST NOT be used for core and extended - filters. \n Support: Implementation-specific" - properties: - group: - description: Group is the group of the referent. For - example, "gateway.networking.k8s.io". When unspecified - or empty string, core API group is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - description: Kind is kind of the referent. For example - "HTTPRoute" or "Service". - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - required: - - group - - kind - - name - type: object - requestHeaderModifier: - description: "RequestHeaderModifier defines a schema for - a filter that modifies request headers. \n Support: - Core" - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - requestMirror: - description: "RequestMirror defines a schema for a filter - that mirrors requests. Requests are sent to the specified - destination, but responses from that destination are - ignored. \n Support: Extended" - properties: - backendRef: - description: "BackendRef references a resource where - mirrored requests are sent. \n If the referent cannot - be found, this BackendRef is invalid and must be - dropped from the Gateway. The controller must ensure - the \"ResolvedRefs\" condition on the Route status - is set to `status: False` and not configure this - backend in the underlying implementation. \n If - there is a cross-namespace reference to an *existing* - object that is not allowed by a ReferenceGrant, - the controller must ensure the \"ResolvedRefs\" - \ condition on the Route is set to `status: False`, - with the \"RefNotPermitted\" reason and not configure - this backend in the underlying implementation. \n - In either error case, the Message of the `ResolvedRefs` - Condition should be used to provide more detail - about the problem. \n Support: Extended for Kubernetes - Service \n Support: Implementation-specific for - any other resource" - properties: - group: - default: "" - description: Group is the group of the referent. - For example, "gateway.networking.k8s.io". When - unspecified or empty string, core API group - is inferred. - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Service - description: Kind is kind of the referent. For - example "HTTPRoute" or "Service". Defaults to - "Service" when not specified. - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: Name is the name of the referent. - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the - backend. When unspecified, the local namespace - is inferred. \n Note that when a namespace is - specified, a ReferenceGrant object is required - in the referent namespace to allow that namespace's - owner to accept the reference. See the ReferenceGrant - documentation for details. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: Port specifies the destination port - number to use for this resource. Port is required - when the referent is a Kubernetes Service. In - this case, the port number is the service port - number, not the target port. For other resources, - destination port might be derived from the referent - resource or this field. - format: int32 - maximum: 65535 - minimum: 1 - type: integer - required: - - name - type: object - required: - - backendRef - type: object - responseHeaderModifier: - description: "ResponseHeaderModifier defines a schema - for a filter that modifies response headers. \n Support: - Extended \n " - properties: - add: - description: "Add adds the given header(s) (name, - value) to the request before the action. It appends - to any existing values associated with the header - name. \n Input: GET /foo HTTP/1.1 my-header: - foo \n Config: add: - name: \"my-header\" value: - \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header: - foo,bar,baz" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - remove: - description: "Remove the given header(s) from the - HTTP request before the action. The value of Remove - is a list of HTTP header names. Note that the header - names are case-insensitive (see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2). - \n Input: GET /foo HTTP/1.1 my-header1: foo - \ my-header2: bar my-header3: baz \n Config: - \ remove: [\"my-header1\", \"my-header3\"] \n Output: - \ GET /foo HTTP/1.1 my-header2: bar" - items: - type: string - maxItems: 16 - type: array - set: - description: "Set overwrites the request with the - given header (name, value) before the action. \n - Input: GET /foo HTTP/1.1 my-header: foo \n Config: - \ set: - name: \"my-header\" value: \"bar\" - \n Output: GET /foo HTTP/1.1 my-header: bar" - items: - description: HTTPHeader represents an HTTP Header - name and value as defined by RFC 7230. - properties: - name: - description: "Name is the name of the HTTP Header - to be matched. Name matching MUST be case - insensitive. (See https://tools.ietf.org/html/rfc7230#section-3.2). - \n If multiple entries specify equivalent - header names, the first entry with an equivalent - name MUST be considered for a match. Subsequent - entries with an equivalent header name MUST - be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - value: - description: Value is the value of HTTP Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: - description: "Type identifies the type of filter to apply. - As with other API fields, types are classified into - three conformance levels: \n - Core: Filter types and - their corresponding configuration defined by \"Support: - Core\" in this package, e.g. \"RequestHeaderModifier\". - All implementations supporting GRPCRoute MUST support - core filters. \n - Extended: Filter types and their - corresponding configuration defined by \"Support: - Extended\" in this package, e.g. \"RequestMirror\". - Implementers are encouraged to support extended filters. - \n - Implementation-specific: Filters that are defined - and supported by specific vendors. In the future, - filters showing convergence in behavior across multiple - \ implementations will be considered for inclusion - in extended or core conformance levels. Filter-specific - configuration for such filters is specified using - the ExtensionRef field. `Type` MUST be set to \"ExtensionRef\" - for custom filters. \n Implementers are encouraged to - define custom implementation types to extend the core - API with implementation-specific behavior. \n If a reference - to a custom filter type cannot be resolved, the filter - MUST NOT be skipped. Instead, requests that would have - been processed by that filter MUST receive a HTTP error - response. \n " - enum: - - ResponseHeaderModifier - - RequestHeaderModifier - - RequestMirror - - ExtensionRef - type: string - required: - - type - type: object - maxItems: 16 - type: array - matches: - default: - - method: - type: Exact - description: "Matches define conditions used for matching the - rule against incoming gRPC requests. Each match is independent, - i.e. this rule will be matched if **any** one of the matches - is satisfied. \n For example, take the following matches configuration: - \n ``` matches: - method: service: foo.bar headers: - \ values: version: 2 - method: service: foo.bar.v2 - ``` \n For a request to match against this rule, it MUST satisfy - EITHER of the two conditions: \n - service of foo.bar AND - contains the header `version: 2` - service of foo.bar.v2 \n - See the documentation for GRPCRouteMatch on how to specify - multiple match conditions to be ANDed together. \n If no matches - are specified, the implementation MUST match every gRPC request. - \n Proxy or Load Balancer routing configuration generated - from GRPCRoutes MUST prioritize rules based on the following - criteria, continuing on ties. Merging MUST not be done between - GRPCRoutes and HTTPRoutes. Precedence MUST be given to the - rule with the largest number of: \n * Characters in a matching - non-wildcard hostname. * Characters in a matching hostname. - * Characters in a matching service. * Characters in a matching - method. * Header matches. \n If ties still exist across multiple - Routes, matching precedence MUST be determined in order of - the following criteria, continuing on ties: \n * The oldest - Route based on creation timestamp. * The Route appearing first - in alphabetical order by \"{namespace}/{name}\". \n If ties - still exist within the Route that has been given precedence, - matching precedence MUST be granted to the first matching - rule meeting the above criteria." - items: - description: "GRPCRouteMatch defines the predicate used to - match requests to a given action. Multiple match types are - ANDed together, i.e. the match will evaluate to true only - if all conditions are satisfied. \n For example, the match - below will match a gRPC request only if its service is `foo` - AND it contains the `version: v1` header: \n ``` matches: - \ - method: type: Exact service: \"foo\" headers: - \ - name: \"version\" value \"v1\" \n ```" - properties: - headers: - description: Headers specifies gRPC request header matchers. - Multiple match values are ANDed together, meaning, a - request MUST match all the specified headers to select - the route. - items: - description: GRPCHeaderMatch describes how to select - a gRPC route by matching gRPC request headers. - properties: - name: - description: "Name is the name of the gRPC Header - to be matched. \n If multiple entries specify - equivalent header names, only the first entry - with an equivalent name MUST be considered for - a match. Subsequent entries with an equivalent - header name MUST be ignored. Due to the case-insensitivity - of header names, \"foo\" and \"Foo\" are considered - equivalent." - maxLength: 256 - minLength: 1 - pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ - type: string - type: - default: Exact - description: Type specifies how to match against - the value of the header. - enum: - - Exact - - RegularExpression - type: string - value: - description: Value is the value of the gRPC Header - to be matched. - maxLength: 4096 - minLength: 1 - type: string - required: - - name - - value - type: object - maxItems: 16 - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - method: - default: - type: Exact - description: Method specifies a gRPC request service/method - matcher. If this field is not specified, all services - and methods will match. - properties: - method: - description: "Value of the method to match against. - If left empty or omitted, will match all services. - \n At least one of Service and Method MUST be a - non-empty string. \n A GRPC Method must be a valid - Protobuf Method (https://protobuf.com/docs/language-spec#methods)." - maxLength: 1024 - pattern: ^[A-Za-z_][A-Za-z_0-9]*$ - type: string - service: - description: "Value of the service to match against. - If left empty or omitted, will match any service. - \n At least one of Service and Method MUST be a - non-empty string. \n A GRPC Service must be a valid - Protobuf Type Name (https://protobuf.com/docs/language-spec#type-references)." - maxLength: 1024 - pattern: ^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$ - type: string - type: - default: Exact - description: "Type specifies how to match against - the service and/or method. Support: Core (Exact - with service and method specified) \n Support: Implementation-specific - (Exact with method specified but no service specified) - \n Support: Implementation-specific (RegularExpression)" - enum: - - Exact - - RegularExpression - type: string - type: object - type: object - maxItems: 8 - type: array - type: object - maxItems: 16 - type: array - type: object - status: - description: Status defines the current state of GRPCRoute. - properties: - parents: - description: "Parents is a list of parent resources (usually Gateways) - that are associated with the route, and the status of the route - with respect to each parent. When this route attaches to a parent, - the controller that manages the parent must add an entry to this - list when the controller first sees the route and should update - the entry as appropriate when the route or gateway is modified. - \n Note that parent references that cannot be resolved by an implementation - of this API will not be added to this list. Implementations of this - API can only populate Route status for the Gateways/parent resources - they are responsible for. \n A maximum of 32 Gateways will be represented - in this list. An empty list means the route has not been attached - to any Gateway." - items: - description: RouteParentStatus describes the status of a route with - respect to an associated Parent. - properties: - conditions: - description: "Conditions describes the status of the route with - respect to the Gateway. Note that the route's availability - is also subject to the Gateway's own status conditions and - listener status. \n If the Route's ParentRef specifies an - existing Gateway that supports Routes of this kind AND that - Gateway's controller has sufficient access, then that Gateway's - controller MUST set the \"Accepted\" condition on the Route, - to indicate whether the route has been accepted or rejected - by the Gateway, and why. \n A Route MUST be considered \"Accepted\" - if at least one of the Route's rules is implemented by the - Gateway. \n There are a number of cases where the \"Accepted\" - condition may not be set due to lack of controller visibility, - that includes when: \n * The Route refers to a non-existent - parent. * The Route is of a type that the controller does - not support. * The Route is in a namespace the controller - does not have access to." - items: - description: "Condition contains details for one aspect of - the current state of this API Resource. --- This struct - is intended for direct use as an array at the field path - .status.conditions. For example, \n \ttype FooStatus struct{ - \t // Represents the observations of a foo's current - state. \t // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" \t // +patchMergeKey=type - \t // +patchStrategy=merge \t // +listType=map \t - \ // +listMapKey=type \t Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n \t // other - fields \t}" - properties: - lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should - be when the underlying condition changed. If that is - not known, then using the time when the API field changed - is acceptable. - format: date-time - type: string - message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, - if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the - current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: reason contains a programmatic identifier - indicating the reason for the condition's last transition. - Producers of specific condition types may define expected - values and meanings for this field, and whether the - values are considered a guaranteed API. The value should - be a CamelCase string. This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, - Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across - resources like Available, but because arbitrary conditions - can be useful (see .node.status.conditions), the ability - to deconflict is important. The regex it matches is - (dns1123SubdomainFmt/)?(qualifiedNameFmt) - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - maxItems: 8 - minItems: 1 - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - controllerName: - description: "ControllerName is a domain/path string that indicates - the name of the controller that wrote this status. This corresponds - with the controllerName field on GatewayClass. \n Example: - \"example.net/gateway-controller\". \n The format of this - field is DOMAIN \"/\" PATH, where DOMAIN and PATH are valid - Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - \n Controllers MUST populate this field when writing status. - Controllers should ensure that entries to status populated - with their ControllerName are cleaned up when they are no - longer necessary." - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ - type: string - parentRef: - description: ParentRef corresponds with a ParentRef in the spec - that this RouteParentStatus struct describes the status of. - properties: - group: - default: gateway.networking.k8s.io - description: "Group is the group of the referent. When unspecified, - \"gateway.networking.k8s.io\" is inferred. To set the - core API group (such as for a \"Service\" kind referent), - Group must be explicitly set to \"\" (empty string). \n - Support: Core" - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - kind: - default: Gateway - description: "Kind is kind of the referent. \n Support: - Core (Gateway) \n Support: Implementation-specific (Other - Resources)" - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - type: string - name: - description: "Name is the name of the referent. \n Support: - Core" - maxLength: 253 - minLength: 1 - type: string - namespace: - description: "Namespace is the namespace of the referent. - When unspecified, this refers to the local namespace of - the Route. \n Note that there are specific rules for ParentRefs - which cross namespace boundaries. Cross-namespace references - are only valid if they are explicitly allowed by something - in the namespace they are referring to. For example: Gateway - has the AllowedRoutes field, and ReferenceGrant provides - a generic way to enable any other kind of cross-namespace - reference. \n Support: Core" - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string - port: - description: "Port is the network port this Route targets. - It can be interpreted differently based on the type of - parent resource. \n When the parent resource is a Gateway, - this targets all listeners listening on the specified - port that also support this kind of Route(and select this - Route). It's not recommended to set `Port` unless the - networking behaviors specified in a Route must apply to - a specific port as opposed to a listener(s) whose port(s) - may be changed. When both Port and SectionName are specified, - the name and port of the selected listener must match - both specified values. \n Implementations MAY choose to - support other parent resources. Implementations supporting - other types of parent resources MUST clearly document - how/if Port is interpreted. \n For the purpose of status, - an attachment is considered successful as long as the - parent resource accepts it partially. For example, Gateway - listeners can restrict which Routes can attach to them - by Route kind, namespace, or hostname. If 1 of 2 Gateway - listeners accept attachment from the referencing Route, - the Route MUST be considered successfully attached. If - no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Extended \n " - format: int32 - maximum: 65535 - minimum: 1 - type: integer - sectionName: - description: "SectionName is the name of a section within - the target resource. In the following resources, SectionName - is interpreted as the following: \n * Gateway: Listener - Name. When both Port (experimental) and SectionName are - specified, the name and port of the selected listener - must match both specified values. \n Implementations MAY - choose to support attaching Routes to other resources. - If that is the case, they MUST clearly document how SectionName - is interpreted. \n When unspecified (empty string), this - will reference the entire resource. For the purpose of - status, an attachment is considered successful if at least - one section in the parent resource accepts it. For example, - Gateway listeners can restrict which Routes can attach - to them by Route kind, namespace, or hostname. If 1 of - 2 Gateway listeners accept attachment from the referencing - Route, the Route MUST be considered successfully attached. - If no Gateway listeners accept attachment from this Route, - the Route MUST be considered detached from the Gateway. - \n Support: Core" - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - type: string - required: - - name - type: object - required: - - controllerName - - parentRef - type: object - maxItems: 32 - type: array - required: - - parents - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] \ No newline at end of file diff --git a/pkg/apis/applicationnetworking/v1alpha1/accesslogpolicy_types.go b/pkg/apis/applicationnetworking/v1alpha1/accesslogpolicy_types.go index 2f9c0ad6..4c599ff8 100644 --- a/pkg/apis/applicationnetworking/v1alpha1/accesslogpolicy_types.go +++ b/pkg/apis/applicationnetworking/v1alpha1/accesslogpolicy_types.go @@ -1,13 +1,12 @@ package v1alpha1 import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/types" - "sigs.k8s.io/gateway-api/apis/v1alpha2" - "github.com/aws/aws-application-networking-k8s/pkg/k8s" "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/pkg/utils" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/types" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) const ( @@ -53,7 +52,7 @@ type AccessLogPolicySpec struct { // TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. // // This field is following the guidelines of Kubernetes Gateway API policy attachment. - TargetRef *v1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef *gwv1alpha2.NamespacedPolicyTargetReference `json:"targetRef"` } // AccessLogPolicyStatus defines the observed state of AccessLogPolicy. @@ -78,7 +77,7 @@ type AccessLogPolicyStatus struct { Conditions []metav1.Condition `json:"conditions,omitempty"` } -func (p *AccessLogPolicy) GetTargetRef() *v1alpha2.PolicyTargetReference { +func (p *AccessLogPolicy) GetTargetRef() *gwv1alpha2.NamespacedPolicyTargetReference { return p.Spec.TargetRef } diff --git a/pkg/apis/applicationnetworking/v1alpha1/authpolicy_types.go b/pkg/apis/applicationnetworking/v1alpha1/authpolicy_types.go index 9f75e7ed..ee3c2124 100644 --- a/pkg/apis/applicationnetworking/v1alpha1/authpolicy_types.go +++ b/pkg/apis/applicationnetworking/v1alpha1/authpolicy_types.go @@ -2,7 +2,7 @@ package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) const ( @@ -47,7 +47,7 @@ type IAMAuthPolicySpec struct { // TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. // // This field is following the guidelines of Kubernetes Gateway API policy attachment. - TargetRef *v1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef *gwv1alpha2.NamespacedPolicyTargetReference `json:"targetRef"` } // IAMAuthPolicyStatus defines the observed state of IAMAuthPolicy. @@ -72,7 +72,7 @@ type IAMAuthPolicyStatus struct { Conditions []metav1.Condition `json:"conditions,omitempty"` } -func (p *IAMAuthPolicy) GetTargetRef() *v1alpha2.PolicyTargetReference { +func (p *IAMAuthPolicy) GetTargetRef() *gwv1alpha2.NamespacedPolicyTargetReference { return p.Spec.TargetRef } diff --git a/pkg/apis/applicationnetworking/v1alpha1/targetgrouppolicy_types.go b/pkg/apis/applicationnetworking/v1alpha1/targetgrouppolicy_types.go index 222de1b2..7a59799a 100644 --- a/pkg/apis/applicationnetworking/v1alpha1/targetgrouppolicy_types.go +++ b/pkg/apis/applicationnetworking/v1alpha1/targetgrouppolicy_types.go @@ -2,7 +2,7 @@ package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) const ( @@ -55,7 +55,7 @@ type TargetGroupPolicySpec struct { // TargetRef points to the kubernetes Service resource that will have this policy attached. // // This field is following the guidelines of Kubernetes Gateway API policy attachment. - TargetRef *v1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef *gwv1alpha2.NamespacedPolicyTargetReference `json:"targetRef"` // The health check configuration. // @@ -156,7 +156,7 @@ const ( HealthCheckProtocolVersionHTTP2 HealthCheckProtocolVersion = "HTTP2" ) -func (p *TargetGroupPolicy) GetTargetRef() *v1alpha2.PolicyTargetReference { +func (p *TargetGroupPolicy) GetTargetRef() *gwv1alpha2.NamespacedPolicyTargetReference { return p.Spec.TargetRef } diff --git a/pkg/apis/applicationnetworking/v1alpha1/vpcassociationpolicy_types.go b/pkg/apis/applicationnetworking/v1alpha1/vpcassociationpolicy_types.go index 6646dbe3..d7663507 100644 --- a/pkg/apis/applicationnetworking/v1alpha1/vpcassociationpolicy_types.go +++ b/pkg/apis/applicationnetworking/v1alpha1/vpcassociationpolicy_types.go @@ -2,7 +2,7 @@ package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) const ( @@ -59,7 +59,7 @@ type VpcAssociationPolicySpec struct { // TargetRef points to the kubernetes Gateway resource that will have this policy attached. // // This field is following the guidelines of Kubernetes Gateway API policy attachment. - TargetRef *v1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef *gwv1alpha2.NamespacedPolicyTargetReference `json:"targetRef"` } // VpcAssociationPolicyStatus defines the observed state of VpcAssociationPolicy. @@ -83,7 +83,7 @@ type VpcAssociationPolicyStatus struct { Conditions []metav1.Condition `json:"conditions,omitempty"` } -func (p *VpcAssociationPolicy) GetTargetRef() *v1alpha2.PolicyTargetReference { +func (p *VpcAssociationPolicy) GetTargetRef() *gwv1alpha2.NamespacedPolicyTargetReference { return p.Spec.TargetRef } diff --git a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go index 924b6931..ec0f0eaf 100644 --- a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go @@ -8,7 +8,7 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -80,7 +80,7 @@ func (in *AccessLogPolicySpec) DeepCopyInto(out *AccessLogPolicySpec) { } if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.PolicyTargetReference) + *out = new(gwv1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } } @@ -261,7 +261,7 @@ func (in *IAMAuthPolicySpec) DeepCopyInto(out *IAMAuthPolicySpec) { *out = *in if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.PolicyTargetReference) + *out = new(gwv1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } } @@ -612,7 +612,7 @@ func (in *TargetGroupPolicySpec) DeepCopyInto(out *TargetGroupPolicySpec) { } if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.PolicyTargetReference) + *out = new(gwv1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } if in.HealthCheck != nil { @@ -728,7 +728,7 @@ func (in *VpcAssociationPolicySpec) DeepCopyInto(out *VpcAssociationPolicySpec) } if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.PolicyTargetReference) + *out = new(gwv1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } } diff --git a/pkg/controllers/accesslogpolicy_controller.go b/pkg/controllers/accesslogpolicy_controller.go index 0888a002..c6f2686d 100644 --- a/pkg/controllers/accesslogpolicy_controller.go +++ b/pkg/controllers/accesslogpolicy_controller.go @@ -34,8 +34,8 @@ import ( "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/predicate" "sigs.k8s.io/controller-runtime/pkg/reconcile" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/aws/aws-application-networking-k8s/pkg/aws" @@ -95,9 +95,9 @@ func RegisterAccessLogPolicyController( builder := ctrl.NewControllerManagedBy(mgr). For(&anv1alpha1.AccessLogPolicy{}, pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). - Watches(&gwv1beta1.Gateway{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). - Watches(&gwv1beta1.HTTPRoute{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). - Watches(&gwv1alpha2.GRPCRoute{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). + Watches(&gwv1.Gateway{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). + Watches(&gwv1.HTTPRoute{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). + Watches(&gwv1.GRPCRoute{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})). Watches(&gwv1alpha2.TLSRoute{}, handler.EnqueueRequestsFromMapFunc(r.findImpactedAccessLogPolicies), pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})) return builder.Complete(r) @@ -164,9 +164,9 @@ func (r *accessLogPolicyReconciler) reconcileUpsert(ctx context.Context, alp *an return err } - if alp.Spec.TargetRef.Group != gwv1beta1.GroupName { + if alp.Spec.TargetRef.Group != gwv1.GroupName { message := fmt.Sprintf("The targetRef's Group must be \"%s\" but was \"%s\"", - gwv1beta1.GroupName, alp.Spec.TargetRef.Group) + gwv1.GroupName, alp.Spec.TargetRef.Group) r.eventRecorder.Event(alp, corev1.EventTypeWarning, k8s.FailedReconcileEvent, message) return r.updateAccessLogPolicyStatus(ctx, alp, gwv1alpha2.PolicyReasonInvalid, message) } @@ -238,13 +238,13 @@ func (r *accessLogPolicyReconciler) targetRefExists(ctx context.Context, alp *an switch alp.Spec.TargetRef.Kind { case "Gateway": - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} err = r.client.Get(ctx, targetRefNamespacedName, gw) case "HTTPRoute": - httpRoute := &gwv1beta1.HTTPRoute{} + httpRoute := &gwv1.HTTPRoute{} err = r.client.Get(ctx, targetRefNamespacedName, httpRoute) case "GRPCRoute": - grpcRoute := &gwv1alpha2.GRPCRoute{} + grpcRoute := &gwv1.GRPCRoute{} err = r.client.Get(ctx, targetRefNamespacedName, grpcRoute) default: return false, fmt.Errorf("Access Log Policy targetRef is for unsupported Kind: %s", alp.Spec.TargetRef.Kind) diff --git a/pkg/controllers/eventhandlers/gateway.go b/pkg/controllers/eventhandlers/gateway.go index 07622b1b..9208c406 100644 --- a/pkg/controllers/eventhandlers/gateway.go +++ b/pkg/controllers/eventhandlers/gateway.go @@ -16,7 +16,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - gateway_api "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/aws/aws-application-networking-k8s/pkg/config" ) @@ -35,8 +35,8 @@ func NewEnqueueRequestGatewayEvent(log gwlog.Logger, client client.Client) handl var ZeroTransitionTime = metav1.NewTime(time.Time{}) -func (h *enqueueRequestsForGatewayEvent) Create(ctx context.Context, e event.CreateEvent, queue workqueue.RateLimitingInterface) { - gwNew := e.Object.(*gateway_api.Gateway) +func (h *enqueueRequestsForGatewayEvent) Create(ctx context.Context, e event.CreateEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { + gwNew := e.Object.(*gwv1.Gateway) h.log.Infof(ctx, "Received Create event for Gateway %s-%s", gwNew.Name, gwNew.Namespace) @@ -45,9 +45,9 @@ func (h *enqueueRequestsForGatewayEvent) Create(ctx context.Context, e event.Cre h.enqueueImpactedRoutes(ctx, queue) } -func (h *enqueueRequestsForGatewayEvent) Update(ctx context.Context, e event.UpdateEvent, queue workqueue.RateLimitingInterface) { - gwOld := e.ObjectOld.(*gateway_api.Gateway) - gwNew := e.ObjectNew.(*gateway_api.Gateway) +func (h *enqueueRequestsForGatewayEvent) Update(ctx context.Context, e event.UpdateEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { + gwOld := e.ObjectOld.(*gwv1.Gateway) + gwNew := e.ObjectNew.(*gwv1.Gateway) h.log.Infof(ctx, "Received Update event for Gateway %s-%s", gwNew.GetName(), gwNew.GetNamespace()) @@ -58,15 +58,15 @@ func (h *enqueueRequestsForGatewayEvent) Update(ctx context.Context, e event.Upd } } -func (h *enqueueRequestsForGatewayEvent) Delete(ctx context.Context, e event.DeleteEvent, queue workqueue.RateLimitingInterface) { +func (h *enqueueRequestsForGatewayEvent) Delete(ctx context.Context, e event.DeleteEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { // TODO: delete gateway } -func (h *enqueueRequestsForGatewayEvent) Generic(ctx context.Context, e event.GenericEvent, queue workqueue.RateLimitingInterface) { +func (h *enqueueRequestsForGatewayEvent) Generic(ctx context.Context, e event.GenericEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { } -func (h *enqueueRequestsForGatewayEvent) enqueueImpactedRoutes(ctx context.Context, queue workqueue.RateLimitingInterface) { +func (h *enqueueRequestsForGatewayEvent) enqueueImpactedRoutes(ctx context.Context, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { routes, err := core.ListAllRoutes(ctx, h.client) if err != nil { h.log.Errorf(ctx, "Failed to list all routes, %s", err) @@ -90,14 +90,14 @@ func (h *enqueueRequestsForGatewayEvent) enqueueImpactedRoutes(ctx context.Conte Name: string(route.Spec().ParentRefs()[0].Name), } - gw := &gateway_api.Gateway{} + gw := &gwv1.Gateway{} if err := h.client.Get(ctx, gwName, gw); err != nil { h.log.Debugf(ctx, "Ignoring Route with unknown parentRef %s-%s", route.Name(), route.Namespace()) continue } // find the parent gateway class name - gwClass := &gateway_api.GatewayClass{} + gwClass := &gwv1.GatewayClass{} gwClassName := types.NamespacedName{ Namespace: "default", Name: string(gw.Spec.GatewayClassName), diff --git a/pkg/controllers/eventhandlers/gatewayclass.go b/pkg/controllers/eventhandlers/gatewayclass.go index 32501f24..88258094 100644 --- a/pkg/controllers/eventhandlers/gatewayclass.go +++ b/pkg/controllers/eventhandlers/gatewayclass.go @@ -9,7 +9,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" - gateway_api "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/aws/aws-application-networking-k8s/pkg/config" "github.com/aws/aws-application-networking-k8s/pkg/utils/gwlog" @@ -27,26 +27,26 @@ type enqueueRequestsForGatewayClassEvent struct { client client.Client } -func (h *enqueueRequestsForGatewayClassEvent) Create(ctx context.Context, e event.CreateEvent, queue workqueue.RateLimitingInterface) { - gwClassNew := e.Object.(*gateway_api.GatewayClass) +func (h *enqueueRequestsForGatewayClassEvent) Create(ctx context.Context, e event.CreateEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { + gwClassNew := e.Object.(*gwv1.GatewayClass) h.enqueueImpactedGateway(ctx, queue, gwClassNew) } -func (h *enqueueRequestsForGatewayClassEvent) Update(ctx context.Context, e event.UpdateEvent, queue workqueue.RateLimitingInterface) { +func (h *enqueueRequestsForGatewayClassEvent) Update(ctx context.Context, e event.UpdateEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { } -func (h *enqueueRequestsForGatewayClassEvent) Delete(ctx context.Context, e event.DeleteEvent, queue workqueue.RateLimitingInterface) { +func (h *enqueueRequestsForGatewayClassEvent) Delete(ctx context.Context, e event.DeleteEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { } -func (h *enqueueRequestsForGatewayClassEvent) Generic(ctx context.Context, e event.GenericEvent, queue workqueue.RateLimitingInterface) { +func (h *enqueueRequestsForGatewayClassEvent) Generic(ctx context.Context, e event.GenericEvent, queue workqueue.TypedRateLimitingInterface[reconcile.Request]) { } func (h *enqueueRequestsForGatewayClassEvent) enqueueImpactedGateway( ctx context.Context, - queue workqueue.RateLimitingInterface, - gwClass *gateway_api.GatewayClass, + queue workqueue.TypedRateLimitingInterface[reconcile.Request], + gwClass *gwv1.GatewayClass, ) { - gwList := &gateway_api.GatewayList{} + gwList := &gwv1.GatewayList{} err := h.client.List(ctx, gwList) if err != nil { h.log.Errorf(ctx, "Error listing Gateways during GatewayClass event %s", err) diff --git a/pkg/controllers/eventhandlers/mapper.go b/pkg/controllers/eventhandlers/mapper.go index 37c4c5ea..1d8fc0c9 100644 --- a/pkg/controllers/eventhandlers/mapper.go +++ b/pkg/controllers/eventhandlers/mapper.go @@ -3,20 +3,17 @@ package eventhandlers import ( "context" "fmt" - - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/types" - "sigs.k8s.io/controller-runtime/pkg/client" - gateway_api_v1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gateway_api "sigs.k8s.io/gateway-api/apis/v1beta1" - anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" k8sutils "github.com/aws/aws-application-networking-k8s/pkg/k8s" "github.com/aws/aws-application-networking-k8s/pkg/k8s/policyhelper" "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/pkg/utils/gwlog" + corev1 "k8s.io/api/core/v1" discoveryv1 "k8s.io/api/discovery/v1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) type resourceMapper struct { @@ -85,8 +82,8 @@ func (r *resourceMapper) TargetGroupPolicyToService(ctx context.Context, tgp *an return policyToTargetRefObj(r, ctx, tgp, &corev1.Service{}) } -func (r *resourceMapper) VpcAssociationPolicyToGateway(ctx context.Context, vap *anv1alpha1.VpcAssociationPolicy) *gateway_api.Gateway { - return policyToTargetRefObj(r, ctx, vap, &gateway_api.Gateway{}) +func (r *resourceMapper) VpcAssociationPolicyToGateway(ctx context.Context, vap *anv1alpha1.VpcAssociationPolicy) *gwv1.Gateway { + return policyToTargetRefObj(r, ctx, vap, &gwv1.Gateway{}) } func policyToTargetRefObj[T client.Object](r *resourceMapper, ctx context.Context, policy policyhelper.Policy, retObj T) T { @@ -148,12 +145,12 @@ func policyToTargetRefObj[T client.Object](r *resourceMapper, ctx context.Contex return retObj } -func k8sResourceTypeToGroupAndKind(obj client.Object) (gateway_api.Group, gateway_api.Kind, error) { +func k8sResourceTypeToGroupAndKind(obj client.Object) (gwv1.Group, gwv1.Kind, error) { switch obj.(type) { case *corev1.Service: return corev1.GroupName, serviceKind, nil - case *gateway_api.Gateway: - return gateway_api.GroupName, gatewayKind, nil + case *gwv1.Gateway: + return gwv1.GroupName, gatewayKind, nil default: return "", "", fmt.Errorf("un-registered obj type: %T", obj) } @@ -166,13 +163,13 @@ func (r *resourceMapper) backendRefToRoutes(ctx context.Context, obj client.Obje var routes []core.Route switch routeType { case core.HttpRouteType: - routeList := &gateway_api.HTTPRouteList{} + routeList := &gwv1.HTTPRouteList{} r.client.List(ctx, routeList) for _, k8sRoute := range routeList.Items { routes = append(routes, core.NewHTTPRoute(k8sRoute)) } case core.GrpcRouteType: - routeList := &gateway_api_v1alpha2.GRPCRouteList{} + routeList := &gwv1.GRPCRouteList{} r.client.List(ctx, routeList) for _, k8sRoute := range routeList.Items { routes = append(routes, core.NewGRPCRoute(k8sRoute)) diff --git a/pkg/controllers/eventhandlers/mapper_test.go b/pkg/controllers/eventhandlers/mapper_test.go index b6992d2f..86786fbd 100644 --- a/pkg/controllers/eventhandlers/mapper_test.go +++ b/pkg/controllers/eventhandlers/mapper_test.go @@ -11,8 +11,8 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" mock_client "github.com/aws/aws-application-networking-k8s/mocks/controller-runtime/client" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" @@ -20,18 +20,18 @@ import ( "github.com/aws/aws-application-networking-k8s/pkg/utils/gwlog" ) -func createHTTPRoute(name, namespace string, backendRef gwv1beta1.BackendObjectReference) gwv1beta1.HTTPRoute { - return gwv1beta1.HTTPRoute{ +func createHTTPRoute(name, namespace string, backendRef gwv1.BackendObjectReference) gwv1.HTTPRoute { + return gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: gwv1beta1.HTTPRouteSpec{ - Rules: []gwv1beta1.HTTPRouteRule{ + Spec: gwv1.HTTPRouteSpec{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ + BackendRef: gwv1.BackendRef{ BackendObjectReference: backendRef, }, }, @@ -46,48 +46,48 @@ func TestServiceToRoutes(t *testing.T) { c := gomock.NewController(t) defer c.Finish() - routes := []gwv1beta1.HTTPRoute{ - createHTTPRoute("invalid-kind", "ns1", gwv1beta1.BackendObjectReference{ - Kind: (*gwv1beta1.Kind)(ptr.To("NotService")), + routes := []gwv1.HTTPRoute{ + createHTTPRoute("invalid-kind", "ns1", gwv1.BackendObjectReference{ + Kind: (*gwv1.Kind)(ptr.To("NotService")), Name: "test-service", }), - createHTTPRoute("invalid-nil-kind", "ns1", gwv1beta1.BackendObjectReference{ + createHTTPRoute("invalid-nil-kind", "ns1", gwv1.BackendObjectReference{ Kind: nil, Namespace: nil, Name: "test-service", }), - createHTTPRoute("valid-nil-group", "ns1", gwv1beta1.BackendObjectReference{ + createHTTPRoute("valid-nil-group", "ns1", gwv1.BackendObjectReference{ Group: nil, - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), + Kind: (*gwv1.Kind)(ptr.To("Service")), Namespace: nil, Name: "test-service", }), - createHTTPRoute("invalid-group", "ns1", gwv1beta1.BackendObjectReference{ - Group: (*gwv1beta1.Group)(ptr.To("not-core")), - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), + createHTTPRoute("invalid-group", "ns1", gwv1.BackendObjectReference{ + Group: (*gwv1.Group)(ptr.To("not-core")), + Kind: (*gwv1.Kind)(ptr.To("Service")), Namespace: nil, Name: "test-service", }), - createHTTPRoute("valid-inferred-namespace", "ns1", gwv1beta1.BackendObjectReference{ - Group: (*gwv1beta1.Group)(ptr.To("")), - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), + createHTTPRoute("valid-inferred-namespace", "ns1", gwv1.BackendObjectReference{ + Group: (*gwv1.Group)(ptr.To("")), + Kind: (*gwv1.Kind)(ptr.To("Service")), Namespace: nil, Name: "test-service", }), - createHTTPRoute("valid-explicit-namespace", "ns1", gwv1beta1.BackendObjectReference{ - Group: (*gwv1beta1.Group)(ptr.To("")), - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), - Namespace: (*gwv1beta1.Namespace)(ptr.To("ns1")), + createHTTPRoute("valid-explicit-namespace", "ns1", gwv1.BackendObjectReference{ + Group: (*gwv1.Group)(ptr.To("")), + Kind: (*gwv1.Kind)(ptr.To("Service")), + Namespace: (*gwv1.Namespace)(ptr.To("ns1")), Name: "test-service", }), - createHTTPRoute("invalid-different-namespace", "ns1", gwv1beta1.BackendObjectReference{ - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), - Namespace: (*gwv1beta1.Namespace)(ptr.To("ns2")), + createHTTPRoute("invalid-different-namespace", "ns1", gwv1.BackendObjectReference{ + Kind: (*gwv1.Kind)(ptr.To("Service")), + Namespace: (*gwv1.Namespace)(ptr.To("ns2")), Name: "test-service", }), - createHTTPRoute("invalid-different-name", "ns1", gwv1beta1.BackendObjectReference{ - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), - Namespace: (*gwv1beta1.Namespace)(ptr.To("ns1")), + createHTTPRoute("invalid-different-name", "ns1", gwv1.BackendObjectReference{ + Kind: (*gwv1.Kind)(ptr.To("Service")), + Namespace: (*gwv1.Namespace)(ptr.To("ns1")), Name: "not-test-service", }), } @@ -99,7 +99,7 @@ func TestServiceToRoutes(t *testing.T) { mockClient := mock_client.NewMockClient(c) mockClient.EXPECT().List(gomock.Any(), gomock.Any()).DoAndReturn( - func(ctx context.Context, routeList *gwv1beta1.HTTPRouteList, _ ...interface{}) error { + func(ctx context.Context, routeList *gwv1.HTTPRouteList, _ ...interface{}) error { routeList.Items = append(routeList.Items, routes...) return nil }, @@ -128,34 +128,34 @@ func TestTargetGroupPolicyToService(t *testing.T) { testCases := []struct { namespace string - targetKind gwv1beta1.Kind - targetNamespace *gwv1beta1.Namespace + targetKind gwv1.Kind + targetNamespace *gwv1.Namespace serviceFound bool success bool }{ { namespace: ns1, targetKind: "Service", - targetNamespace: (*gwv1beta1.Namespace)(&ns2), + targetNamespace: (*gwv1.Namespace)(&ns2), success: false, }, { namespace: ns1, targetKind: "NotService", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), success: false, }, { namespace: ns1, targetKind: "Service", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), serviceFound: false, success: false, }, { namespace: ns1, targetKind: "Service", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), serviceFound: true, success: true, }, @@ -183,7 +183,7 @@ func TestTargetGroupPolicyToService(t *testing.T) { Namespace: tt.namespace, }, Spec: anv1alpha1.TargetGroupPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Group: "", Kind: tt.targetKind, Name: "test-service", @@ -210,8 +210,8 @@ func TestVpcAssociationPolicyToGateway(t *testing.T) { testCases := []struct { testCaseName string namespace string - targetKind gwv1beta1.Kind - targetNamespace *gwv1beta1.Namespace + targetKind gwv1.Kind + targetNamespace *gwv1.Namespace gatewayFound bool expectSuccess bool }{ @@ -219,28 +219,28 @@ func TestVpcAssociationPolicyToGateway(t *testing.T) { testCaseName: "namespace not match", namespace: ns1, targetKind: "Gateway", - targetNamespace: (*gwv1beta1.Namespace)(&ns2), + targetNamespace: (*gwv1.Namespace)(&ns2), expectSuccess: false, }, { testCaseName: "targetKind not match scenario 1", namespace: ns1, targetKind: "NotGateway", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), expectSuccess: false, }, { testCaseName: "targetKind not match scenario 2", namespace: ns1, targetKind: "Service", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), expectSuccess: false, }, { testCaseName: "gateway not found", namespace: ns1, targetKind: "Gateway", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), gatewayFound: false, expectSuccess: false, }, @@ -248,7 +248,7 @@ func TestVpcAssociationPolicyToGateway(t *testing.T) { testCaseName: "gateway found, targetRef namespace match", namespace: ns1, targetKind: "Gateway", - targetNamespace: (*gwv1beta1.Namespace)(&ns1), + targetNamespace: (*gwv1.Namespace)(&ns1), gatewayFound: true, expectSuccess: true, }, @@ -273,7 +273,7 @@ func TestVpcAssociationPolicyToGateway(t *testing.T) { } var targetRefGroupName string if tt.targetKind == "Gateway" { - targetRefGroupName = gwv1beta1.GroupName + targetRefGroupName = gwv1.GroupName } else if tt.targetKind == "Service" { targetRefGroupName = corev1.GroupName } @@ -285,8 +285,8 @@ func TestVpcAssociationPolicyToGateway(t *testing.T) { }, Spec: anv1alpha1.VpcAssociationPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.Group(targetRefGroupName), + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.Group(targetRefGroupName), Kind: tt.targetKind, Name: "test-gw", Namespace: tt.targetNamespace, diff --git a/pkg/controllers/eventhandlers/service_test.go b/pkg/controllers/eventhandlers/service_test.go index 49d4fa1a..3352ff89 100644 --- a/pkg/controllers/eventhandlers/service_test.go +++ b/pkg/controllers/eventhandlers/service_test.go @@ -11,8 +11,8 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" mock_client "github.com/aws/aws-application-networking-k8s/mocks/controller-runtime/client" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" @@ -24,11 +24,11 @@ func TestServiceEventHandler_MapToRoute(t *testing.T) { c := gomock.NewController(t) defer c.Finish() - routes := []gwv1beta1.HTTPRoute{ - createHTTPRoute("valid-route", "ns1", gwv1beta1.BackendObjectReference{ - Group: (*gwv1beta1.Group)(ptr.To("")), - Kind: (*gwv1beta1.Kind)(ptr.To("Service")), - Namespace: (*gwv1beta1.Namespace)(ptr.To("ns1")), + routes := []gwv1.HTTPRoute{ + createHTTPRoute("valid-route", "ns1", gwv1.BackendObjectReference{ + Group: (*gwv1.Group)(ptr.To("")), + Kind: (*gwv1.Kind)(ptr.To("Service")), + Namespace: (*gwv1.Namespace)(ptr.To("ns1")), Name: "test-service", }), } @@ -42,7 +42,7 @@ func TestServiceEventHandler_MapToRoute(t *testing.T) { }, ).AnyTimes() mockClient.EXPECT().List(gomock.Any(), gomock.Any()).DoAndReturn( - func(ctx context.Context, routeList *gwv1beta1.HTTPRouteList, _ ...interface{}) error { + func(ctx context.Context, routeList *gwv1.HTTPRouteList, _ ...interface{}) error { routeList.Items = append(routeList.Items, routes...) return nil }, @@ -55,7 +55,7 @@ func TestServiceEventHandler_MapToRoute(t *testing.T) { Namespace: "ns1", }, Spec: anv1alpha1.TargetGroupPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Group: "", Kind: "Service", Name: "test-service", @@ -103,7 +103,7 @@ func TestServiceEventHandler_MapToServiceExport(t *testing.T) { Namespace: "ns1", }, Spec: anv1alpha1.TargetGroupPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Group: "", Kind: "Service", Name: "test-service", diff --git a/pkg/controllers/eventhandlers/serviceimport_test.go b/pkg/controllers/eventhandlers/serviceimport_test.go index 94a4aa23..17b498dc 100644 --- a/pkg/controllers/eventhandlers/serviceimport_test.go +++ b/pkg/controllers/eventhandlers/serviceimport_test.go @@ -8,7 +8,7 @@ import ( "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" mock_client "github.com/aws/aws-application-networking-k8s/mocks/controller-runtime/client" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" @@ -20,18 +20,18 @@ func TestServiceImportEventHandler_MapToRoute(t *testing.T) { c := gomock.NewController(t) defer c.Finish() - routes := []gwv1beta1.HTTPRoute{ - createHTTPRoute("valid-route", "ns1", gwv1beta1.BackendObjectReference{ - Group: (*gwv1beta1.Group)(ptr.To("application-networking.k8s.aws")), - Kind: (*gwv1beta1.Kind)(ptr.To("ServiceImport")), - Namespace: (*gwv1beta1.Namespace)(ptr.To("ns1")), + routes := []gwv1.HTTPRoute{ + createHTTPRoute("valid-route", "ns1", gwv1.BackendObjectReference{ + Group: (*gwv1.Group)(ptr.To("application-networking.k8s.aws")), + Kind: (*gwv1.Kind)(ptr.To("ServiceImport")), + Namespace: (*gwv1.Namespace)(ptr.To("ns1")), Name: "test-service", }), } mockClient := mock_client.NewMockClient(c) h := NewServiceImportEventHandler(gwlog.FallbackLogger, mockClient) mockClient.EXPECT().List(gomock.Any(), gomock.Any()).DoAndReturn( - func(ctx context.Context, routeList *gwv1beta1.HTTPRouteList, _ ...interface{}) error { + func(ctx context.Context, routeList *gwv1.HTTPRouteList, _ ...interface{}) error { routeList.Items = append(routeList.Items, routes...) return nil }, diff --git a/pkg/controllers/gateway_controller.go b/pkg/controllers/gateway_controller.go index 6b406315..74ab4a76 100644 --- a/pkg/controllers/gateway_controller.go +++ b/pkg/controllers/gateway_controller.go @@ -40,13 +40,12 @@ import ( "k8s.io/client-go/tools/record" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" deploy "github.com/aws/aws-application-networking-k8s/pkg/deploy/lattice" model "github.com/aws/aws-application-networking-k8s/pkg/model/lattice" pkg_builder "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/predicate" - gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) const ( @@ -99,8 +98,8 @@ func RegisterGatewayController( gwClassEventHandler := eventhandlers.NewEnqueueRequestsForGatewayClassEvent(log, mgrClient) vpcAssociationPolicyEventHandler := eventhandlers.NewVpcAssociationPolicyEventHandler(log, mgrClient) builder := ctrl.NewControllerManagedBy(mgr). - For(&gwv1beta1.Gateway{}, pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})) - builder.Watches(&gwv1beta1.GatewayClass{}, gwClassEventHandler) + For(&gwv1.Gateway{}, pkg_builder.WithPredicates(predicate.GenerationChangedPredicate{})) + builder.Watches(&gwv1.GatewayClass{}, gwClassEventHandler) //Watch VpcAssociationPolicy CRD if it is installed ok, err := k8s.IsGVKSupported(mgr, anv1alpha1.GroupVersion.String(), anv1alpha1.VpcAssociationPolicyKind) @@ -142,12 +141,12 @@ func (r *gatewayReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ct func (r *gatewayReconciler) reconcile(ctx context.Context, req ctrl.Request) error { - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} if err := r.client.Get(ctx, req.NamespacedName, gw); err != nil { return client.IgnoreNotFound(err) } - gwClass := &gwv1beta1.GatewayClass{} + gwClass := &gwv1.GatewayClass{} gwClassName := types.NamespacedName{ Namespace: defaultNamespace, Name: string(gw.Spec.GatewayClassName), @@ -170,7 +169,7 @@ func (r *gatewayReconciler) reconcile(ctx context.Context, req ctrl.Request) err } } -func (r *gatewayReconciler) reconcileDelete(ctx context.Context, gw *gwv1beta1.Gateway) error { +func (r *gatewayReconciler) reconcileDelete(ctx context.Context, gw *gwv1.Gateway) error { routes, err := core.ListAllRoutes(ctx, r.client) if err != nil { return err @@ -189,7 +188,7 @@ func (r *gatewayReconciler) reconcileDelete(ctx context.Context, gw *gwv1beta1.G Name: string(route.Spec().ParentRefs()[0].Name), } - httpGw := &gwv1beta1.Gateway{} + httpGw := &gwv1.Gateway{} if err := r.client.Get(ctx, gwName, httpGw); err != nil { continue } @@ -208,7 +207,7 @@ func (r *gatewayReconciler) reconcileDelete(ctx context.Context, gw *gwv1beta1.G return nil } -func (r *gatewayReconciler) reconcileUpsert(ctx context.Context, gw *gwv1beta1.Gateway) error { +func (r *gatewayReconciler) reconcileUpsert(ctx context.Context, gw *gwv1.Gateway) error { if err := r.finalizerManager.AddFinalizers(ctx, gw, gatewayFinalizer); err != nil { r.eventRecorder.Event(gw, corev1.EventTypeWarning, k8s.GatewayEventReasonFailedAddFinalizer, fmt.Sprintf("failed add finalizer: %s", err)) @@ -255,7 +254,7 @@ func (r *gatewayReconciler) reconcileUpsert(ctx context.Context, gw *gwv1beta1.G func (r *gatewayReconciler) updateGatewayProgrammedStatus( ctx context.Context, - gw *gwv1beta1.Gateway, + gw *gwv1.Gateway, reason gwv1.GatewayConditionReason, message string, ) error { @@ -285,7 +284,7 @@ func (r *gatewayReconciler) updateGatewayProgrammedStatus( return nil } -func (r *gatewayReconciler) updateGatewayAcceptStatus(ctx context.Context, gw *gwv1beta1.Gateway, accepted bool) error { +func (r *gatewayReconciler) updateGatewayAcceptStatus(ctx context.Context, gw *gwv1.Gateway, accepted bool) error { gwOld := gw.DeepCopy() var cond metav1.Condition @@ -315,7 +314,7 @@ func (r *gatewayReconciler) updateGatewayAcceptStatus(ctx context.Context, gw *g return nil } -func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gwv1beta1.Gateway) error { +func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gwv1.Gateway) error { hasValidListener := false gwOld := gw.DeepCopy() @@ -330,7 +329,7 @@ func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gw // Due to size limit, we cannot put all service addresses here. if len(routes) > 0 { gw.Status.Addresses = []gwv1.GatewayStatusAddress{} - addressType := gwv1beta1.HostnameAddressType + addressType := gwv1.HostnameAddressType for _, route := range routes { if route.DeletionTimestamp().IsZero() && len(route.K8sObject().GetAnnotations()) > 0 { if domain, exists := route.K8sObject().GetAnnotations()[LatticeAssignedDomainName]; exists { @@ -352,7 +351,7 @@ func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gw // go through each section of gw for _, listener := range gw.Spec.Listeners { - listenerStatus := gwv1beta1.ListenerStatus{ + listenerStatus := gwv1.ListenerStatus{ Name: listener.Name, } @@ -389,12 +388,12 @@ func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gw } for _, parentRef := range route.Spec().ParentRefs() { - if parentRef.Name != gwv1beta1.ObjectName(gw.Name) { + if parentRef.Name != gwv1.ObjectName(gw.Name) { continue } if parentRef.Namespace != nil && - *parentRef.Namespace != gwv1beta1.Namespace(gw.Namespace) { + *parentRef.Namespace != gwv1.Namespace(gw.Namespace) { continue } @@ -418,12 +417,12 @@ func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gw } if listener.Protocol == gwv1.HTTPSProtocolType { - listenerStatus.SupportedKinds = append(listenerStatus.SupportedKinds, gwv1beta1.RouteGroupKind{ + listenerStatus.SupportedKinds = append(listenerStatus.SupportedKinds, gwv1.RouteGroupKind{ Kind: "GRPCRoute", }) } - listenerStatus.SupportedKinds = append(listenerStatus.SupportedKinds, gwv1beta1.RouteGroupKind{ + listenerStatus.SupportedKinds = append(listenerStatus.SupportedKinds, gwv1.RouteGroupKind{ Kind: "HTTPRoute", }) listenerStatus.Conditions = append(listenerStatus.Conditions, condition) @@ -455,18 +454,18 @@ func UpdateGWListenerStatus(ctx context.Context, k8sClient client.Client, gw *gw } } -func listenerRouteGroupKindSupported(listener gwv1beta1.Listener) (bool, []gwv1beta1.RouteGroupKind) { +func listenerRouteGroupKindSupported(listener gwv1.Listener) (bool, []gwv1.RouteGroupKind) { validRoute := true - supportedKinds := make([]gwv1beta1.RouteGroupKind, 0) + supportedKinds := make([]gwv1.RouteGroupKind, 0) for _, routeGroupKind := range listener.AllowedRoutes.Kinds { if routeGroupKind.Kind == "HTTPRoute" { - supportedKinds = append(supportedKinds, gwv1beta1.RouteGroupKind{ + supportedKinds = append(supportedKinds, gwv1.RouteGroupKind{ Kind: "HTTPRoute", }) } else if routeGroupKind.Kind == "GRPCRoute" { if listener.Protocol == gwv1.HTTPSProtocolType { - supportedKinds = append(supportedKinds, gwv1beta1.RouteGroupKind{ + supportedKinds = append(supportedKinds, gwv1.RouteGroupKind{ Kind: "GRPCRoute", }) } else { diff --git a/pkg/controllers/gatewayclass_controller.go b/pkg/controllers/gatewayclass_controller.go index d388d814..f87ab9e1 100644 --- a/pkg/controllers/gatewayclass_controller.go +++ b/pkg/controllers/gatewayclass_controller.go @@ -29,7 +29,6 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) type gatewayClassReconciler struct { @@ -47,7 +46,7 @@ func RegisterGatewayClassController(log gwlog.Logger, mgr ctrl.Manager) error { latticeControllerEnabled: false, } return ctrl.NewControllerManagedBy(mgr). - For(&gwv1beta1.GatewayClass{}). + For(&gwv1.GatewayClass{}). Complete(r) } @@ -61,7 +60,7 @@ func (r *gatewayClassReconciler) Reconcile(ctx context.Context, req ctrl.Request gwlog.EndReconcileTrace(ctx, r.log) }() - gwClass := &gwv1beta1.GatewayClass{} + gwClass := &gwv1.GatewayClass{} if err := r.client.Get(ctx, req.NamespacedName, gwClass); err != nil { r.log.Debugw(ctx, "gateway not found", "name", req.Name) return ctrl.Result{}, nil diff --git a/pkg/controllers/iamauthpolicy_controller.go b/pkg/controllers/iamauthpolicy_controller.go index 9d485ce0..bb2d9b10 100644 --- a/pkg/controllers/iamauthpolicy_controller.go +++ b/pkg/controllers/iamauthpolicy_controller.go @@ -18,8 +18,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/predicate" "sigs.k8s.io/controller-runtime/pkg/reconcile" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) const ( @@ -55,7 +54,7 @@ func RegisterIAMAuthPolicyController(log gwlog.Logger, mgr ctrl.Manager, cloud p b := ctrl. NewControllerManagedBy(mgr). For(&anv1alpha1.IAMAuthPolicy{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})) - ph.AddWatchers(b, &gwv1beta1.Gateway{}, &gwv1beta1.HTTPRoute{}, &gwv1alpha2.GRPCRoute{}) + ph.AddWatchers(b, &gwv1.Gateway{}, &gwv1.HTTPRoute{}, &gwv1.GRPCRoute{}) err := b.Complete(controller) return err } diff --git a/pkg/controllers/route_controller.go b/pkg/controllers/route_controller.go index 989738d8..11f1025f 100644 --- a/pkg/controllers/route_controller.go +++ b/pkg/controllers/route_controller.go @@ -36,7 +36,6 @@ import ( "sigs.k8s.io/external-dns/endpoint" gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" discoveryv1 "k8s.io/api/discovery/v1" @@ -93,8 +92,8 @@ func RegisterAllRouteControllers( routeType core.RouteType gatewayApiType client.Object }{ - {core.HttpRouteType, &gwv1beta1.HTTPRoute{}}, - {core.GrpcRouteType, &gwv1alpha2.GRPCRoute{}}, + {core.HttpRouteType, &gwv1.HTTPRoute{}}, + {core.GrpcRouteType, &gwv1.GRPCRoute{}}, {core.TlsRouteType, &gwv1alpha2.TLSRoute{}}, } @@ -117,7 +116,7 @@ func RegisterAllRouteControllers( builder := ctrl.NewControllerManagedBy(mgr). For(routeInfo.gatewayApiType, builder.WithPredicates(predicate.GenerationChangedPredicate{})). - Watches(&gwv1beta1.Gateway{}, gwEventHandler). + Watches(&gwv1.Gateway{}, gwEventHandler). Watches(&corev1.Service{}, svcEventHandler.MapToRoute(routeInfo.routeType)). Watches(&anv1alpha1.ServiceImport{}, svcImportEventHandler.MapToRoute(routeInfo.routeType)). Watches(&discoveryv1.EndpointSlice{}, svcEventHandler.MapToRoute(routeInfo.routeType)). @@ -217,7 +216,7 @@ func (r *routeReconciler) getRoute(ctx context.Context, req ctrl.Request) (core. } func updateRouteListenerStatus(ctx context.Context, k8sClient client.Client, route core.Route) error { - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} gwNamespace := route.Namespace() if route.Spec().ParentRefs()[0].Namespace != nil { @@ -242,7 +241,7 @@ func (r *routeReconciler) isRouteRelevant(ctx context.Context, route core.Route) return false } - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} gwNamespace := route.Namespace() if route.Spec().ParentRefs()[0].Namespace != nil { @@ -260,7 +259,7 @@ func (r *routeReconciler) isRouteRelevant(ctx context.Context, route core.Route) } // make sure gateway is an aws-vpc-lattice - gwClass := &gwv1beta1.GatewayClass{} + gwClass := &gwv1.GatewayClass{} gwClassName := types.NamespacedName{ Namespace: defaultNamespace, Name: string(gw.Spec.GatewayClassName), @@ -342,10 +341,10 @@ func (r *routeReconciler) reconcileUpsert(ctx context.Context, req ctrl.Request, route.Status().UpdateParentRefs(route.Spec().ParentRefs()[0], config.LatticeGatewayControllerName) route.Status().UpdateRouteCondition(metav1.Condition{ - Type: string(gwv1beta1.RouteConditionAccepted), + Type: string(gwv1.RouteConditionAccepted), Status: metav1.ConditionFalse, ObservedGeneration: route.K8sObject().GetGeneration(), - Reason: string(gwv1beta1.RouteReasonUnsupportedValue), + Reason: string(gwv1.RouteReasonUnsupportedValue), Message: "Dual stack Service is not supported", }) @@ -361,7 +360,7 @@ func (r *routeReconciler) reconcileUpsert(ctx context.Context, req ctrl.Request, // Stop reconciliation of this route if the route cannot be owned / has conflict route.Status().UpdateParentRefs(route.Spec().ParentRefs()[0], config.LatticeGatewayControllerName) route.Status().UpdateRouteCondition(metav1.Condition{ - Type: string(gwv1beta1.RouteConditionAccepted), + Type: string(gwv1.RouteConditionAccepted), Status: metav1.ConditionFalse, ObservedGeneration: route.K8sObject().GetGeneration(), Reason: "Conflicted", @@ -501,7 +500,7 @@ func (r *routeReconciler) hasNotAcceptedCondition(route core.Route) bool { } // find Gateway by Route and parentRef, returns nil if not found -func (r *routeReconciler) findRouteParentGw(ctx context.Context, route core.Route, parentRef gwv1beta1.ParentReference) (*gwv1beta1.Gateway, error) { +func (r *routeReconciler) findRouteParentGw(ctx context.Context, route core.Route, parentRef gwv1.ParentReference) (*gwv1.Gateway, error) { ns := route.Namespace() if parentRef.Namespace != nil && *parentRef.Namespace != "" { ns = string(*parentRef.Namespace) @@ -510,7 +509,7 @@ func (r *routeReconciler) findRouteParentGw(ctx context.Context, route core.Rout Namespace: ns, Name: string(parentRef.Name), } - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} err := r.client.Get(ctx, gwName, gw) if err != nil { return nil, client.IgnoreNotFound(err) @@ -527,12 +526,12 @@ func (r *routeReconciler) findRouteParentGw(ctx context.Context, route core.Rout // - NoMatchingParent: parentRef sectionName and port matches Listener name and port // - TODO: NoMatchingListenerHostname: listener hostname matches one of route hostnames // - TODO: NotAllowedByListeners: listener allowedRoutes contains route GroupKind -func (r *routeReconciler) validateRouteParentRefs(ctx context.Context, route core.Route) ([]gwv1beta1.RouteParentStatus, error) { +func (r *routeReconciler) validateRouteParentRefs(ctx context.Context, route core.Route) ([]gwv1.RouteParentStatus, error) { if len(route.Spec().ParentRefs()) == 0 { return nil, ErrParentRefsNotFound } - parentStatuses := []gwv1beta1.RouteParentStatus{} + parentStatuses := []gwv1.RouteParentStatus{} for _, parentRef := range route.Spec().ParentRefs() { gw, err := r.findRouteParentGw(ctx, route, parentRef) if err != nil { @@ -553,7 +552,7 @@ func (r *routeReconciler) validateRouteParentRefs(ctx context.Context, route cor noMatchingParent = false } - parentStatus := gwv1beta1.RouteParentStatus{ + parentStatus := gwv1.RouteParentStatus{ ParentRef: parentRef, ControllerName: "application-networking.k8s.aws/gateway-api-controller", Conditions: []metav1.Condition{}, @@ -562,9 +561,9 @@ func (r *routeReconciler) validateRouteParentRefs(ctx context.Context, route cor var cnd metav1.Condition switch { case noMatchingParent: - cnd = r.newCondition(route, gwv1beta1.RouteConditionAccepted, gwv1.RouteReasonNoMatchingParent, "") + cnd = r.newCondition(route, gwv1.RouteConditionAccepted, gwv1.RouteReasonNoMatchingParent, "") default: - cnd = r.newCondition(route, gwv1beta1.RouteConditionAccepted, gwv1beta1.RouteReasonAccepted, "") + cnd = r.newCondition(route, gwv1.RouteConditionAccepted, gwv1.RouteReasonAccepted, "") } meta.SetStatusCondition(&parentStatus.Conditions, cnd) parentStatuses = append(parentStatuses, parentStatus) @@ -587,7 +586,7 @@ func (r *routeReconciler) validateBackedRefs(ctx context.Context, route core.Rou kind = string(*ref.Kind()) } if !validBackendKinds.Contains(kind) { - return r.newCondition(route, gwv1beta1.RouteConditionResolvedRefs, gwv1beta1.RouteReasonInvalidKind, kind), nil + return r.newCondition(route, gwv1.RouteConditionResolvedRefs, gwv1.RouteReasonInvalidKind, kind), nil } namespace := route.Namespace() @@ -612,17 +611,17 @@ func (r *routeReconciler) validateBackedRefs(ctx context.Context, route core.Rou if err != nil { if apierrors.IsNotFound(err) { msg := fmt.Sprintf("backendRef name: %s", ref.Name()) - return r.newCondition(route, gwv1beta1.RouteConditionResolvedRefs, gwv1beta1.RouteReasonBackendNotFound, msg), nil + return r.newCondition(route, gwv1.RouteConditionResolvedRefs, gwv1.RouteReasonBackendNotFound, msg), nil } } } } - return r.newCondition(route, gwv1beta1.RouteConditionResolvedRefs, gwv1beta1.RouteReasonResolvedRefs, ""), nil + return r.newCondition(route, gwv1.RouteConditionResolvedRefs, gwv1.RouteReasonResolvedRefs, ""), nil } -func (r *routeReconciler) newCondition(route core.Route, t gwv1beta1.RouteConditionType, reason gwv1beta1.RouteConditionReason, msg string) metav1.Condition { +func (r *routeReconciler) newCondition(route core.Route, t gwv1.RouteConditionType, reason gwv1.RouteConditionReason, msg string) metav1.Condition { status := metav1.ConditionTrue - if reason != gwv1beta1.RouteReasonAccepted && reason != gwv1beta1.RouteReasonResolvedRefs { + if reason != gwv1.RouteReasonAccepted && reason != gwv1.RouteReasonResolvedRefs { status = metav1.ConditionFalse } return metav1.Condition{ diff --git a/pkg/controllers/route_controller_test.go b/pkg/controllers/route_controller_test.go index a6c1ffc5..d7392296 100644 --- a/pkg/controllers/route_controller_test.go +++ b/pkg/controllers/route_controller_test.go @@ -26,7 +26,7 @@ import ( testclient "sigs.k8s.io/controller-runtime/pkg/client/fake" "sigs.k8s.io/controller-runtime/pkg/reconcile" "sigs.k8s.io/external-dns/endpoint" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "testing" ) @@ -40,37 +40,37 @@ func TestRouteReconciler_ReconcileCreates(t *testing.T) { k8sScheme := runtime.NewScheme() clientgoscheme.AddToScheme(k8sScheme) - gwv1beta1.AddToScheme(k8sScheme) + gwv1.AddToScheme(k8sScheme) discoveryv1.AddToScheme(k8sScheme) addOptionalCRDs(k8sScheme) k8sClient := testclient. NewClientBuilder(). WithScheme(k8sScheme). - WithStatusSubresource(&gwv1beta1.HTTPRoute{}). + WithStatusSubresource(&gwv1.HTTPRoute{}). Build() - gwClass := &gwv1beta1.GatewayClass{ + gwClass := &gwv1.GatewayClass{ ObjectMeta: metav1.ObjectMeta{ Name: "amazon-vpc-lattice", Namespace: defaultNamespace, }, - Spec: gwv1beta1.GatewayClassSpec{ + Spec: gwv1.GatewayClassSpec{ ControllerName: config.LatticeGatewayControllerName, }, - Status: gwv1beta1.GatewayClassStatus{}, + Status: gwv1.GatewayClassStatus{}, } k8sClient.Create(ctx, gwClass.DeepCopy()) // here we have a gateway, service, and route - gw := &gwv1beta1.Gateway{ + gw := &gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "my-gateway", Namespace: "ns1", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", - Listeners: []gwv1beta1.Listener{ + Listeners: []gwv1.Listener{ { Name: "http", Protocol: "HTTP", @@ -121,27 +121,27 @@ func TestRouteReconciler_ReconcileCreates(t *testing.T) { } k8sClient.Create(ctx, epSlice.DeepCopy()) - kind := gwv1beta1.Kind("Service") - port := gwv1beta1.PortNumber(80) - route := gwv1beta1.HTTPRoute{ + kind := gwv1.Kind("Service") + port := gwv1.PortNumber(80) + route := gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "my-route", Namespace: "ns1", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "my-gateway", }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Kind: &kind, Name: "my-service", Port: &port, diff --git a/pkg/controllers/vpcassociationpolicy_controller.go b/pkg/controllers/vpcassociationpolicy_controller.go index 0b778621..f6cac4a9 100644 --- a/pkg/controllers/vpcassociationpolicy_controller.go +++ b/pkg/controllers/vpcassociationpolicy_controller.go @@ -8,7 +8,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/predicate" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" pkg_aws "github.com/aws/aws-application-networking-k8s/pkg/aws" @@ -50,7 +50,7 @@ func RegisterVpcAssociationPolicyController(log gwlog.Logger, cloud pkg_aws.Clou b := ctrl.NewControllerManagedBy(mgr). For(&anv1alpha1.VpcAssociationPolicy{}, builder.WithPredicates(predicate.GenerationChangedPredicate{})) - ph.AddWatchers(b, &gwv1beta1.Gateway{}) + ph.AddWatchers(b, &gwv1.Gateway{}) return b.Complete(controller) } diff --git a/pkg/deploy/lattice/access_log_subscription_synthesizer_test.go b/pkg/deploy/lattice/access_log_subscription_synthesizer_test.go index 54d0bcc3..6ba4793b 100644 --- a/pkg/deploy/lattice/access_log_subscription_synthesizer_test.go +++ b/pkg/deploy/lattice/access_log_subscription_synthesizer_test.go @@ -9,7 +9,7 @@ import ( "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" + gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" mockclient "github.com/aws/aws-application-networking-k8s/mocks/controller-runtime/client" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" @@ -30,7 +30,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { input := &anv1alpha1.AccessLogPolicy{ Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, @@ -50,7 +50,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { input := &anv1alpha1.AccessLogPolicy{ Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, @@ -75,7 +75,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, @@ -101,7 +101,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, @@ -128,7 +128,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, @@ -152,7 +152,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, @@ -178,7 +178,7 @@ func TestSynthesizeAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Gateway", Name: "TestName", }, diff --git a/pkg/deploy/lattice/service_synthesizer_test.go b/pkg/deploy/lattice/service_synthesizer_test.go index 360909bb..29370817 100644 --- a/pkg/deploy/lattice/service_synthesizer_test.go +++ b/pkg/deploy/lattice/service_synthesizer_test.go @@ -11,7 +11,7 @@ import ( "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "testing" ) @@ -19,7 +19,7 @@ func Test_SynthesizeService(t *testing.T) { now := metav1.Now() tests := []struct { name string - httpRoute *gwv1beta1.HTTPRoute + httpRoute *gwv1.HTTPRoute serviceARN string serviceID string mgrErr error @@ -30,13 +30,13 @@ func Test_SynthesizeService(t *testing.T) { { name: "Add LatticeService", - httpRoute: &gwv1beta1.HTTPRoute{ + httpRoute: &gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", }, @@ -53,15 +53,15 @@ func Test_SynthesizeService(t *testing.T) { { name: "Delete LatticeService", - httpRoute: &gwv1beta1.HTTPRoute{ + httpRoute: &gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service2", Finalizers: []string{"gateway.k8s.aws/resources"}, DeletionTimestamp: &now, }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway2", }, @@ -78,13 +78,13 @@ func Test_SynthesizeService(t *testing.T) { { name: "Add LatticeService, return error need to retry", - httpRoute: &gwv1beta1.HTTPRoute{ + httpRoute: &gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service3", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", }, @@ -101,15 +101,15 @@ func Test_SynthesizeService(t *testing.T) { { name: "Delete LatticeService, but need retry", - httpRoute: &gwv1beta1.HTTPRoute{ + httpRoute: &gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service4", Finalizers: []string{"gateway.k8s.aws/resources"}, DeletionTimestamp: &now, }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway2", }, @@ -126,13 +126,13 @@ func Test_SynthesizeService(t *testing.T) { { name: "Add LatticeService, getting error registering DNS", - httpRoute: &gwv1beta1.HTTPRoute{ + httpRoute: &gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service3", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", }, diff --git a/pkg/gateway/model_build_access_log_subscription_test.go b/pkg/gateway/model_build_access_log_subscription_test.go index 5ca24864..580a8deb 100644 --- a/pkg/gateway/model_build_access_log_subscription_test.go +++ b/pkg/gateway/model_build_access_log_subscription_test.go @@ -59,7 +59,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: gatewayKind, Name: name, }, @@ -86,7 +86,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: gatewayKind, Name: name, Namespace: (*gwv1alpha2.Namespace)(aws.String(namespace)), @@ -114,7 +114,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: httpRouteKind, Name: name, }, @@ -141,7 +141,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: httpRouteKind, Name: name, Namespace: (*gwv1alpha2.Namespace)(aws.String(namespace)), @@ -169,7 +169,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: grpcRouteKind, Name: name, }, @@ -196,7 +196,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: grpcRouteKind, Name: name, Namespace: (*gwv1alpha2.Namespace)(aws.String(namespace)), @@ -228,7 +228,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: gatewayKind, Name: name, }, @@ -258,7 +258,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: gatewayKind, Name: name, }, @@ -289,7 +289,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(s3DestinationArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: "Foo", Name: name, }, @@ -319,7 +319,7 @@ func Test_BuildAccessLogSubscription(t *testing.T) { }, }, Spec: anv1alpha1.AccessLogPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Kind: gatewayKind, Name: name, }, diff --git a/pkg/gateway/model_build_lattice_service_test.go b/pkg/gateway/model_build_lattice_service_test.go index 6d60e462..d952b5e0 100644 --- a/pkg/gateway/model_build_lattice_service_test.go +++ b/pkg/gateway/model_build_lattice_service_test.go @@ -13,35 +13,33 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" testclient "sigs.k8s.io/controller-runtime/pkg/client/fake" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" "testing" ) func Test_LatticeServiceModelBuild(t *testing.T) { now := metav1.Now() - var httpSectionName gwv1beta1.SectionName = "http" - var serviceKind gwv1beta1.Kind = "Service" - var serviceimportKind gwv1beta1.Kind = "ServiceImport" + var httpSectionName gwv1.SectionName = "http" + var serviceKind gwv1.Kind = "Service" + var serviceimportKind gwv1.Kind = "ServiceImport" var weight1 = int32(10) var weight2 = int32(90) - var namespace = gwv1beta1.Namespace("default") + var namespace = gwv1.Namespace("default") - namespacePtr := func(ns string) *gwv1beta1.Namespace { - p := gwv1beta1.Namespace(ns) + namespacePtr := func(ns string) *gwv1.Namespace { + p := gwv1.Namespace(ns) return &p } - var backendRef1 = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendRef1 = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup1", Namespace: &namespace, Kind: &serviceKind, }, Weight: &weight1, } - var backendRef2 = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendRef2 = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup2", Namespace: &namespace, Kind: &serviceimportKind, @@ -49,12 +47,12 @@ func Test_LatticeServiceModelBuild(t *testing.T) { Weight: &weight2, } - tlsSectionName := gwv1beta1.SectionName("tls") + tlsSectionName := gwv1.SectionName("tls") tlsModeTerminate := gwv1.TLSModeTerminate tests := []struct { name string - gw gwv1beta1.Gateway + gw gwv1.Gateway route core.Route wantErrIsNil bool wantIsDeleted bool @@ -64,27 +62,27 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Add LatticeService with hostname", wantIsDeleted: false, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "default", }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("default"), }, }, }, - Hostnames: []gwv1beta1.Hostname{ + Hostnames: []gwv1.Hostname{ "test1.test.com", "test2.test.com", }, @@ -104,20 +102,20 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Add LatticeService", wantIsDeleted: false, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "default", }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("default"), @@ -139,20 +137,20 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Add LatticeService with GRPCRoute", wantIsDeleted: false, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "test", }, }, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "test", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", }, @@ -173,13 +171,13 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Delete LatticeService", wantIsDeleted: true, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway2", Namespace: "ns1", }, - Spec: gwv1beta1.GatewaySpec{ - Listeners: []gwv1beta1.Listener{ + Spec: gwv1.GatewaySpec{ + Listeners: []gwv1.Listener{ { Name: httpSectionName, Port: 80, @@ -188,25 +186,25 @@ func Test_LatticeServiceModelBuild(t *testing.T) { }, }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service2", Namespace: "ns1", Finalizers: []string{"gateway.k8s.aws/resources"}, DeletionTimestamp: &now, // <- the important bit }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway2", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -231,21 +229,21 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Service with customer Cert ARN", wantIsDeleted: false, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "default", }, - Spec: gwv1beta1.GatewaySpec{ - Listeners: []gwv1beta1.Listener{ + Spec: gwv1.GatewaySpec{ + Listeners: []gwv1.Listener{ { Name: "tls", Port: 443, Protocol: "HTTPS", - TLS: &gwv1beta1.GatewayTLSConfig{ + TLS: &gwv1.GatewayTLSConfig{ Mode: &tlsModeTerminate, CertificateRefs: nil, - Options: map[gwv1beta1.AnnotationKey]gwv1beta1.AnnotationValue{ + Options: map[gwv1.AnnotationKey]gwv1.AnnotationValue{ "application-networking.k8s.aws/certificate-arn": "cert-arn", }, }, @@ -253,14 +251,14 @@ func Test_LatticeServiceModelBuild(t *testing.T) { }, }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("default"), @@ -282,20 +280,20 @@ func Test_LatticeServiceModelBuild(t *testing.T) { }, { name: "GW does not exist", - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "default", }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "not-a-real-gateway", Namespace: namespacePtr("default"), @@ -310,18 +308,18 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Service with TLS section but no cert arn", wantIsDeleted: false, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "default", }, - Spec: gwv1beta1.GatewaySpec{ - Listeners: []gwv1beta1.Listener{ + Spec: gwv1.GatewaySpec{ + Listeners: []gwv1.Listener{ { Name: "tls", Port: 443, Protocol: "HTTPS", - TLS: &gwv1beta1.GatewayTLSConfig{ + TLS: &gwv1.GatewayTLSConfig{ Mode: &tlsModeTerminate, CertificateRefs: nil, }, @@ -329,14 +327,14 @@ func Test_LatticeServiceModelBuild(t *testing.T) { }, }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("default"), @@ -359,20 +357,20 @@ func Test_LatticeServiceModelBuild(t *testing.T) { name: "Multiple service networks", wantIsDeleted: false, wantErrIsNil: true, - gw: gwv1beta1.Gateway{ + gw: gwv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "gateway1", Namespace: "default", }, }, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("default"), @@ -404,7 +402,7 @@ func Test_LatticeServiceModelBuild(t *testing.T) { k8sSchema := runtime.NewScheme() clientgoscheme.AddToScheme(k8sSchema) - gwv1beta1.AddToScheme(k8sSchema) + gwv1.AddToScheme(k8sSchema) k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build() assert.NoError(t, k8sClient.Create(ctx, tt.gw.DeepCopy())) diff --git a/pkg/gateway/model_build_listener.go b/pkg/gateway/model_build_listener.go index ebd3471a..3a962df9 100644 --- a/pkg/gateway/model_build_listener.go +++ b/pkg/gateway/model_build_listener.go @@ -9,7 +9,6 @@ import ( "github.com/aws/aws-sdk-go/service/vpclattice" "k8s.io/apimachinery/pkg/types" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" model "github.com/aws/aws-application-networking-k8s/pkg/model/lattice" ) @@ -20,7 +19,7 @@ const ( func (t *latticeServiceModelBuildTask) extractListenerInfo( ctx context.Context, - parentRef gwv1beta1.ParentReference, + parentRef gwv1.ParentReference, ) (int64, string, error) { if parentRef.SectionName != nil { t.log.Debugf(ctx, "Listener parentRef SectionName is %s", *parentRef.SectionName) @@ -59,13 +58,13 @@ func isTLSPassthroughGatewayListener(listener *gwv1.Listener) bool { return listener.Protocol == gwv1.TLSProtocolType && listener.TLS != nil && listener.TLS.Mode != nil && *listener.TLS.Mode == gwv1.TLSModePassthrough } -func (t *latticeServiceModelBuildTask) getGateway(ctx context.Context) (*gwv1beta1.Gateway, error) { +func (t *latticeServiceModelBuildTask) getGateway(ctx context.Context) (*gwv1.Gateway, error) { var gwNamespace = t.route.Namespace() if t.route.Spec().ParentRefs()[0].Namespace != nil { gwNamespace = string(*t.route.Spec().ParentRefs()[0].Namespace) } - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} gwName := types.NamespacedName{ Namespace: gwNamespace, Name: string(t.route.Spec().ParentRefs()[0].Name), diff --git a/pkg/gateway/model_build_listener_test.go b/pkg/gateway/model_build_listener_test.go index d7fc59fe..762f4ce6 100644 --- a/pkg/gateway/model_build_listener_test.go +++ b/pkg/gateway/model_build_listener_test.go @@ -13,7 +13,6 @@ import ( "k8s.io/apimachinery/pkg/types" gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" mock_client "github.com/aws/aws-application-networking-k8s/mocks/controller-runtime/client" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" @@ -32,18 +31,18 @@ const ( ) // PortNumberPtr translates an int to a *PortNumber -func PortNumberPtr(p int) *gwv1beta1.PortNumber { - result := gwv1beta1.PortNumber(p) +func PortNumberPtr(p int) *gwv1.PortNumber { + result := gwv1.PortNumber(p) return &result } func Test_ListenerModelBuild(t *testing.T) { - var sectionName gwv1beta1.SectionName = "my-gw-listener" - var missingSectionName gwv1beta1.SectionName = "miss" - var serviceKind gwv1beta1.Kind = "Service" - var serviceImportKind gwv1beta1.Kind = "ServiceImport" - var backendRef = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var sectionName gwv1.SectionName = "my-gw-listener" + var missingSectionName gwv1.SectionName = "miss" + var serviceKind gwv1.Kind = "Service" + var serviceImportKind gwv1.Kind = "ServiceImport" + var backendRef = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup1", Kind: &serviceKind, }, @@ -51,7 +50,7 @@ func Test_ListenerModelBuild(t *testing.T) { tests := []struct { name string - gwListenerPort gwv1beta1.PortNumber + gwListenerPort gwv1.PortNumber route core.Route wantErrIsNil bool k8sGetGatewayCall bool @@ -68,23 +67,23 @@ func Test_ListenerModelBuild(t *testing.T) { k8sGetGatewayCall: true, k8sGatewayReturnOK: true, k8sGatewayListenerType: HTTP, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: §ionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef, }, @@ -113,23 +112,23 @@ func Test_ListenerModelBuild(t *testing.T) { k8sGetGatewayCall: true, k8sGatewayReturnOK: true, k8sGatewayListenerType: HTTPS, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: §ionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef, }, @@ -166,8 +165,8 @@ func Test_ListenerModelBuild(t *testing.T) { Namespace: "default", }, Spec: gwv1alpha2.TLSRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: §ionName, @@ -176,23 +175,23 @@ func Test_ListenerModelBuild(t *testing.T) { }, Rules: []gwv1alpha2.TLSRouteRule{ { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "k8s-service1", Kind: &serviceKind, // No weight specified, default to 1 }, }, { - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "k8s-service2", Kind: &serviceKind, }, Weight: aws.Int32(10), }, { - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "k8s-service3", Kind: &serviceImportKind, }, @@ -250,8 +249,8 @@ func Test_ListenerModelBuild(t *testing.T) { Namespace: "default", }, Spec: gwv1alpha2.TLSRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: §ionName, @@ -260,9 +259,9 @@ func Test_ListenerModelBuild(t *testing.T) { }, Rules: []gwv1alpha2.TLSRouteRule{ { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "k8s-service1", Kind: &serviceKind, }, @@ -270,9 +269,9 @@ func Test_ListenerModelBuild(t *testing.T) { }, }, { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "k8s-service2", Kind: &serviceKind, }, @@ -316,18 +315,18 @@ func Test_ListenerModelBuild(t *testing.T) { gwListenerPort: *PortNumberPtr(80), wantErrIsNil: true, k8sGetGatewayCall: false, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{}, + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{}, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef, }, @@ -344,23 +343,23 @@ func Test_ListenerModelBuild(t *testing.T) { wantErrIsNil: false, k8sGetGatewayCall: true, k8sGatewayReturnOK: false, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: §ionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef, }, @@ -376,23 +375,23 @@ func Test_ListenerModelBuild(t *testing.T) { wantErrIsNil: false, k8sGetGatewayCall: true, k8sGatewayReturnOK: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &missingSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef, }, @@ -415,36 +414,36 @@ func Test_ListenerModelBuild(t *testing.T) { stack := core.NewDefaultStack(core.StackID(k8s.NamespacedName(tt.route.K8sObject()))) if tt.k8sGetGatewayCall { - mockK8sClient.EXPECT().Get(ctx, gomock.Any(), gomock.AssignableToTypeOf(&gwv1beta1.Gateway{})).DoAndReturn( - func(ctx context.Context, gwName types.NamespacedName, gw *gwv1beta1.Gateway, arg3 ...interface{}) error { + mockK8sClient.EXPECT().Get(ctx, gomock.Any(), gomock.AssignableToTypeOf(&gwv1.Gateway{})).DoAndReturn( + func(ctx context.Context, gwName types.NamespacedName, gw *gwv1.Gateway, arg3 ...interface{}) error { if !tt.k8sGatewayReturnOK { return errors.New("unknown k8s object") } - var gwListener gwv1beta1.Listener + var gwListener gwv1.Listener switch tt.k8sGatewayListenerType { case HTTP: - gwListener = gwv1beta1.Listener{ + gwListener = gwv1.Listener{ Port: tt.gwListenerPort, Protocol: "HTTP", Name: sectionName, } case HTTPS: mode := gwv1.TLSModeTerminate - gwListener = gwv1beta1.Listener{ + gwListener = gwv1.Listener{ Port: tt.gwListenerPort, Protocol: "HTTPS", Name: sectionName, - TLS: &gwv1beta1.GatewayTLSConfig{ + TLS: &gwv1.GatewayTLSConfig{ Mode: &mode, }, } case TLS_PASSTHROUGH: mode := gwv1.TLSModePassthrough - gwListener = gwv1beta1.Listener{ + gwListener = gwv1.Listener{ Port: tt.gwListenerPort, Protocol: "TLS", Name: sectionName, - TLS: &gwv1beta1.GatewayTLSConfig{ + TLS: &gwv1.GatewayTLSConfig{ Mode: &mode, }, } diff --git a/pkg/gateway/model_build_rule.go b/pkg/gateway/model_build_rule.go index 3418b2b3..bfd1a81e 100644 --- a/pkg/gateway/model_build_rule.go +++ b/pkg/gateway/model_build_rule.go @@ -14,8 +14,6 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/vpclattice" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1 "sigs.k8s.io/gateway-api/apis/v1" model "github.com/aws/aws-application-networking-k8s/pkg/model/lattice" @@ -155,7 +153,7 @@ func (t *latticeServiceModelBuildTask) updateRuleSpecForGrpcRoute(m *core.GRPCRo return fmt.Errorf("cannot create GRPCRouteMatch for nil service and non-nil method") } switch *method.Type { - case gwv1alpha2.GRPCMethodMatchExact: + case gwv1.GRPCMethodMatchExact: if method.Service == nil { t.log.Debugf(context.TODO(), "Match all paths due to nil service and nil method") ruleSpec.PathMatchPrefix = true diff --git a/pkg/gateway/model_build_rule_test.go b/pkg/gateway/model_build_rule_test.go index dd2388a1..5c147f89 100644 --- a/pkg/gateway/model_build_rule_test.go +++ b/pkg/gateway/model_build_rule_test.go @@ -6,6 +6,11 @@ import ( "reflect" "testing" + anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" + "github.com/aws/aws-application-networking-k8s/pkg/k8s" + "github.com/aws/aws-application-networking-k8s/pkg/model/core" + model "github.com/aws/aws-application-networking-k8s/pkg/model/lattice" + "github.com/aws/aws-application-networking-k8s/pkg/utils/gwlog" "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/vpclattice" "github.com/golang/mock/gomock" @@ -16,16 +21,7 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" "k8s.io/utils/ptr" testclient "sigs.k8s.io/controller-runtime/pkg/client/fake" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" - gwv1 "sigs.k8s.io/gateway-api/apis/v1" - - anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" - "github.com/aws/aws-application-networking-k8s/pkg/k8s" - "github.com/aws/aws-application-networking-k8s/pkg/model/core" - model "github.com/aws/aws-application-networking-k8s/pkg/model/lattice" - "github.com/aws/aws-application-networking-k8s/pkg/utils/gwlog" ) type dummyTgBuilder struct { @@ -52,13 +48,13 @@ func (d *dummyTgBuilder) Build(ctx context.Context, route core.Route, backendRef } func Test_RuleModelBuild(t *testing.T) { - var httpSectionName gwv1beta1.SectionName = "http" - var serviceKind gwv1beta1.Kind = "Service" - var serviceImportKind gwv1beta1.Kind = "ServiceImport" + var httpSectionName gwv1.SectionName = "http" + var serviceKind gwv1.Kind = "Service" + var serviceImportKind gwv1.Kind = "ServiceImport" var weight1 = int32(10) var weight2 = int32(90) - var namespace = gwv1beta1.Namespace("testnamespace") - var namespace2 = gwv1beta1.Namespace("testnamespace2") + var namespace = gwv1.Namespace("testnamespace") + var namespace2 = gwv1.Namespace("testnamespace2") var path1 = "/ver1" var path2 = "/ver2" var path3 = "/ver3" @@ -66,52 +62,53 @@ func Test_RuleModelBuild(t *testing.T) { var httpPost = gwv1.HTTPMethodPost var k8sPathMatchExactType = gwv1.PathMatchExact var k8sPathMatchPrefix = gwv1.PathMatchPathPrefix - var k8sMethodMatchExactType = gwv1alpha2.GRPCMethodMatchExact + var k8sGrpcMethodMatchExactType = gwv1.GRPCMethodMatchExact var k8sHeaderExactType = gwv1.HeaderMatchExact + var k8sGrpcHeaderExactType = gwv1.GRPCHeaderMatchExact var hdr1 = "env1" var hdr1Value = "test1" var hdr2 = "env2" var hdr2Value = "test2" - var backendRef1 = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendRef1 = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup1", Kind: &serviceKind, }, Weight: &weight1, } - var backendRef2 = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendRef2 = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup2", Kind: &serviceImportKind, }, Weight: &weight2, } - var invalidBackendRef = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var invalidBackendRef = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "invalid", Kind: &serviceKind, }, Weight: &weight2, } - var backendRef1Namespace1 = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendRef1Namespace1 = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup2", Namespace: &namespace, Kind: &serviceImportKind, }, Weight: &weight2, } - var backendRef1Namespace2 = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendRef1Namespace2 = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup2", Namespace: &namespace2, Kind: &serviceImportKind, }, Weight: &weight2, } - var backendServiceImportRef = gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + var backendServiceImportRef = gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "targetgroup1", Kind: &serviceImportKind, }, @@ -126,23 +123,23 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, default service action", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -170,23 +167,23 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, default serviceimport action", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendServiceImportRef, }, @@ -217,23 +214,23 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, weighted target group", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -271,46 +268,46 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, path based target group", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchExactType, Value: &path1, }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, }, }, { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchPrefix, Value: &path2, }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef2, }, @@ -354,40 +351,40 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, method based", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { Method: &httpGet, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, }, }, { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { Method: &httpPost, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef2, }, @@ -429,61 +426,61 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, different namespace combination", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "non-default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Value: &path1, Type: &k8sPathMatchExactType, }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, }, }, { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Value: &path2, Type: &k8sPathMatchExactType, }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1Namespace1, }, }, }, { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Value: &path3, Type: &k8sPathMatchExactType, }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1Namespace2, }, @@ -543,23 +540,23 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, default service import action for GRPCRoute", wantErrIsNil: true, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1alpha2.CommonRouteSpec{ - ParentRefs: []gwv1alpha2.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendServiceImportRef, }, @@ -591,64 +588,64 @@ func Test_RuleModelBuild(t *testing.T) { { name: "rule, gRPC routes with methods and multiple namespaces", wantErrIsNil: true, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "non-default", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, Service: ptr.To("service"), Method: ptr.To("method1"), }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1, }, }, }, { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, Service: ptr.To("service"), Method: ptr.To("method2"), }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1Namespace1, }, }, }, { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, Service: ptr.To("service"), Method: ptr.To("method3"), }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1Namespace2, }, @@ -711,25 +708,25 @@ func Test_RuleModelBuild(t *testing.T) { { name: "1 header match", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Headers: []gwv1beta1.HTTPHeaderMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &k8sHeaderExactType, Name: gwv1.HTTPHeaderName(hdr1), @@ -738,7 +735,7 @@ func Test_RuleModelBuild(t *testing.T) { }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -772,25 +769,25 @@ func Test_RuleModelBuild(t *testing.T) { { name: "2 header match", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Headers: []gwv1beta1.HTTPHeaderMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &k8sHeaderExactType, Name: gwv1.HTTPHeaderName(hdr1), @@ -804,7 +801,7 @@ func Test_RuleModelBuild(t *testing.T) { }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -844,30 +841,30 @@ func Test_RuleModelBuild(t *testing.T) { { name: "2 header match with path exact", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchExactType, Value: &path1, }, - Headers: []gwv1beta1.HTTPHeaderMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &k8sHeaderExactType, Name: gwv1.HTTPHeaderName(hdr1), @@ -881,7 +878,7 @@ func Test_RuleModelBuild(t *testing.T) { }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -923,30 +920,30 @@ func Test_RuleModelBuild(t *testing.T) { { name: "2 header match with path prefix", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchPrefix, Value: &path1, }, - Headers: []gwv1beta1.HTTPHeaderMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &k8sHeaderExactType, Name: gwv1.HTTPHeaderName(hdr1), @@ -960,7 +957,7 @@ func Test_RuleModelBuild(t *testing.T) { }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -1002,30 +999,30 @@ func Test_RuleModelBuild(t *testing.T) { { name: " negative 6 header match (max headers is 5)", wantErrIsNil: false, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchExactType, Value: &path1, }, - Headers: []gwv1beta1.HTTPHeaderMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &k8sHeaderExactType, Name: gwv1.HTTPHeaderName(hdr1), @@ -1059,7 +1056,7 @@ func Test_RuleModelBuild(t *testing.T) { }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -1072,39 +1069,39 @@ func Test_RuleModelBuild(t *testing.T) { { name: "Negative, multiple methods", wantErrIsNil: false, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchExactType, Value: &path1, }, }, { - Path: &gwv1beta1.HTTPPathMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &k8sPathMatchExactType, Value: &path1, }, }, }, - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: backendRef1, }, @@ -1117,32 +1114,32 @@ func Test_RuleModelBuild(t *testing.T) { { name: "GRPC match on service and method", wantErrIsNil: true, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, Service: ptr.To("service"), Method: ptr.To("method"), }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1, }, @@ -1171,31 +1168,31 @@ func Test_RuleModelBuild(t *testing.T) { { name: "GRPC match on service", wantErrIsNil: true, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, Service: ptr.To("service"), }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1, }, @@ -1224,31 +1221,31 @@ func Test_RuleModelBuild(t *testing.T) { { name: "GRPC match on all", wantErrIsNil: true, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1, }, @@ -1277,58 +1274,58 @@ func Test_RuleModelBuild(t *testing.T) { { name: "GRPC match with 5 headers", wantErrIsNil: true, - route: core.NewGRPCRoute(gwv1alpha2.GRPCRoute{ + route: core.NewGRPCRoute(gwv1.GRPCRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ - Type: &k8sMethodMatchExactType, + Method: &gwv1.GRPCMethodMatch{ + Type: &k8sGrpcMethodMatchExactType, Service: ptr.To("service"), }, - Headers: []gwv1alpha2.GRPCHeaderMatch{ + Headers: []gwv1.GRPCHeaderMatch{ { Name: "foo1", Value: "bar1", - Type: &k8sHeaderExactType, + Type: &k8sGrpcHeaderExactType, }, { Name: "foo2", Value: "bar2", - Type: &k8sHeaderExactType, + Type: &k8sGrpcHeaderExactType, }, { Name: "foo3", Value: "bar3", - Type: &k8sHeaderExactType, + Type: &k8sGrpcHeaderExactType, }, { Name: "foo4", Value: "bar4", - Type: &k8sHeaderExactType, + Type: &k8sGrpcHeaderExactType, }, { Name: "foo5", Value: "bar5", - Type: &k8sHeaderExactType, + Type: &k8sGrpcHeaderExactType, }, }, }, }, - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { BackendRef: backendRef1, }, @@ -1389,23 +1386,23 @@ func Test_RuleModelBuild(t *testing.T) { { name: "invalid backendRef", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: invalidBackendRef, }, @@ -1434,23 +1431,23 @@ func Test_RuleModelBuild(t *testing.T) { { name: "valid and invalid backendRef", wantErrIsNil: true, - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: apimachineryv1.ObjectMeta{ Name: "service1", Namespace: "default", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gw1", SectionName: &httpSectionName, }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { BackendRef: invalidBackendRef, }, diff --git a/pkg/gateway/model_build_targetgroup_test.go b/pkg/gateway/model_build_targetgroup_test.go index 956a0c66..8142d9a2 100644 --- a/pkg/gateway/model_build_targetgroup_test.go +++ b/pkg/gateway/model_build_targetgroup_test.go @@ -6,7 +6,7 @@ import ( "strings" "testing" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" mock_client "github.com/aws/aws-application-networking-k8s/mocks/controller-runtime/client" "github.com/aws/aws-application-networking-k8s/pkg/config" @@ -275,13 +275,13 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { config.ClusterName = "cluster-name" now := metav1.Now() - namespacePtr := func(ns string) *gwv1beta1.Namespace { - p := gwv1beta1.Namespace(ns) + namespacePtr := func(ns string) *gwv1.Namespace { + p := gwv1.Namespace(ns) return &p } - kindPtr := func(k string) *gwv1beta1.Kind { - p := gwv1beta1.Kind(k) + kindPtr := func(k string) *gwv1.Kind { + p := gwv1.Kind(k) return &p } @@ -297,26 +297,26 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { }{ { name: "Add LatticeService", - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service1", Namespace: "ns1", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("ns1"), }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "service1-tg1", Namespace: namespacePtr("ns11"), Kind: kindPtr("Service"), @@ -337,28 +337,28 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { }, { name: "Delete LatticeService", - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service2", Namespace: "ns1", Finalizers: []string{"gateway.k8s.aws/resources"}, DeletionTimestamp: &now, }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("ns1"), }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "service2-tg1", Namespace: namespacePtr("ns21"), Kind: kindPtr("Service"), @@ -379,27 +379,27 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { }, { name: "Create LatticeService where backend K8S service does NOT exist", - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service3", Namespace: "ns1", Finalizers: []string{"gateway.k8s.aws/resources"}, }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("ns1"), }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "service3-tg1", Namespace: namespacePtr("ns31"), Kind: kindPtr("Service"), @@ -420,27 +420,27 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { }, { name: "Lattice Service with IPv6 Target Group", - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "service5", Namespace: "ns1", Finalizers: []string{"gateway.k8s.aws/resources"}, }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", Namespace: namespacePtr("ns1"), }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "service5-tg1", Namespace: namespacePtr("ns31"), Kind: kindPtr("Service"), @@ -469,7 +469,7 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { k8sSchema := runtime.NewScheme() clientgoscheme.AddToScheme(k8sSchema) anv1alpha1.AddToScheme(k8sSchema) - gwv1beta1.AddToScheme(k8sSchema) + gwv1.AddToScheme(k8sSchema) k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build() stack := core.NewDefaultStack(core.StackID(k8s.NamespacedName(tt.route.K8sObject()))) @@ -559,13 +559,13 @@ func Test_ServiceImportToTGBuildReturnsError(t *testing.T) { config.VpcID = "vpc-id" config.ClusterName = "cluster-name" - namespacePtr := func(ns string) *gwv1beta1.Namespace { - p := gwv1beta1.Namespace(ns) + namespacePtr := func(ns string) *gwv1.Namespace { + p := gwv1.Namespace(ns) return &p } - kindPtr := func(k string) *gwv1beta1.Kind { - p := gwv1beta1.Kind(k) + kindPtr := func(k string) *gwv1.Kind { + p := gwv1.Kind(k) return &p } @@ -575,24 +575,24 @@ func Test_ServiceImportToTGBuildReturnsError(t *testing.T) { }{ { name: "Service import does not create target group - returns error", - route: core.NewHTTPRoute(gwv1beta1.HTTPRoute{ + route: core.NewHTTPRoute(gwv1.HTTPRoute{ ObjectMeta: metav1.ObjectMeta{ Name: "serviceimport1", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ { Name: "gateway1", }, }, }, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "service1-tg2", Namespace: namespacePtr("tg1-ns1"), Kind: kindPtr("ServiceImport"), diff --git a/pkg/gateway/model_build_targets_test.go b/pkg/gateway/model_build_targets_test.go index 07b86bc0..8d021c44 100644 --- a/pkg/gateway/model_build_targets_test.go +++ b/pkg/gateway/model_build_targets_test.go @@ -14,7 +14,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" clientgoscheme "k8s.io/client-go/kubernetes/scheme" testclient "sigs.k8s.io/controller-runtime/pkg/client/fake" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/aws/aws-application-networking-k8s/pkg/model/core" @@ -25,12 +25,12 @@ import ( ) func Test_Targets(t *testing.T) { - namespacePtr := func(ns string) *gwv1beta1.Namespace { - p := gwv1beta1.Namespace(ns) + namespacePtr := func(ns string) *gwv1.Namespace { + p := gwv1.Namespace(ns) return &p } - kindPtr := func(k string) *gwv1beta1.Kind { - p := gwv1beta1.Kind(k) + kindPtr := func(k string) *gwv1.Kind { + p := gwv1.Kind(k) return &p } @@ -455,7 +455,7 @@ func Test_Targets(t *testing.T) { assert.NoError(t, k8sClient.Create(ctx, tt.svc.DeepCopy())) - br := gwv1beta1.HTTPBackendRef{} + br := gwv1.HTTPBackendRef{} br.Name = "name" br.Namespace = namespacePtr("ns") br.Kind = kindPtr("Service") diff --git a/pkg/k8s/policyhelper/kind.go b/pkg/k8s/policyhelper/kind.go index 70a260ec..7215164a 100644 --- a/pkg/k8s/policyhelper/kind.go +++ b/pkg/k8s/policyhelper/kind.go @@ -3,8 +3,8 @@ package policyhelper import ( corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" ) @@ -16,11 +16,11 @@ type GroupKind struct { func ObjToGroupKind(obj client.Object) GroupKind { switch obj.(type) { - case *gwv1beta1.Gateway: - return GroupKind{gwv1beta1.GroupName, "Gateway"} - case *gwv1beta1.HTTPRoute: - return GroupKind{gwv1beta1.GroupName, "HTTPRoute"} - case *gwv1alpha2.GRPCRoute: + case *gwv1.Gateway: + return GroupKind{gwv1.GroupName, "Gateway"} + case *gwv1.HTTPRoute: + return GroupKind{gwv1.GroupName, "HTTPRoute"} + case *gwv1.GRPCRoute: return GroupKind{gwv1alpha2.GroupName, "GRPCRoute"} case *gwv1alpha2.TCPRoute: return GroupKind{gwv1alpha2.GroupName, "TCPRoute"} @@ -42,12 +42,12 @@ func TargetRefGroupKind(tr *TargetRef) GroupKind { func GroupKindToObj(gk GroupKind) (client.Object, bool) { switch gk { - case GroupKind{gwv1beta1.GroupName, "Gateway"}: - return &gwv1beta1.Gateway{}, true - case GroupKind{gwv1beta1.GroupName, "HTTPRoute"}: - return &gwv1beta1.HTTPRoute{}, true + case GroupKind{gwv1.GroupName, "Gateway"}: + return &gwv1.Gateway{}, true + case GroupKind{gwv1.GroupName, "HTTPRoute"}: + return &gwv1.HTTPRoute{}, true case GroupKind{gwv1alpha2.GroupName, "GRPCRoute"}: - return &gwv1alpha2.GRPCRoute{}, true + return &gwv1.GRPCRoute{}, true case GroupKind{gwv1alpha2.GroupName, "TCPRoute"}: return &gwv1alpha2.TCPRoute{}, true case GroupKind{corev1.GroupName, "Service"}: diff --git a/pkg/k8s/policyhelper/kind_test.go b/pkg/k8s/policyhelper/kind_test.go index 25355953..3b5422c5 100644 --- a/pkg/k8s/policyhelper/kind_test.go +++ b/pkg/k8s/policyhelper/kind_test.go @@ -6,8 +6,7 @@ import ( "github.com/stretchr/testify/assert" corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) func TestGroupKind(t *testing.T) { @@ -17,9 +16,9 @@ func TestGroupKind(t *testing.T) { } tests := []Test{ - {&gwv1beta1.Gateway{}, GroupKind{Group: gwv1beta1.GroupName, Kind: "Gateway"}}, - {&gwv1beta1.HTTPRoute{}, GroupKind{Group: gwv1beta1.GroupName, Kind: "HTTPRoute"}}, - {&gwv1alpha2.GRPCRoute{}, GroupKind{Group: gwv1alpha2.GroupName, Kind: "GRPCRoute"}}, + {&gwv1.Gateway{}, GroupKind{Group: gwv1.GroupName, Kind: "Gateway"}}, + {&gwv1.HTTPRoute{}, GroupKind{Group: gwv1.GroupName, Kind: "HTTPRoute"}}, + {&gwv1.GRPCRoute{}, GroupKind{Group: gwv1.GroupName, Kind: "GRPCRoute"}}, {&corev1.Service{}, GroupKind{Group: corev1.GroupName, Kind: "Service"}}, } diff --git a/pkg/k8s/policyhelper/policy.go b/pkg/k8s/policyhelper/policy.go index 5f5c74c4..f944683e 100644 --- a/pkg/k8s/policyhelper/policy.go +++ b/pkg/k8s/policyhelper/policy.go @@ -16,8 +16,8 @@ import ( k8sclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/reconcile" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/aws/aws-application-networking-k8s/pkg/utils" @@ -31,7 +31,7 @@ var ( ) type ( - TargetRef = gwv1alpha2.PolicyTargetReference + TargetRef = gwv1alpha2.NamespacedPolicyTargetReference ConditionType = gwv1alpha2.PolicyConditionType ConditionReason = gwv1alpha2.PolicyConditionReason ) @@ -64,7 +64,7 @@ func NewVpcAssociationPolicyHandler(log gwlog.Logger, c k8sclient.Client) *Polic phcfg := PolicyHandlerConfig{ Log: log, Client: c, - TargetRefKinds: NewGroupKindSet(&gwv1beta1.Gateway{}), + TargetRefKinds: NewGroupKindSet(&gwv1.Gateway{}), } return NewPolicyHandler[VAP, VAPL](phcfg) } @@ -82,7 +82,7 @@ func NewIAMAuthPolicyHandler(log gwlog.Logger, c k8sclient.Client) *PolicyHandle phcfg := PolicyHandlerConfig{ Log: log, Client: c, - TargetRefKinds: NewGroupKindSet(&gwv1beta1.Gateway{}, &gwv1beta1.HTTPRoute{}, &gwv1alpha2.GRPCRoute{}), + TargetRefKinds: NewGroupKindSet(&gwv1.Gateway{}, &gwv1.HTTPRoute{}, &gwv1.GRPCRoute{}), } return NewPolicyHandler[IAP, IAPL](phcfg) } @@ -279,7 +279,7 @@ func (h *PolicyHandler[P]) watchMapFn(ctx context.Context, obj k8sclient.Object) // Checks if objects matches targetReference, returns true if they match // targetRef might not have namespace set, it should be inferred from policy itself. // In this case we assume namespace already checked -func (h *PolicyHandler[P]) targetRefMatch(obj k8sclient.Object, tr *gwv1alpha2.PolicyTargetReference) bool { +func (h *PolicyHandler[P]) targetRefMatch(obj k8sclient.Object, tr *gwv1alpha2.NamespacedPolicyTargetReference) bool { objGk := ObjToGroupKind(obj) trGk := TargetRefGroupKind(tr) return objGk == trGk && obj.GetName() == string(tr.Name) diff --git a/pkg/k8s/policyhelper/policy_test.go b/pkg/k8s/policyhelper/policy_test.go index ace28eca..b774d172 100644 --- a/pkg/k8s/policyhelper/policy_test.go +++ b/pkg/k8s/policyhelper/policy_test.go @@ -3,12 +3,10 @@ package policyhelper import ( "testing" + anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/stretchr/testify/assert" "sigs.k8s.io/controller-runtime/pkg/client" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" - - anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) func TestPolicyClient(t *testing.T) { @@ -31,9 +29,9 @@ func TestPolicyHandler(t *testing.T) { } func TestGroupKindSet(t *testing.T) { - objs := []client.Object{&gwv1beta1.Gateway{}, &gwv1beta1.HTTPRoute{}, &gwv1alpha2.GRPCRoute{}} + objs := []client.Object{&gwv1.Gateway{}, &gwv1.HTTPRoute{}, &gwv1.GRPCRoute{}} gks := NewGroupKindSet(objs...) - assert.True(t, gks.Contains(GroupKind{gwv1beta1.GroupName, "Gateway"})) - assert.True(t, gks.Contains(GroupKind{gwv1beta1.GroupName, "HTTPRoute"})) - assert.True(t, gks.Contains(GroupKind{gwv1alpha2.GroupName, "GRPCRoute"})) + assert.True(t, gks.Contains(GroupKind{gwv1.GroupName, "Gateway"})) + assert.True(t, gks.Contains(GroupKind{gwv1.GroupName, "HTTPRoute"})) + assert.True(t, gks.Contains(GroupKind{gwv1.GroupName, "GRPCRoute"})) } diff --git a/pkg/k8s/utils.go b/pkg/k8s/utils.go index ab4c47a0..8e53a927 100644 --- a/pkg/k8s/utils.go +++ b/pkg/k8s/utils.go @@ -2,14 +2,13 @@ package k8s import ( "context" - apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/types" "k8s.io/client-go/discovery" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) const AnnotationPrefix = "application-networking.k8s.aws/" @@ -22,7 +21,7 @@ func NamespacedName(obj client.Object) types.NamespacedName { } } -func NamespaceOrDefault(namespace *v1beta1.Namespace) string { +func NamespaceOrDefault(namespace *gwv1.Namespace) string { if namespace == nil { return "default" } diff --git a/pkg/model/core/grpcroute.go b/pkg/model/core/grpcroute.go index 8d76a879..6f563d08 100644 --- a/pkg/model/core/grpcroute.go +++ b/pkg/model/core/grpcroute.go @@ -7,8 +7,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/aws/aws-application-networking-k8s/pkg/utils" ) @@ -18,15 +17,15 @@ const ( ) type GRPCRoute struct { - r gwv1alpha2.GRPCRoute + r gwv1.GRPCRoute } -func NewGRPCRoute(route gwv1alpha2.GRPCRoute) *GRPCRoute { +func NewGRPCRoute(route gwv1.GRPCRoute) *GRPCRoute { return &GRPCRoute{r: route} } func GetGRPCRoute(ctx context.Context, client client.Client, routeNamespacedName types.NamespacedName) (Route, error) { - grpcRoute := &gwv1alpha2.GRPCRoute{} + grpcRoute := &gwv1.GRPCRoute{} err := client.Get(ctx, routeNamespacedName, grpcRoute) if err != nil { return nil, err @@ -35,7 +34,7 @@ func GetGRPCRoute(ctx context.Context, client client.Client, routeNamespacedName } func ListGRPCRoutes(context context.Context, client client.Client) ([]Route, error) { - routeList := &gwv1alpha2.GRPCRouteList{} + routeList := &gwv1.GRPCRouteList{} if err := client.List(context, routeList); err != nil { return nil, err } @@ -75,26 +74,26 @@ func (r *GRPCRoute) K8sObject() client.Object { return &r.r } -func (r *GRPCRoute) Inner() *gwv1alpha2.GRPCRoute { +func (r *GRPCRoute) Inner() *gwv1.GRPCRoute { return &r.r } func (r *GRPCRoute) GroupKind() metav1.GroupKind { return metav1.GroupKind{ - Group: gwv1beta1.GroupName, + Group: gwv1.GroupName, Kind: "GRPCRoute", } } type GRPCRouteSpec struct { - s gwv1alpha2.GRPCRouteSpec + s gwv1.GRPCRouteSpec } -func (s *GRPCRouteSpec) ParentRefs() []gwv1beta1.ParentReference { +func (s *GRPCRouteSpec) ParentRefs() []gwv1.ParentReference { return s.s.ParentRefs } -func (s *GRPCRouteSpec) Hostnames() []gwv1beta1.Hostname { +func (s *GRPCRouteSpec) Hostnames() []gwv1.Hostname { return s.s.Hostnames } @@ -135,20 +134,20 @@ func (s *GRPCRouteSpec) Equals(routeSpec RouteSpec) bool { } type GRPCRouteStatus struct { - s *gwv1alpha2.GRPCRouteStatus + s *gwv1.GRPCRouteStatus } -func (s *GRPCRouteStatus) Parents() []gwv1beta1.RouteParentStatus { +func (s *GRPCRouteStatus) Parents() []gwv1.RouteParentStatus { return s.s.Parents } -func (s *GRPCRouteStatus) SetParents(parents []gwv1beta1.RouteParentStatus) { +func (s *GRPCRouteStatus) SetParents(parents []gwv1.RouteParentStatus) { s.s.Parents = parents } -func (s *GRPCRouteStatus) UpdateParentRefs(parent gwv1beta1.ParentReference, controllerName gwv1beta1.GatewayController) { +func (s *GRPCRouteStatus) UpdateParentRefs(parent gwv1.ParentReference, controllerName gwv1.GatewayController) { if len(s.Parents()) == 0 { - s.SetParents(make([]gwv1beta1.RouteParentStatus, 1)) + s.SetParents(make([]gwv1.RouteParentStatus, 1)) } s.Parents()[0].ParentRef = parent @@ -160,7 +159,7 @@ func (s *GRPCRouteStatus) UpdateRouteCondition(condition metav1.Condition) { } type GRPCRouteRule struct { - r gwv1alpha2.GRPCRouteRule + r gwv1.GRPCRouteRule } func (r *GRPCRouteRule) BackendRefs() []BackendRef { @@ -209,30 +208,30 @@ func (r *GRPCRouteRule) Equals(routeRule RouteRule) bool { } type GRPCBackendRef struct { - r gwv1alpha2.GRPCBackendRef + r gwv1.GRPCBackendRef } func (r *GRPCBackendRef) Weight() *int32 { return r.r.Weight } -func (r *GRPCBackendRef) Group() *gwv1beta1.Group { +func (r *GRPCBackendRef) Group() *gwv1.Group { return r.r.Group } -func (r *GRPCBackendRef) Kind() *gwv1beta1.Kind { +func (r *GRPCBackendRef) Kind() *gwv1.Kind { return r.r.Kind } -func (r *GRPCBackendRef) Name() gwv1beta1.ObjectName { +func (r *GRPCBackendRef) Name() gwv1.ObjectName { return r.r.Name } -func (r *GRPCBackendRef) Namespace() *gwv1beta1.Namespace { +func (r *GRPCBackendRef) Namespace() *gwv1.Namespace { return r.r.Namespace } -func (r *GRPCBackendRef) Port() *gwv1beta1.PortNumber { +func (r *GRPCBackendRef) Port() *gwv1.PortNumber { return r.r.Port } @@ -262,7 +261,7 @@ func (r *GRPCBackendRef) Equals(backendRef BackendRef) bool { } type GRPCRouteMatch struct { - m gwv1alpha2.GRPCRouteMatch + m gwv1.GRPCRouteMatch } func (m *GRPCRouteMatch) Headers() []HeaderMatch { @@ -273,7 +272,7 @@ func (m *GRPCRouteMatch) Headers() []HeaderMatch { return headerMatches } -func (m *GRPCRouteMatch) Method() *gwv1alpha2.GRPCMethodMatch { +func (m *GRPCRouteMatch) Method() *gwv1.GRPCMethodMatch { return m.m.Method } @@ -297,11 +296,16 @@ func (m *GRPCRouteMatch) Equals(routeMatch RouteMatch) bool { } type GRPCHeaderMatch struct { - m gwv1alpha2.GRPCHeaderMatch + m gwv1.GRPCHeaderMatch } -func (m *GRPCHeaderMatch) Type() *gwv1beta1.HeaderMatchType { - return m.m.Type +func (m *GRPCHeaderMatch) Type() *gwv1.HeaderMatchType { + if m.m.Type == nil { + return nil + } + // at some point, these may not match up. For now, Exact and RegularExpression are shared values + hmt := gwv1.HeaderMatchType(*m.m.Type) + return &hmt } func (m *GRPCHeaderMatch) Name() string { @@ -317,8 +321,18 @@ func (m *GRPCHeaderMatch) Equals(headerMatch HeaderMatch) bool { if !ok { return false } + if m.Name() != other.Name() || + m.Value() != other.Value() { + return false + } + + mType := m.Type() + otherType := other.Type() + if (mType == nil && otherType != nil) || + (mType != nil && otherType == nil) { + return false + } - return m.Type() == other.Type() && - m.Name() == other.Name() && - m.Value() == other.Value() + return (mType == nil && otherType == nil) || + *mType == *otherType } diff --git a/pkg/model/core/grpcroute_test.go b/pkg/model/core/grpcroute_test.go index e10075f7..1a3af1fe 100644 --- a/pkg/model/core/grpcroute_test.go +++ b/pkg/model/core/grpcroute_test.go @@ -6,12 +6,11 @@ import ( "github.com/stretchr/testify/assert" "k8s.io/utils/ptr" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" ) func TestGRPCRouteSpec_Equals(t *testing.T) { - name1 := gwv1alpha2.ObjectName("name1") - name2 := gwv1alpha2.ObjectName("name2") + name1 := gwv1.ObjectName("name1") + name2 := gwv1.ObjectName("name2") tests := []struct { routeSpec1 *GRPCRouteSpec @@ -27,27 +26,27 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1alpha2.CommonRouteSpec{ - ParentRefs: []gwv1alpha2.ParentReference{ + s: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ {}, }, }, - Hostnames: []gwv1alpha2.Hostname{"example.com"}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Hostnames: []gwv1.Hostname{"example.com"}, + Rules: []gwv1.GRPCRouteRule{ {}, }, }, }, routeSpec2: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1alpha2.CommonRouteSpec{ - ParentRefs: []gwv1alpha2.ParentReference{ + s: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ {}, }, }, - Hostnames: []gwv1alpha2.Hostname{"example.com"}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Hostnames: []gwv1.Hostname{"example.com"}, + Rules: []gwv1.GRPCRouteRule{ {}, }, }, @@ -63,16 +62,16 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1alpha2.CommonRouteSpec{ - ParentRefs: []gwv1alpha2.ParentReference{{Name: "parent1"}}, + s: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{{Name: "parent1"}}, }, }, }, routeSpec2: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1alpha2.CommonRouteSpec{ - ParentRefs: []gwv1alpha2.ParentReference{{Name: "parent2"}}, + s: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{{Name: "parent2"}}, }, }, }, @@ -81,13 +80,13 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - Hostnames: []gwv1alpha2.Hostname{"example1.com"}, + s: gwv1.GRPCRouteSpec{ + Hostnames: []gwv1.Hostname{"example1.com"}, }, }, routeSpec2: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - Hostnames: []gwv1alpha2.Hostname{"example2.com"}, + s: gwv1.GRPCRouteSpec{ + Hostnames: []gwv1.Hostname{"example2.com"}, }, }, expectEqual: false, @@ -95,16 +94,16 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - Rules: []gwv1alpha2.GRPCRouteRule{ + s: gwv1.GRPCRouteSpec{ + Rules: []gwv1.GRPCRouteRule{ {}, {}, }, }, }, routeSpec2: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - Rules: []gwv1alpha2.GRPCRouteRule{ + s: gwv1.GRPCRouteSpec{ + Rules: []gwv1.GRPCRouteRule{ {}, }, }, @@ -114,13 +113,13 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - Rules: []gwv1alpha2.GRPCRouteRule{ + s: gwv1.GRPCRouteSpec{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name1, }, }, @@ -131,13 +130,13 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { }, }, routeSpec2: &GRPCRouteSpec{ - s: gwv1alpha2.GRPCRouteSpec{ - Rules: []gwv1alpha2.GRPCRouteRule{ + s: gwv1.GRPCRouteSpec{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name2, }, }, @@ -166,8 +165,8 @@ func TestGRPCRouteSpec_Equals(t *testing.T) { } func TestGRPCRouteRule_Equals(t *testing.T) { - grpcMethodMatchType1 := gwv1alpha2.GRPCMethodMatchExact - grpcMethodMatchType2 := gwv1alpha2.GRPCMethodMatchRegularExpression + grpcMethodMatchType1 := gwv1.GRPCMethodMatchExact + grpcMethodMatchType2 := gwv1.GRPCMethodMatchRegularExpression tests := []struct { routeRule1 *GRPCRouteRule @@ -183,21 +182,21 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, { routeRule1: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + r: gwv1.GRPCRouteRule{ + BackendRefs: []gwv1.GRPCBackendRef{ {}, }, - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ {}, }, }, }, routeRule2: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + r: gwv1.GRPCRouteRule{ + BackendRefs: []gwv1.GRPCBackendRef{ {}, }, - Matches: []gwv1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ {}, }, }, @@ -213,16 +212,16 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, { routeRule1: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + r: gwv1.GRPCRouteRule{ + BackendRefs: []gwv1.GRPCBackendRef{ {}, {}, }, }, }, routeRule2: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + r: gwv1.GRPCRouteRule{ + BackendRefs: []gwv1.GRPCBackendRef{ {}, }, }, @@ -232,10 +231,10 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, { routeRule1: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + r: gwv1.GRPCRouteRule{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: gwv1alpha2.BackendRef{ + BackendRef: gwv1.BackendRef{ Weight: ptr.To(int32(1)), }, }, @@ -243,10 +242,10 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, }, routeRule2: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + r: gwv1.GRPCRouteRule{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: gwv1alpha2.BackendRef{ + BackendRef: gwv1.BackendRef{ Weight: ptr.To(int32(2)), }, }, @@ -258,16 +257,16 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, { routeRule1: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - Matches: []gwv1alpha2.GRPCRouteMatch{ + r: gwv1.GRPCRouteRule{ + Matches: []gwv1.GRPCRouteMatch{ {}, {}, }, }, }, routeRule2: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - Matches: []gwv1alpha2.GRPCRouteMatch{ + r: gwv1.GRPCRouteRule{ + Matches: []gwv1.GRPCRouteMatch{ {}, }, }, @@ -277,10 +276,10 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, { routeRule1: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - Matches: []gwv1alpha2.GRPCRouteMatch{ + r: gwv1.GRPCRouteRule{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ + Method: &gwv1.GRPCMethodMatch{ Type: &grpcMethodMatchType1, }, }, @@ -288,10 +287,10 @@ func TestGRPCRouteRule_Equals(t *testing.T) { }, }, routeRule2: &GRPCRouteRule{ - r: gwv1alpha2.GRPCRouteRule{ - Matches: []gwv1alpha2.GRPCRouteMatch{ + r: gwv1.GRPCRouteRule{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &gwv1alpha2.GRPCMethodMatch{ + Method: &gwv1.GRPCMethodMatch{ Type: &grpcMethodMatchType2, }, }, @@ -319,16 +318,16 @@ func TestGRPCRouteRule_Equals(t *testing.T) { func TestGRPCBackendRef_Equals(t *testing.T) { weight1 := ptr.To(int32(1)) weight2 := ptr.To(int32(2)) - group1 := gwv1alpha2.Group("group1") - group2 := gwv1alpha2.Group("group2") - kind1 := gwv1alpha2.Kind("kind1") - kind2 := gwv1alpha2.Kind("kind2") - name1 := gwv1alpha2.ObjectName("name1") - name2 := gwv1alpha2.ObjectName("name2") - namespace1 := gwv1alpha2.Namespace("namespace1") - namespace2 := gwv1alpha2.Namespace("namespace2") - port1 := gwv1alpha2.PortNumber(1) - port2 := gwv1alpha2.PortNumber(2) + group1 := gwv1.Group("group1") + group2 := gwv1.Group("group2") + kind1 := gwv1.Kind("kind1") + kind2 := gwv1.Kind("kind2") + name1 := gwv1.ObjectName("name1") + name2 := gwv1.ObjectName("name2") + namespace1 := gwv1.Namespace("namespace1") + namespace2 := gwv1.Namespace("namespace2") + port1 := gwv1.PortNumber(1) + port2 := gwv1.PortNumber(2) tests := []struct { backendRef1 *GRPCBackendRef @@ -344,10 +343,10 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight1, - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group1, Kind: &kind1, Name: name1, @@ -358,10 +357,10 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight1, - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group1, Kind: &kind1, Name: name1, @@ -382,15 +381,15 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight1, }, }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight2, }, }, @@ -400,18 +399,18 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group1, }, }, }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group2, }, }, @@ -422,18 +421,18 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Kind: &kind1, }, }, }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Kind: &kind2, }, }, @@ -444,18 +443,18 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name1, }, }, }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name2, }, }, @@ -466,18 +465,18 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Namespace: &namespace1, }, }, }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Namespace: &namespace2, }, }, @@ -488,18 +487,18 @@ func TestGRPCBackendRef_Equals(t *testing.T) { }, { backendRef1: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Port: &port1, }, }, }, }, backendRef2: &GRPCBackendRef{ - r: gwv1alpha2.GRPCBackendRef{ - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1alpha2.BackendObjectReference{ + r: gwv1.GRPCBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Port: &port2, }, }, @@ -524,10 +523,10 @@ func TestGRPCBackendRef_Equals(t *testing.T) { } func TestGRPCHeaderMatch_Equals(t *testing.T) { - headerMatchType1 := gwv1.HeaderMatchExact - headerMatchType2 := gwv1.HeaderMatchRegularExpression - name1 := gwv1alpha2.GRPCHeaderName("name1") - name2 := gwv1alpha2.GRPCHeaderName("name2") + headerMatchType1 := gwv1.GRPCHeaderMatchExact + headerMatchType2 := gwv1.GRPCHeaderMatchRegularExpression + name1 := gwv1.GRPCHeaderName("name1") + name2 := gwv1.GRPCHeaderName("name2") value1 := "value1" value2 := "value2" @@ -545,14 +544,14 @@ func TestGRPCHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Type: &headerMatchType1, Name: name1, Value: value1, }, }, headerMatch2: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Type: &headerMatchType1, Name: name1, Value: value1, @@ -569,12 +568,12 @@ func TestGRPCHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Type: &headerMatchType1, }, }, headerMatch2: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Type: &headerMatchType2, }, }, @@ -583,12 +582,12 @@ func TestGRPCHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Name: name1, }, }, headerMatch2: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Name: name2, }, }, @@ -597,12 +596,12 @@ func TestGRPCHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Value: value1, }, }, headerMatch2: &GRPCHeaderMatch{ - m: gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCHeaderMatch{ Value: value2, }, }, @@ -625,10 +624,10 @@ func TestGRPCHeaderMatch_Equals(t *testing.T) { } func TestGRPCRouteMatch_Equals(t *testing.T) { - grpcMethodMatchType1 := gwv1alpha2.GRPCMethodMatchExact - grpcMethodMatchType2 := gwv1alpha2.GRPCMethodMatchRegularExpression - headerMatchType1 := gwv1.HeaderMatchExact - headerMatchType2 := gwv1.HeaderMatchRegularExpression + grpcMethodMatchType1 := gwv1.GRPCMethodMatchExact + grpcMethodMatchType2 := gwv1.GRPCMethodMatchRegularExpression + headerMatchType1 := gwv1.GRPCHeaderMatchExact + headerMatchType2 := gwv1.GRPCHeaderMatchRegularExpression tests := []struct { routeMatch1 *GRPCRouteMatch @@ -644,17 +643,17 @@ func TestGRPCRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Method: &gwv1alpha2.GRPCMethodMatch{}, - Headers: []gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCRouteMatch{ + Method: &gwv1.GRPCMethodMatch{}, + Headers: []gwv1.GRPCHeaderMatch{ {}, }, }, }, routeMatch2: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Method: &gwv1alpha2.GRPCMethodMatch{}, - Headers: []gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCRouteMatch{ + Method: &gwv1.GRPCMethodMatch{}, + Headers: []gwv1.GRPCHeaderMatch{ {}, }, }, @@ -670,15 +669,15 @@ func TestGRPCRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Method: &gwv1alpha2.GRPCMethodMatch{ + m: gwv1.GRPCRouteMatch{ + Method: &gwv1.GRPCMethodMatch{ Type: &grpcMethodMatchType1, }, }, }, routeMatch2: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Method: &gwv1alpha2.GRPCMethodMatch{ + m: gwv1.GRPCRouteMatch{ + Method: &gwv1.GRPCMethodMatch{ Type: &grpcMethodMatchType2, }, }, @@ -688,16 +687,16 @@ func TestGRPCRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Headers: []gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCRouteMatch{ + Headers: []gwv1.GRPCHeaderMatch{ {}, {}, }, }, }, routeMatch2: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Headers: []gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCRouteMatch{ + Headers: []gwv1.GRPCHeaderMatch{ {}, }, }, @@ -707,8 +706,8 @@ func TestGRPCRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Headers: []gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCRouteMatch{ + Headers: []gwv1.GRPCHeaderMatch{ { Type: &headerMatchType1, }, @@ -716,8 +715,8 @@ func TestGRPCRouteMatch_Equals(t *testing.T) { }, }, routeMatch2: &GRPCRouteMatch{ - m: gwv1alpha2.GRPCRouteMatch{ - Headers: []gwv1alpha2.GRPCHeaderMatch{ + m: gwv1.GRPCRouteMatch{ + Headers: []gwv1.GRPCHeaderMatch{ { Type: &headerMatchType2, }, diff --git a/pkg/model/core/httproute.go b/pkg/model/core/httproute.go index 397fdb65..775a06e7 100644 --- a/pkg/model/core/httproute.go +++ b/pkg/model/core/httproute.go @@ -7,7 +7,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/aws/aws-application-networking-k8s/pkg/utils" ) @@ -17,15 +17,15 @@ const ( ) type HTTPRoute struct { - r gwv1beta1.HTTPRoute + r gwv1.HTTPRoute } -func NewHTTPRoute(route gwv1beta1.HTTPRoute) *HTTPRoute { +func NewHTTPRoute(route gwv1.HTTPRoute) *HTTPRoute { return &HTTPRoute{r: route} } func GetHTTPRoute(ctx context.Context, client client.Client, routeNamespacedName types.NamespacedName) (Route, error) { - httpRoute := &gwv1beta1.HTTPRoute{} + httpRoute := &gwv1.HTTPRoute{} err := client.Get(ctx, routeNamespacedName, httpRoute) if err != nil { return nil, err @@ -34,7 +34,7 @@ func GetHTTPRoute(ctx context.Context, client client.Client, routeNamespacedName } func ListHTTPRoutes(context context.Context, client client.Client) ([]Route, error) { - routeList := &gwv1beta1.HTTPRouteList{} + routeList := &gwv1.HTTPRouteList{} if err := client.List(context, routeList); err != nil { return nil, err } @@ -74,26 +74,26 @@ func (r *HTTPRoute) K8sObject() client.Object { return &r.r } -func (r *HTTPRoute) Inner() *gwv1beta1.HTTPRoute { +func (r *HTTPRoute) Inner() *gwv1.HTTPRoute { return &r.r } func (r *HTTPRoute) GroupKind() metav1.GroupKind { return metav1.GroupKind{ - Group: gwv1beta1.GroupName, + Group: gwv1.GroupName, Kind: "HTTPRoute", } } type HTTPRouteSpec struct { - s gwv1beta1.HTTPRouteSpec + s gwv1.HTTPRouteSpec } -func (s *HTTPRouteSpec) ParentRefs() []gwv1beta1.ParentReference { +func (s *HTTPRouteSpec) ParentRefs() []gwv1.ParentReference { return s.s.ParentRefs } -func (s *HTTPRouteSpec) Hostnames() []gwv1beta1.Hostname { +func (s *HTTPRouteSpec) Hostnames() []gwv1.Hostname { return s.s.Hostnames } @@ -134,20 +134,20 @@ func (s *HTTPRouteSpec) Equals(routeSpec RouteSpec) bool { } type HTTPRouteStatus struct { - s *gwv1beta1.HTTPRouteStatus + s *gwv1.HTTPRouteStatus } -func (s *HTTPRouteStatus) Parents() []gwv1beta1.RouteParentStatus { +func (s *HTTPRouteStatus) Parents() []gwv1.RouteParentStatus { return s.s.Parents } -func (s *HTTPRouteStatus) SetParents(parents []gwv1beta1.RouteParentStatus) { +func (s *HTTPRouteStatus) SetParents(parents []gwv1.RouteParentStatus) { s.s.Parents = parents } -func (s *HTTPRouteStatus) UpdateParentRefs(parent gwv1beta1.ParentReference, controllerName gwv1beta1.GatewayController) { +func (s *HTTPRouteStatus) UpdateParentRefs(parent gwv1.ParentReference, controllerName gwv1.GatewayController) { if len(s.Parents()) == 0 { - s.SetParents(make([]gwv1beta1.RouteParentStatus, 1)) + s.SetParents(make([]gwv1.RouteParentStatus, 1)) } s.Parents()[0].ParentRef = parent @@ -159,7 +159,7 @@ func (s *HTTPRouteStatus) UpdateRouteCondition(condition metav1.Condition) { } type HTTPRouteRule struct { - r gwv1beta1.HTTPRouteRule + r gwv1.HTTPRouteRule } func (r *HTTPRouteRule) BackendRefs() []BackendRef { @@ -208,10 +208,10 @@ func (r *HTTPRouteRule) Equals(routeRule RouteRule) bool { } type HTTPBackendRef struct { - r gwv1beta1.HTTPBackendRef + r gwv1.HTTPBackendRef } -func NewHTTPBackendRef(r gwv1beta1.HTTPBackendRef) HTTPBackendRef { +func NewHTTPBackendRef(r gwv1.HTTPBackendRef) HTTPBackendRef { return HTTPBackendRef{r: r} } @@ -219,23 +219,23 @@ func (r *HTTPBackendRef) Weight() *int32 { return r.r.Weight } -func (r *HTTPBackendRef) Group() *gwv1beta1.Group { +func (r *HTTPBackendRef) Group() *gwv1.Group { return r.r.Group } -func (r *HTTPBackendRef) Kind() *gwv1beta1.Kind { +func (r *HTTPBackendRef) Kind() *gwv1.Kind { return r.r.Kind } -func (r *HTTPBackendRef) Name() gwv1beta1.ObjectName { +func (r *HTTPBackendRef) Name() gwv1.ObjectName { return r.r.Name } -func (r *HTTPBackendRef) Namespace() *gwv1beta1.Namespace { +func (r *HTTPBackendRef) Namespace() *gwv1.Namespace { return r.r.Namespace } -func (r *HTTPBackendRef) Port() *gwv1beta1.PortNumber { +func (r *HTTPBackendRef) Port() *gwv1.PortNumber { return r.r.Port } @@ -265,7 +265,7 @@ func (r *HTTPBackendRef) Equals(backendRef BackendRef) bool { } type HTTPRouteMatch struct { - m gwv1beta1.HTTPRouteMatch + m gwv1.HTTPRouteMatch } func (m *HTTPRouteMatch) Headers() []HeaderMatch { @@ -276,15 +276,15 @@ func (m *HTTPRouteMatch) Headers() []HeaderMatch { return headerMatches } -func (m *HTTPRouteMatch) Path() *gwv1beta1.HTTPPathMatch { +func (m *HTTPRouteMatch) Path() *gwv1.HTTPPathMatch { return m.m.Path } -func (m *HTTPRouteMatch) QueryParams() []gwv1beta1.HTTPQueryParamMatch { +func (m *HTTPRouteMatch) QueryParams() []gwv1.HTTPQueryParamMatch { return m.m.QueryParams } -func (m *HTTPRouteMatch) Method() *gwv1beta1.HTTPMethod { +func (m *HTTPRouteMatch) Method() *gwv1.HTTPMethod { return m.m.Method } @@ -320,10 +320,10 @@ func (m *HTTPRouteMatch) Equals(routeMatch RouteMatch) bool { } type HTTPHeaderMatch struct { - m gwv1beta1.HTTPHeaderMatch + m gwv1.HTTPHeaderMatch } -func (m *HTTPHeaderMatch) Type() *gwv1beta1.HeaderMatchType { +func (m *HTTPHeaderMatch) Type() *gwv1.HeaderMatchType { return m.m.Type } diff --git a/pkg/model/core/httproute_test.go b/pkg/model/core/httproute_test.go index 7bc02124..c89515ce 100644 --- a/pkg/model/core/httproute_test.go +++ b/pkg/model/core/httproute_test.go @@ -6,12 +6,11 @@ import ( "github.com/stretchr/testify/assert" "k8s.io/utils/ptr" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) func TestHTTPRouteSpec_Equals(t *testing.T) { - name1 := gwv1beta1.ObjectName("name1") - name2 := gwv1beta1.ObjectName("name2") + name1 := gwv1.ObjectName("name1") + name2 := gwv1.ObjectName("name2") tests := []struct { routeSpec1 *HTTPRouteSpec @@ -27,27 +26,27 @@ func TestHTTPRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + s: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ {}, }, }, - Hostnames: []gwv1beta1.Hostname{"example.com"}, - Rules: []gwv1beta1.HTTPRouteRule{ + Hostnames: []gwv1.Hostname{"example.com"}, + Rules: []gwv1.HTTPRouteRule{ {}, }, }, }, routeSpec2: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{ + s: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{ {}, }, }, - Hostnames: []gwv1beta1.Hostname{"example.com"}, - Rules: []gwv1beta1.HTTPRouteRule{ + Hostnames: []gwv1.Hostname{"example.com"}, + Rules: []gwv1.HTTPRouteRule{ {}, }, }, @@ -63,16 +62,16 @@ func TestHTTPRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{{Name: "parent1"}}, + s: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{{Name: "parent1"}}, }, }, }, routeSpec2: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ - ParentRefs: []gwv1beta1.ParentReference{{Name: "parent2"}}, + s: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ + ParentRefs: []gwv1.ParentReference{{Name: "parent2"}}, }, }, }, @@ -81,13 +80,13 @@ func TestHTTPRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - Hostnames: []gwv1beta1.Hostname{"example1.com"}, + s: gwv1.HTTPRouteSpec{ + Hostnames: []gwv1.Hostname{"example1.com"}, }, }, routeSpec2: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - Hostnames: []gwv1beta1.Hostname{"example2.com"}, + s: gwv1.HTTPRouteSpec{ + Hostnames: []gwv1.Hostname{"example2.com"}, }, }, expectEqual: false, @@ -95,16 +94,16 @@ func TestHTTPRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - Rules: []gwv1beta1.HTTPRouteRule{ + s: gwv1.HTTPRouteSpec{ + Rules: []gwv1.HTTPRouteRule{ {}, {}, }, }, }, routeSpec2: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - Rules: []gwv1beta1.HTTPRouteRule{ + s: gwv1.HTTPRouteSpec{ + Rules: []gwv1.HTTPRouteRule{ {}, }, }, @@ -114,13 +113,13 @@ func TestHTTPRouteSpec_Equals(t *testing.T) { }, { routeSpec1: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - Rules: []gwv1beta1.HTTPRouteRule{ + s: gwv1.HTTPRouteSpec{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name1, }, }, @@ -131,13 +130,13 @@ func TestHTTPRouteSpec_Equals(t *testing.T) { }, }, routeSpec2: &HTTPRouteSpec{ - s: gwv1beta1.HTTPRouteSpec{ - Rules: []gwv1beta1.HTTPRouteRule{ + s: gwv1.HTTPRouteSpec{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name2, }, }, @@ -183,21 +182,21 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, { routeRule1: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - BackendRefs: []gwv1beta1.HTTPBackendRef{ + r: gwv1.HTTPRouteRule{ + BackendRefs: []gwv1.HTTPBackendRef{ {}, }, - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ {}, }, }, }, routeRule2: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - BackendRefs: []gwv1beta1.HTTPBackendRef{ + r: gwv1.HTTPRouteRule{ + BackendRefs: []gwv1.HTTPBackendRef{ {}, }, - Matches: []gwv1beta1.HTTPRouteMatch{ + Matches: []gwv1.HTTPRouteMatch{ {}, }, }, @@ -213,16 +212,16 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, { routeRule1: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - BackendRefs: []gwv1beta1.HTTPBackendRef{ + r: gwv1.HTTPRouteRule{ + BackendRefs: []gwv1.HTTPBackendRef{ {}, {}, }, }, }, routeRule2: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - BackendRefs: []gwv1beta1.HTTPBackendRef{ + r: gwv1.HTTPRouteRule{ + BackendRefs: []gwv1.HTTPBackendRef{ {}, }, }, @@ -232,10 +231,10 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, { routeRule1: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - BackendRefs: []gwv1beta1.HTTPBackendRef{ + r: gwv1.HTTPRouteRule{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ + BackendRef: gwv1.BackendRef{ Weight: ptr.To(int32(1)), }, }, @@ -243,10 +242,10 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, }, routeRule2: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - BackendRefs: []gwv1beta1.HTTPBackendRef{ + r: gwv1.HTTPRouteRule{ + BackendRefs: []gwv1.HTTPBackendRef{ { - BackendRef: gwv1beta1.BackendRef{ + BackendRef: gwv1.BackendRef{ Weight: ptr.To(int32(2)), }, }, @@ -258,16 +257,16 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, { routeRule1: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - Matches: []gwv1beta1.HTTPRouteMatch{ + r: gwv1.HTTPRouteRule{ + Matches: []gwv1.HTTPRouteMatch{ {}, {}, }, }, }, routeRule2: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - Matches: []gwv1beta1.HTTPRouteMatch{ + r: gwv1.HTTPRouteRule{ + Matches: []gwv1.HTTPRouteMatch{ {}, }, }, @@ -277,8 +276,8 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, { routeRule1: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - Matches: []gwv1beta1.HTTPRouteMatch{ + r: gwv1.HTTPRouteRule{ + Matches: []gwv1.HTTPRouteMatch{ { Method: &httpMethod1, }, @@ -286,8 +285,8 @@ func TestHTTPRouteRule_Equals(t *testing.T) { }, }, routeRule2: &HTTPRouteRule{ - r: gwv1beta1.HTTPRouteRule{ - Matches: []gwv1beta1.HTTPRouteMatch{ + r: gwv1.HTTPRouteRule{ + Matches: []gwv1.HTTPRouteMatch{ { Method: &httpMethod2, }, @@ -315,16 +314,16 @@ func TestHTTPRouteRule_Equals(t *testing.T) { func TestHTTPBackendRef_Equals(t *testing.T) { weight1 := ptr.To(int32(1)) weight2 := ptr.To(int32(2)) - group1 := gwv1beta1.Group("group1") - group2 := gwv1beta1.Group("group2") - kind1 := gwv1beta1.Kind("kind1") - kind2 := gwv1beta1.Kind("kind2") - name1 := gwv1beta1.ObjectName("name1") - name2 := gwv1beta1.ObjectName("name2") - namespace1 := gwv1beta1.Namespace("namespace1") - namespace2 := gwv1beta1.Namespace("namespace2") - port1 := gwv1beta1.PortNumber(1) - port2 := gwv1beta1.PortNumber(2) + group1 := gwv1.Group("group1") + group2 := gwv1.Group("group2") + kind1 := gwv1.Kind("kind1") + kind2 := gwv1.Kind("kind2") + name1 := gwv1.ObjectName("name1") + name2 := gwv1.ObjectName("name2") + namespace1 := gwv1.Namespace("namespace1") + namespace2 := gwv1.Namespace("namespace2") + port1 := gwv1.PortNumber(1) + port2 := gwv1.PortNumber(2) tests := []struct { backendRef1 *HTTPBackendRef @@ -340,10 +339,10 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight1, - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group1, Kind: &kind1, Name: name1, @@ -354,10 +353,10 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight1, - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group1, Kind: &kind1, Name: name1, @@ -378,15 +377,15 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight1, }, }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ Weight: weight2, }, }, @@ -396,18 +395,18 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group1, }, }, }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Group: &group2, }, }, @@ -418,18 +417,18 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Kind: &kind1, }, }, }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Kind: &kind2, }, }, @@ -440,18 +439,18 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name1, }, }, }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: name2, }, }, @@ -462,18 +461,18 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Namespace: &namespace1, }, }, }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Namespace: &namespace2, }, }, @@ -484,18 +483,18 @@ func TestHTTPBackendRef_Equals(t *testing.T) { }, { backendRef1: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Port: &port1, }, }, }, }, backendRef2: &HTTPBackendRef{ - r: gwv1beta1.HTTPBackendRef{ - BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + r: gwv1.HTTPBackendRef{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Port: &port2, }, }, @@ -541,14 +540,14 @@ func TestHTTPHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Type: &headerMatchType1, Name: name1, Value: value1, }, }, headerMatch2: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Type: &headerMatchType1, Name: name1, Value: value1, @@ -565,12 +564,12 @@ func TestHTTPHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Type: &headerMatchType1, }, }, headerMatch2: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Type: &headerMatchType2, }, }, @@ -579,12 +578,12 @@ func TestHTTPHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Name: name1, }, }, headerMatch2: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Name: name2, }, }, @@ -593,12 +592,12 @@ func TestHTTPHeaderMatch_Equals(t *testing.T) { }, { headerMatch1: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Value: value1, }, }, headerMatch2: &HTTPHeaderMatch{ - m: gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPHeaderMatch{ Value: value2, }, }, @@ -644,24 +643,24 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Path: &gwv1beta1.HTTPPathMatch{}, - Headers: []gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPRouteMatch{ + Path: &gwv1.HTTPPathMatch{}, + Headers: []gwv1.HTTPHeaderMatch{ {}, }, - QueryParams: []gwv1beta1.HTTPQueryParamMatch{ + QueryParams: []gwv1.HTTPQueryParamMatch{ {}, }, Method: &httpMethod1, }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Path: &gwv1beta1.HTTPPathMatch{}, - Headers: []gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPRouteMatch{ + Path: &gwv1.HTTPPathMatch{}, + Headers: []gwv1.HTTPHeaderMatch{ {}, }, - QueryParams: []gwv1beta1.HTTPQueryParamMatch{ + QueryParams: []gwv1.HTTPQueryParamMatch{ {}, }, Method: &httpMethod1, @@ -678,15 +677,15 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Path: &gwv1beta1.HTTPPathMatch{ + m: gwv1.HTTPRouteMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &pathMatchType1, }, }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Path: &gwv1beta1.HTTPPathMatch{ + m: gwv1.HTTPRouteMatch{ + Path: &gwv1.HTTPPathMatch{ Type: &pathMatchType2, }, }, @@ -696,16 +695,16 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Headers: []gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPRouteMatch{ + Headers: []gwv1.HTTPHeaderMatch{ {}, {}, }, }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Headers: []gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPRouteMatch{ + Headers: []gwv1.HTTPHeaderMatch{ {}, }, }, @@ -715,8 +714,8 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Headers: []gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPRouteMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &headerMatchType1, }, @@ -724,8 +723,8 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - Headers: []gwv1beta1.HTTPHeaderMatch{ + m: gwv1.HTTPRouteMatch{ + Headers: []gwv1.HTTPHeaderMatch{ { Type: &headerMatchType2, }, @@ -737,16 +736,16 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - QueryParams: []gwv1beta1.HTTPQueryParamMatch{ + m: gwv1.HTTPRouteMatch{ + QueryParams: []gwv1.HTTPQueryParamMatch{ {}, {}, }, }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - QueryParams: []gwv1beta1.HTTPQueryParamMatch{ + m: gwv1.HTTPRouteMatch{ + QueryParams: []gwv1.HTTPQueryParamMatch{ {}, }, }, @@ -756,8 +755,8 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - QueryParams: []gwv1beta1.HTTPQueryParamMatch{ + m: gwv1.HTTPRouteMatch{ + QueryParams: []gwv1.HTTPQueryParamMatch{ { Type: &queryParamMatchType1, }, @@ -765,8 +764,8 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ - QueryParams: []gwv1beta1.HTTPQueryParamMatch{ + m: gwv1.HTTPRouteMatch{ + QueryParams: []gwv1.HTTPQueryParamMatch{ { Type: &queryParamMatchType2, }, @@ -778,12 +777,12 @@ func TestHTTPRouteMatch_Equals(t *testing.T) { }, { routeMatch1: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ + m: gwv1.HTTPRouteMatch{ Method: &httpMethod1, }, }, routeMatch2: &HTTPRouteMatch{ - m: gwv1beta1.HTTPRouteMatch{ + m: gwv1.HTTPRouteMatch{ Method: &httpMethod2, }, }, diff --git a/pkg/model/core/policy.go b/pkg/model/core/policy.go index 4f675e2f..b85cc661 100644 --- a/pkg/model/core/policy.go +++ b/pkg/model/core/policy.go @@ -10,7 +10,7 @@ import ( type Policy interface { client.Object GetNamespacedName() types.NamespacedName - GetTargetRef() *gwv1alpha2.PolicyTargetReference + GetTargetRef() *gwv1alpha2.NamespacedPolicyTargetReference GetStatusConditions() []apimachineryv1.Condition SetStatusConditions(conditions []apimachineryv1.Condition) } diff --git a/pkg/model/core/route.go b/pkg/model/core/route.go index d9b79604..462422d5 100644 --- a/pkg/model/core/route.go +++ b/pkg/model/core/route.go @@ -9,7 +9,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) type RouteType string @@ -28,10 +27,8 @@ type Route interface { func NewRoute(object client.Object) (Route, error) { switch obj := object.(type) { case *gwv1.HTTPRoute: - return NewHTTPRoute(gwv1beta1.HTTPRoute(*obj)), nil - case *gwv1beta1.HTTPRoute: return NewHTTPRoute(*obj), nil - case *gwv1alpha2.GRPCRoute: + case *gwv1.GRPCRoute: return NewGRPCRoute(*obj), nil case *gwv1alpha2.TLSRoute: return NewTLSRoute((*obj)), nil @@ -62,16 +59,16 @@ func ListAllRoutes(context context.Context, client client.Client) ([]Route, erro } type RouteSpec interface { - ParentRefs() []gwv1beta1.ParentReference - Hostnames() []gwv1beta1.Hostname + ParentRefs() []gwv1.ParentReference + Hostnames() []gwv1.Hostname Rules() []RouteRule Equals(routeSpec RouteSpec) bool } type RouteStatus interface { - Parents() []gwv1beta1.RouteParentStatus - SetParents(parents []gwv1beta1.RouteParentStatus) - UpdateParentRefs(parent gwv1beta1.ParentReference, controllerName gwv1beta1.GatewayController) + Parents() []gwv1.RouteParentStatus + SetParents(parents []gwv1.RouteParentStatus) + UpdateParentRefs(parent gwv1.ParentReference, controllerName gwv1.GatewayController) UpdateRouteCondition(condition metav1.Condition) } @@ -83,11 +80,11 @@ type RouteRule interface { type BackendRef interface { Weight() *int32 - Group() *gwv1beta1.Group - Kind() *gwv1beta1.Kind - Name() gwv1beta1.ObjectName - Namespace() *gwv1beta1.Namespace - Port() *gwv1beta1.PortNumber + Group() *gwv1.Group + Kind() *gwv1.Kind + Name() gwv1.ObjectName + Namespace() *gwv1.Namespace + Port() *gwv1.PortNumber Equals(backendRef BackendRef) bool } @@ -97,7 +94,7 @@ type RouteMatch interface { } type HeaderMatch interface { - Type() *gwv1beta1.HeaderMatchType + Type() *gwv1.HeaderMatchType Name() string Value() string Equals(headerMatch HeaderMatch) bool diff --git a/pkg/model/core/tlsroute.go b/pkg/model/core/tlsroute.go index 35faa16b..0c984ed2 100644 --- a/pkg/model/core/tlsroute.go +++ b/pkg/model/core/tlsroute.go @@ -7,8 +7,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" "github.com/aws/aws-application-networking-k8s/pkg/utils" ) @@ -82,7 +82,7 @@ func (r *TLSRoute) Inner() *gwv1alpha2.TLSRoute { func (r *TLSRoute) GroupKind() metav1.GroupKind { return metav1.GroupKind{ - Group: gwv1beta1.GroupName, + Group: gwv1.GroupName, Kind: TlsRouteKind, } } @@ -91,11 +91,11 @@ type TLSRouteSpec struct { s gwv1alpha2.TLSRouteSpec } -func (s *TLSRouteSpec) ParentRefs() []gwv1beta1.ParentReference { +func (s *TLSRouteSpec) ParentRefs() []gwv1.ParentReference { return s.s.ParentRefs } -func (s *TLSRouteSpec) Hostnames() []gwv1beta1.Hostname { +func (s *TLSRouteSpec) Hostnames() []gwv1.Hostname { return s.s.Hostnames } @@ -139,17 +139,17 @@ type TLSRouteStatus struct { s *gwv1alpha2.TLSRouteStatus } -func (s *TLSRouteStatus) Parents() []gwv1beta1.RouteParentStatus { +func (s *TLSRouteStatus) Parents() []gwv1.RouteParentStatus { return s.s.Parents } -func (s *TLSRouteStatus) SetParents(parents []gwv1beta1.RouteParentStatus) { +func (s *TLSRouteStatus) SetParents(parents []gwv1.RouteParentStatus) { s.s.Parents = parents } -func (s *TLSRouteStatus) UpdateParentRefs(parent gwv1beta1.ParentReference, controllerName gwv1beta1.GatewayController) { +func (s *TLSRouteStatus) UpdateParentRefs(parent gwv1.ParentReference, controllerName gwv1.GatewayController) { if len(s.Parents()) == 0 { - s.SetParents(make([]gwv1beta1.RouteParentStatus, 1)) + s.SetParents(make([]gwv1.RouteParentStatus, 1)) } s.Parents()[0].ParentRef = parent @@ -208,30 +208,30 @@ func (r *TLSRouteRule) Equals(routeRule RouteRule) bool { } type TLSBackendRef struct { - r gwv1alpha2.BackendRef + r gwv1.BackendRef } func (r *TLSBackendRef) Weight() *int32 { return r.r.Weight } -func (r *TLSBackendRef) Group() *gwv1beta1.Group { +func (r *TLSBackendRef) Group() *gwv1.Group { return r.r.Group } -func (r *TLSBackendRef) Kind() *gwv1beta1.Kind { +func (r *TLSBackendRef) Kind() *gwv1.Kind { return r.r.Kind } -func (r *TLSBackendRef) Name() gwv1beta1.ObjectName { +func (r *TLSBackendRef) Name() gwv1.ObjectName { return r.r.Name } -func (r *TLSBackendRef) Namespace() *gwv1beta1.Namespace { +func (r *TLSBackendRef) Namespace() *gwv1.Namespace { return r.r.Namespace } -func (r *TLSBackendRef) Port() *gwv1beta1.PortNumber { +func (r *TLSBackendRef) Port() *gwv1.PortNumber { return r.r.Port } diff --git a/pkg/model/core/tlsroute_test.go b/pkg/model/core/tlsroute_test.go index 5b891ba6..e2c0d1ee 100644 --- a/pkg/model/core/tlsroute_test.go +++ b/pkg/model/core/tlsroute_test.go @@ -31,7 +31,7 @@ func TestTLSRouteSpec_Equals(t *testing.T) { Hostnames: []gwv1alpha2.Hostname{"example.com"}, Rules: []gwv1alpha2.TLSRouteRule{ { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: "service1", @@ -54,7 +54,7 @@ func TestTLSRouteSpec_Equals(t *testing.T) { Hostnames: []gwv1alpha2.Hostname{"example.com"}, Rules: []gwv1alpha2.TLSRouteRule{ { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: "service1", @@ -105,7 +105,7 @@ func TestTLSRouteSpec_Equals(t *testing.T) { s: gwv1alpha2.TLSRouteSpec{ Rules: []gwv1alpha2.TLSRouteRule{ { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: "service1", @@ -120,7 +120,7 @@ func TestTLSRouteSpec_Equals(t *testing.T) { s: gwv1alpha2.TLSRouteSpec{ Rules: []gwv1alpha2.TLSRouteRule{ { - BackendRefs: []gwv1alpha2.BackendRef{ + BackendRefs: []gwv1.BackendRef{ { BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: "service2", @@ -188,7 +188,7 @@ func TestTLSRouteBackendRef_Equals(t *testing.T) { { description: "es are equal", backendRef1: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ Weight: weight1, BackendObjectReference: gwv1alpha2.BackendObjectReference{ Group: &group1, @@ -201,7 +201,7 @@ func TestTLSRouteBackendRef_Equals(t *testing.T) { }, backendRef2: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ Weight: weight1, BackendObjectReference: gwv1alpha2.BackendObjectReference{ Group: &group1, @@ -237,14 +237,14 @@ func TestTLSRouteBackendRef_Equals(t *testing.T) { { description: "Instances with different groups are not equal", backendRef1: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Group: &group1, }, }, }, backendRef2: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Group: &group2, }, @@ -255,14 +255,14 @@ func TestTLSRouteBackendRef_Equals(t *testing.T) { { description: "Instances with different kinds are not equal", backendRef1: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Kind: &kind1, }, }, }, backendRef2: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Kind: &kind2, }, @@ -273,14 +273,14 @@ func TestTLSRouteBackendRef_Equals(t *testing.T) { { description: "Instance with different Names are not equal", backendRef1: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: name1, }, }, }, backendRef2: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: name2, }, @@ -291,14 +291,14 @@ func TestTLSRouteBackendRef_Equals(t *testing.T) { { description: "Instance with different Namespaces are not equal", backendRef1: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: gwv1.ObjectName(namespace1), }, }, }, backendRef2: &TLSBackendRef{ - r: gwv1alpha2.BackendRef{ + r: gwv1.BackendRef{ BackendObjectReference: gwv1alpha2.BackendObjectReference{ Name: gwv1.ObjectName(namespace2), }, diff --git a/pkg/utils/common.go b/pkg/utils/common.go index eda54083..c6f0582e 100644 --- a/pkg/utils/common.go +++ b/pkg/utils/common.go @@ -65,7 +65,7 @@ func LatticeServiceName(k8sSourceRouteName string, k8sSourceRouteNamespace strin } func TargetRefToLatticeResourceName( - targetRef *gwv1alpha2.PolicyTargetReference, + targetRef *gwv1alpha2.NamespacedPolicyTargetReference, parentNamespace string, ) (string, error) { // For Service Network, the name is just the Gateway's name. diff --git a/pkg/webhook/core/mutating_handler.go b/pkg/webhook/core/mutating_handler.go index 778ad1cd..bd095158 100644 --- a/pkg/webhook/core/mutating_handler.go +++ b/pkg/webhook/core/mutating_handler.go @@ -12,10 +12,10 @@ import ( type mutatingHandler struct { log gwlog.Logger mutator Mutator - decoder *admission.Decoder + decoder admission.Decoder } -func (h *mutatingHandler) SetDecoder(d *admission.Decoder) { +func (h *mutatingHandler) SetDecoder(d admission.Decoder) { h.decoder = d } diff --git a/pkg/webhook/core/mutating_handler_test.go b/pkg/webhook/core/mutating_handler_test.go index fecb95cf..9b342e49 100644 --- a/pkg/webhook/core/mutating_handler_test.go +++ b/pkg/webhook/core/mutating_handler_test.go @@ -22,17 +22,19 @@ func Test_mutatingHandler_InjectDecoder(t *testing.T) { h := mutatingHandler{ decoder: nil, } - decoder := &admission.Decoder{} + scheme := runtime.NewScheme() + clientgoscheme.AddToScheme(scheme) + decoder := admission.NewDecoder(scheme) h.SetDecoder(decoder) assert.Equal(t, decoder, h.decoder) } func Test_mutatingHandler_Handle(t *testing.T) { - schema := runtime.NewScheme() - clientgoscheme.AddToScheme(schema) + scheme := runtime.NewScheme() + clientgoscheme.AddToScheme(scheme) // k8sDecoder knows k8s objects - decoder := admission.NewDecoder(schema) + decoder := admission.NewDecoder(scheme) patchTypeJSONPatch := admissionv1.PatchTypeJSONPatch initialPod := &corev1.Pod{ @@ -68,7 +70,7 @@ func Test_mutatingHandler_Handle(t *testing.T) { mutatorPrototype func(req admission.Request) (runtime.Object, error) mutatorMutateCreate func(ctx context.Context, obj runtime.Object) (runtime.Object, error) mutatorMutateUpdate func(ctx context.Context, obj runtime.Object, oldObj runtime.Object) (runtime.Object, error) - decoder *admission.Decoder + decoder admission.Decoder } type args struct { req admission.Request diff --git a/pkg/webhook/pod_mutator_test.go b/pkg/webhook/pod_mutator_test.go index 37a46842..060083fb 100644 --- a/pkg/webhook/pod_mutator_test.go +++ b/pkg/webhook/pod_mutator_test.go @@ -11,15 +11,13 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" testclient "sigs.k8s.io/controller-runtime/pkg/client/fake" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" "testing" ) func Test_ReadinessGateInjection(t *testing.T) { - var serviceKind gwv1beta1.Kind = "Service" - var gwNamespace = gwv1beta1.Namespace("gw-namespace") - var svcNamespace = gwv1beta1.Namespace("test") + var serviceKind gwv1.Kind = "Service" + var gwNamespace = gwv1.Namespace("gw-namespace") + var svcNamespace = gwv1.Namespace("test") tests := []struct { name string @@ -27,10 +25,10 @@ func Test_ReadinessGateInjection(t *testing.T) { performUpdate bool pod corev1.Pod services []corev1.Service - httpRoutes []gwv1beta1.HTTPRoute + httpRoutes []gwv1.HTTPRoute v1HttpRoutes []gwv1.HTTPRoute - grpcRoutes []gwv1alpha2.GRPCRoute - gateways []gwv1beta1.Gateway + grpcRoutes []gwv1.GRPCRoute + gateways []gwv1.Gateway svcExport *anv1alpha1.ServiceExport expectedConditionTypes []corev1.PodConditionType }{ @@ -58,20 +56,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -81,13 +79,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -120,20 +118,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - grpcRoutes: []gwv1alpha2.GRPCRoute{ + grpcRoutes: []gwv1.GRPCRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.GRPCBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -143,13 +141,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -219,23 +217,23 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "route-namespace", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ { Name: "gw-1", Namespace: &gwNamespace, }, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Namespace: &svcNamespace, Kind: &serviceKind, @@ -246,13 +244,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: string(gwNamespace), }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -285,22 +283,22 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "route-namespace", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ { Name: "gw-1", }, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -310,13 +308,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: string(gwNamespace), }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -386,13 +384,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -423,20 +421,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -472,20 +470,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -495,13 +493,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "some-other-gateway-type", }, }, @@ -532,20 +530,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - grpcRoutes: []gwv1alpha2.GRPCRoute{ + grpcRoutes: []gwv1.GRPCRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.GRPCBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -555,13 +553,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "other-gateway-type", }, }, @@ -630,20 +628,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -653,13 +651,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -693,20 +691,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -716,20 +714,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - grpcRoutes: []gwv1alpha2.GRPCRoute{ + grpcRoutes: []gwv1.GRPCRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.GRPCBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -739,13 +737,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -789,20 +787,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -812,20 +810,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - grpcRoutes: []gwv1alpha2.GRPCRoute{ + grpcRoutes: []gwv1.GRPCRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.GRPCBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-2", Kind: &serviceKind, }, @@ -835,13 +833,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -885,20 +883,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "not-a-real-service", Kind: &serviceKind, }, @@ -908,20 +906,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - grpcRoutes: []gwv1alpha2.GRPCRoute{ + grpcRoutes: []gwv1.GRPCRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1alpha2.GRPCRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1alpha2.GRPCRouteRule{ + Rules: []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.GRPCBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "not-a-real-service-2", Kind: &serviceKind, }, @@ -931,13 +929,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -969,20 +967,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -992,13 +990,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -1030,20 +1028,20 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - httpRoutes: []gwv1beta1.HTTPRoute{ + httpRoutes: []gwv1.HTTPRoute{ { ObjectMeta: metav1.ObjectMeta{ Name: "http-route-1", Namespace: "test", }, - Spec: gwv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gwv1beta1.CommonRouteSpec{ParentRefs: []gwv1beta1.ParentReference{ + Spec: gwv1.HTTPRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ParentRefs: []gwv1.ParentReference{ {Name: "gw-1"}, }}, - Rules: []gwv1beta1.HTTPRouteRule{ + Rules: []gwv1.HTTPRouteRule{ { - BackendRefs: []gwv1beta1.HTTPBackendRef{{BackendRef: gwv1beta1.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRefs: []gwv1.HTTPBackendRef{{BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: "svc-1", Kind: &serviceKind, }, @@ -1053,13 +1051,13 @@ func Test_ReadinessGateInjection(t *testing.T) { }, }, }, - gateways: []gwv1beta1.Gateway{ + gateways: []gwv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Name: "gw-1", Namespace: "test", }, - Spec: gwv1beta1.GatewaySpec{ + Spec: gwv1.GatewaySpec{ GatewayClassName: "amazon-vpc-lattice", }, }, @@ -1075,18 +1073,17 @@ func Test_ReadinessGateInjection(t *testing.T) { k8sScheme := runtime.NewScheme() clientgoscheme.AddToScheme(k8sScheme) gwv1.AddToScheme(k8sScheme) - gwv1beta1.AddToScheme(k8sScheme) - gwv1alpha2.AddToScheme(k8sScheme) + gwv1.AddToScheme(k8sScheme) anv1alpha1.AddToScheme(k8sScheme) k8sClient := testclient.NewClientBuilder().WithScheme(k8sScheme).Build() - gwClass := &gwv1beta1.GatewayClass{ + gwClass := &gwv1.GatewayClass{ ObjectMeta: metav1.ObjectMeta{ Name: "amazon-vpc-lattice", Namespace: "default", }, - Spec: gwv1beta1.GatewayClassSpec{ + Spec: gwv1.GatewayClassSpec{ ControllerName: "application-networking.k8s.aws/gateway-api-controller", }, } diff --git a/pkg/webhook/pod_readiness_gate_injector.go b/pkg/webhook/pod_readiness_gate_injector.go index 98f5d2a9..39556885 100644 --- a/pkg/webhook/pod_readiness_gate_injector.go +++ b/pkg/webhook/pod_readiness_gate_injector.go @@ -12,8 +12,7 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) const ( @@ -103,16 +102,16 @@ func (m *PodReadinessGateInjector) requiresReadinessGate(ctx context.Context, po func (m *PodReadinessGateInjector) listAllRoutes(ctx context.Context) []core.Route { // fetch all routes in all namespaces - backendRefs can reference other namespaces var routes []core.Route - httpRouteList := &gwv1beta1.HTTPRouteList{} + httpRouteList := &gwv1.HTTPRouteList{} err := m.k8sClient.List(ctx, httpRouteList) if err != nil { - m.log.Errorf(ctx, "Error fetching beta1 HTTPRoutes: %s", err) + m.log.Errorf(ctx, "Error fetching HTTPRoutes: %s", err) } for _, k8sRoute := range httpRouteList.Items { routes = append(routes, core.NewHTTPRoute(k8sRoute)) } - grpcRouteList := &gwv1alpha2.GRPCRouteList{} + grpcRouteList := &gwv1.GRPCRouteList{} err = m.k8sClient.List(ctx, grpcRouteList) if err != nil { m.log.Errorf(ctx, "Error fetching GRPCRoutes: %s", err) @@ -180,7 +179,7 @@ func (m *PodReadinessGateInjector) routeHasLatticeGateway(ctx context.Context, r return false } - gw := &gwv1beta1.Gateway{} + gw := &gwv1.Gateway{} gwNamespace := route.Namespace() if route.Spec().ParentRefs()[0].Namespace != nil { gwNamespace = string(*route.Spec().ParentRefs()[0].Namespace) @@ -197,7 +196,7 @@ func (m *PodReadinessGateInjector) routeHasLatticeGateway(ctx context.Context, r } // make sure gateway is an aws-vpc-lattice - gwClass := &gwv1beta1.GatewayClass{} + gwClass := &gwv1.GatewayClass{} gwClassName := types.NamespacedName{ Namespace: "default", Name: string(gw.Spec.GatewayClassName), diff --git a/test/go.mod b/test/go.mod index 0e72ec71..4acf68b0 100644 --- a/test/go.mod +++ b/test/go.mod @@ -1,85 +1,87 @@ module github.com/aws/aws-application-networking-k8s/test -go 1.20 +go 1.23.0 replace github.com/aws/aws-application-networking-k8s => ../ require ( github.com/Pallinder/go-randomdata v1.2.0 github.com/aws/aws-application-networking-k8s v0.3.0 - github.com/aws/aws-sdk-go v1.53.7 + github.com/aws/aws-sdk-go v1.55.5 github.com/imdario/mergo v0.3.16 - github.com/onsi/ginkgo/v2 v2.11.0 - github.com/onsi/gomega v1.27.10 + github.com/onsi/ginkgo/v2 v2.20.1 + github.com/onsi/gomega v1.34.2 github.com/samber/lo v1.37.0 - go.uber.org/zap v1.26.0 - golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa - k8s.io/api v0.28.3 - k8s.io/apimachinery v0.28.3 - k8s.io/client-go v0.28.3 - sigs.k8s.io/controller-runtime v0.16.3 - sigs.k8s.io/external-dns v0.13.5 - sigs.k8s.io/gateway-api v1.0.0 + go.uber.org/zap v1.27.0 + golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 + k8s.io/api v0.31.1 + k8s.io/apimachinery v0.31.1 + k8s.io/client-go v0.31.1 + sigs.k8s.io/controller-runtime v0.19.1 + sigs.k8s.io/external-dns v0.15.0 + sigs.k8s.io/gateway-api v1.2.0 ) require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.2.0 // indirect - github.com/davecgh/go-spew v1.1.1 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch/v5 v5.7.0 // indirect + github.com/cespare/xxhash/v2 v2.3.0 // indirect + github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/go-logr/logr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.4 // indirect - github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/go-logr/logr v1.4.2 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/mock v1.6.0 // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect - github.com/google/uuid v1.3.1 // indirect + github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/gorilla/websocket v1.5.1 // indirect github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect + github.com/klauspost/compress v1.17.9 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect - github.com/moby/spdystream v0.2.0 // indirect + github.com/moby/spdystream v0.4.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.17.0 // indirect - github.com/prometheus/client_model v0.5.0 // indirect - github.com/prometheus/common v0.45.0 // indirect - github.com/prometheus/procfs v0.12.0 // indirect - github.com/sirupsen/logrus v1.9.0 // indirect + github.com/prometheus/client_golang v1.20.0 // indirect + github.com/prometheus/client_model v0.6.1 // indirect + github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/procfs v0.15.1 // indirect + github.com/sirupsen/logrus v1.9.3 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/x448/float16 v0.8.4 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/net v0.18.0 // indirect - golang.org/x/oauth2 v0.13.0 // indirect - golang.org/x/sys v0.14.0 // indirect - golang.org/x/term v0.14.0 // indirect - golang.org/x/text v0.14.0 // indirect - golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.15.0 // indirect + golang.org/x/net v0.28.0 // indirect + golang.org/x/oauth2 v0.22.0 // indirect + golang.org/x/sys v0.24.0 // indirect + golang.org/x/term v0.23.0 // indirect + golang.org/x/text v0.17.0 // indirect + golang.org/x/time v0.6.0 // indirect + golang.org/x/tools v0.24.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/protobuf v1.31.0 // indirect + google.golang.org/protobuf v1.34.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.28.3 // indirect - k8s.io/component-base v0.28.3 // indirect - k8s.io/klog/v2 v2.100.1 // indirect - k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect - k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect + k8s.io/apiextensions-apiserver v0.31.1 // indirect + k8s.io/klog/v2 v2.130.1 // indirect + k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect + k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/test/go.sum b/test/go.sum index e7e2f85d..8f21517d 100644 --- a/test/go.sum +++ b/test/go.sum @@ -1,67 +1,63 @@ github.com/Pallinder/go-randomdata v1.2.0 h1:DZ41wBchNRb/0GfsePLiSwb0PHZmT67XY00lCDlaYPg= github.com/Pallinder/go-randomdata v1.2.0/go.mod h1:yHmJgulpD2Nfrm0cR9tI/+oAgRqCQQixsA8HyRZfV9Y= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/aws/aws-sdk-go v1.53.7 h1:ZSsRYHLRxsbO2rJR2oPMz0SUkJLnBkN+1meT95B6Ixs= -github.com/aws/aws-sdk-go v1.53.7/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= +github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU= +github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= -github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= +github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= +github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= +github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= -github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= -github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= +github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= +github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= +github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= -github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA= +github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= @@ -74,18 +70,18 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA= +github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= -github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= -github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= -github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= +github.com/moby/spdystream v0.4.0 h1:Vy79D6mHeJJjiPdFEL2yku1kl0chZpJfZcPpb16BRl8= +github.com/moby/spdystream v0.4.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -93,159 +89,145 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= +github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU= -github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= -github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= -github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= +github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= +github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo= +github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= +github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= +github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= -github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= -github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= -github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= -github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= -github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= -github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= -github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= +github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v1.20.0 h1:jBzTZ7B099Rg24tny+qngoynol8LtVYlA2bqx3vEloI= +github.com/prometheus/client_golang v1.20.0/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= +github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= +github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= +github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= +github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/samber/lo v1.37.0 h1:XjVcB8g6tgUp8rsPsJ2CvhClfImrpL04YpQHXeHPhRw= github.com/samber/lo v1.37.0/go.mod h1:9vaz2O4o8oOnK23pd2TrXufcbdbJIa3b6cstBWKpopA= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= +github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= -golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa/go.mod h1:zk2irFbV9DP96SEBUUAy67IdHUaZuSnrz1n472HUCLE= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= +golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.18.0 h1:mIYleuAkSbHh0tCv7RvjL3F6ZVbLjq4+R7zbOn3Kokg= -golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ= -golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= -golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= +golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= +golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= +golang.org/x/oauth2 v0.22.0 h1:BzDx2FehcG7jJwgWLELCdmLuxk2i+x9UDpSiss2u0ZA= +golang.org/x/oauth2 v0.22.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= -golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg= +golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= -golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= +golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU= +golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= -golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc= +golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= +golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U= +golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8= -golang.org/x/tools v0.15.0/go.mod h1:hpksKq4dtpQWS1uQ61JkdqWM3LscIS6Slf+VVkm+wQk= +golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= +golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= +google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= +gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= +gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.28.3 h1:Gj1HtbSdB4P08C8rs9AR94MfSGpRhJgsS+GF9V26xMM= -k8s.io/api v0.28.3/go.mod h1:MRCV/jr1dW87/qJnZ57U5Pak65LGmQVkKTzf3AtKFHc= -k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= -k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= -k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= -k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= -k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= -k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= -k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= -k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= -k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= -k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= -sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= -sigs.k8s.io/external-dns v0.13.5 h1:yJXhttH2SO08bAUxWfzMxhpSKTWr8f57OTDD6Ajq0Z4= -sigs.k8s.io/external-dns v0.13.5/go.mod h1:X7fyG4FwVFXFavj3XV4LlRs3QM0JgKWg9FnYbsZgmHo= -sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= -sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= +k8s.io/api v0.31.1 h1:Xe1hX/fPW3PXYYv8BlozYqw63ytA92snr96zMW9gWTU= +k8s.io/api v0.31.1/go.mod h1:sbN1g6eY6XVLeqNsZGLnI5FwVseTrZX7Fv3O26rhAaI= +k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/N6E40= +k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ= +k8s.io/apimachinery v0.31.1 h1:mhcUBbj7KUjaVhyXILglcVjuS4nYXiwC+KKFBgIVy7U= +k8s.io/apimachinery v0.31.1/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= +k8s.io/client-go v0.31.1 h1:f0ugtWSbWpxHR7sjVpQwuvw9a3ZKLXX0u0itkFXufb0= +k8s.io/client-go v0.31.1/go.mod h1:sKI8871MJN2OyeqRlmA4W4KM9KBdBUpDLu/43eGemCg= +k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= +k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f h1:0LQagt0gDpKqvIkAMPaRGcXawNMouPECM1+F9BVxEaM= +k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f/go.mod h1:S9tOR0FxgyusSNR+MboCuiDpVWkAifZvaYI1Q2ubgro= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= +k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.19.1 h1:Son+Q40+Be3QWb+niBXAg2vFiYWolDjjRfO8hn/cxOk= +sigs.k8s.io/controller-runtime v0.19.1/go.mod h1:iRmWllt8IlaLjvTTDLhRBXIEtkCK6hwVBJJsYS9Ajf4= +sigs.k8s.io/external-dns v0.15.0 h1:4NCSLHONsTmJXD8KReb4hubSz9Cx4goCHz3Dl+pGR+Q= +sigs.k8s.io/external-dns v0.15.0/go.mod h1:QdocdJu3mk9l4u80fu992lZEKqKd1130h17yNisIC78= +sigs.k8s.io/gateway-api v1.2.0 h1:LrToiFwtqKTKZcZtoQPTuo3FxhrrhTgzQG0Te+YGSo8= +sigs.k8s.io/gateway-api v1.2.0/go.mod h1:EpNfEXNjiYfUJypf0eZ0P5iXA9ekSGWaS1WgPaM42X0= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= -sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/test/pkg/test/framework.go b/test/pkg/test/framework.go index 9b6721ea..c62121e7 100644 --- a/test/pkg/test/framework.go +++ b/test/pkg/test/framework.go @@ -185,6 +185,7 @@ func objectsInfo(objs []client.Object) string { func (env *Framework) ExpectCreated(ctx context.Context, objects ...client.Object) { env.Log.Infof(ctx, "Creating objects: %s", objectsInfo(objects)) parallel.ForEach(objects, func(obj client.Object, _ int) { + defer GinkgoRecover() Expect(env.Create(ctx, obj)).WithOffset(1).To(Succeed()) }) } @@ -192,6 +193,7 @@ func (env *Framework) ExpectCreated(ctx context.Context, objects ...client.Objec func (env *Framework) ExpectUpdated(ctx context.Context, objects ...client.Object) { env.Log.Infof(ctx, "Updating objects: %s", objectsInfo(objects)) parallel.ForEach(objects, func(obj client.Object, _ int) { + defer GinkgoRecover() Expect(env.Update(ctx, obj)).WithOffset(1).To(Succeed()) }) } @@ -203,7 +205,7 @@ func (env *Framework) ExpectDeletedThenNotFound(ctx context.Context, objects ... func (env *Framework) ExpectDeleted(ctx context.Context, objects ...client.Object) { httpRouteType := reflect.TypeOf(&gwv1.HTTPRoute{}) - grpcRouteType := reflect.TypeOf(&gwv1alpha2.GRPCRoute{}) + grpcRouteType := reflect.TypeOf(&gwv1.GRPCRoute{}) routeObjects := []client.Object{} @@ -242,14 +244,14 @@ func (env *Framework) ExpectDeleted(ctx context.Context, objects ...client.Objec env.Log.Infof(ctx, "Error clearing http route rules %s", err) } } else if grpcRouteType == t { - grpc := &gwv1alpha2.GRPCRoute{} + grpc := &gwv1.GRPCRoute{} err := env.Get(ctx, nsName, grpc) if err != nil { env.Log.Infof(ctx, "Error getting grpc route %s", err) continue } env.Log.Infof(ctx, "Clearing grpc route rules for %s", grpc.Name) - grpc.Spec.Rules = make([]gwv1alpha2.GRPCRouteRule, 0) + grpc.Spec.Rules = make([]gwv1.GRPCRouteRule, 0) err = env.Update(ctx, grpc) if err != nil { env.Log.Infof(ctx, "Error clearing grpc route rules %s", err) @@ -263,6 +265,7 @@ func (env *Framework) ExpectDeleted(ctx context.Context, objects ...client.Objec env.Log.Infof(ctx, "Deleting objects: %s", objectsInfo(objects)) parallel.ForEach(objects, func(obj client.Object, _ int) { + defer GinkgoRecover() err := env.Delete(ctx, obj) if err != nil { // not found is probably OK - means it was deleted elsewhere @@ -281,6 +284,7 @@ func (env *Framework) ExpectDeleteAllToSucceed(ctx context.Context, object clien func (env *Framework) EventuallyExpectNotFound(ctx context.Context, objects ...client.Object) { env.Log.Infof(ctx, "Waiting for NotFound, objects: %s", objectsInfo(objects)) parallel.ForEach(objects, func(obj client.Object, _ int) { + defer GinkgoRecover() if obj != nil { Eventually(func(g Gomega) { g.Expect(errors.IsNotFound(env.Get(ctx, client.ObjectKeyFromObject(obj), obj))).To(BeTrue()) diff --git a/test/pkg/test/grpcroute.go b/test/pkg/test/grpcroute.go index dde341ab..984f0a38 100644 --- a/test/pkg/test/grpcroute.go +++ b/test/pkg/test/grpcroute.go @@ -4,17 +4,16 @@ import ( "github.com/samber/lo" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" ) -func (env *Framework) NewGRPCRoute(namespace string, parentRefsGateway *gwv1.Gateway, rules []v1alpha2.GRPCRouteRule) *v1alpha2.GRPCRoute { - grpcRoute := New(&v1alpha2.GRPCRoute{ +func (env *Framework) NewGRPCRoute(namespace string, parentRefsGateway *gwv1.Gateway, rules []gwv1.GRPCRouteRule) *gwv1.GRPCRoute { + grpcRoute := New(&gwv1.GRPCRoute{ TypeMeta: metav1.TypeMeta{}, ObjectMeta: metav1.ObjectMeta{ Namespace: namespace, }, - Spec: v1alpha2.GRPCRouteSpec{ - CommonRouteSpec: v1alpha2.CommonRouteSpec{ + Spec: gwv1.GRPCRouteSpec{ + CommonRouteSpec: gwv1.CommonRouteSpec{ ParentRefs: []gwv1.ParentReference{{ Name: gwv1.ObjectName(parentRefsGateway.Name), Namespace: (*gwv1.Namespace)(&parentRefsGateway.Namespace), diff --git a/test/suites/integration/access_log_policy_test.go b/test/suites/integration/access_log_policy_test.go index eddbb9e8..64245b72 100644 --- a/test/suites/integration/access_log_policy_test.go +++ b/test/suites/integration/access_log_policy_test.go @@ -24,8 +24,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/aws/aws-application-networking-k8s/pkg/aws/services" @@ -33,7 +33,6 @@ import ( "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/pkg/model/lattice" "github.com/aws/aws-application-networking-k8s/test/pkg/test" - gwv1 "sigs.k8s.io/gateway-api/apis/v1" ) var _ = Describe("Access Log Policy", Ordered, func() { @@ -76,7 +75,7 @@ var _ = Describe("Access Log Policy", Ordered, func() { httpK8sService *corev1.Service grpcK8sService *corev1.Service httpRoute *gwv1.HTTPRoute - grpcRoute *gwv1alpha2.GRPCRoute + grpcRoute *gwv1.GRPCRoute bucketArn string logGroupArn string logGroup2Arn string @@ -196,16 +195,16 @@ var _ = Describe("Access Log Policy", Ordered, func() { // Create GRPC Route, Service, and Deployment grpcAppOptions := test.GrpcAppOptions{AppName: k8sResourceName, Namespace: k8snamespace} grpcDeployment, grpcK8sService = testFramework.NewGrpcBin(grpcAppOptions) - grpcRouteRules := []gwv1alpha2.GRPCRouteRule{ + grpcRouteRules := []gwv1.GRPCRouteRule{ { - BackendRefs: []gwv1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: gwv1alpha2.BackendRef{ - BackendObjectReference: gwv1beta1.BackendObjectReference{ + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: gwv1alpha2.ObjectName(grpcK8sService.Name), - Namespace: lo.ToPtr(gwv1beta1.Namespace(grpcK8sService.Namespace)), - Kind: (*gwv1beta1.Kind)(lo.ToPtr("Service")), - Port: lo.ToPtr(gwv1beta1.PortNumber(19000)), + Namespace: lo.ToPtr(gwv1.Namespace(grpcK8sService.Namespace)), + Kind: (*gwv1.Kind)(lo.ToPtr("Service")), + Port: lo.ToPtr(gwv1.PortNumber(19000)), }, }, }, @@ -224,8 +223,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -283,8 +282,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "HTTPRoute", Name: gwv1alpha2.ObjectName(httpRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -309,7 +308,7 @@ var _ = Describe("Access Log Policy", Ordered, func() { g.Expect(alp.Status.Conditions[0].Reason).To(BeEquivalentTo(string(gwv1alpha2.PolicyReasonAccepted))) // VPC Lattice Service should have Access Log Subscription with S3 Bucket destination - latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1beta1.HTTPRoute(*httpRoute))) + latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1.HTTPRoute(*httpRoute))) listALSInput := &vpclattice.ListAccessLogSubscriptionsInput{ ResourceIdentifier: latticeService.Arn, } @@ -343,8 +342,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "GRPCRoute", Name: gwv1alpha2.ObjectName(grpcRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -404,8 +403,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -422,8 +421,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(logGroupArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -440,8 +439,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(deliveryStreamArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -492,8 +491,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -509,8 +508,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -544,8 +543,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn + "foo"), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -579,7 +578,7 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Group: "invalid", Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), @@ -614,8 +613,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Service", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -645,7 +644,7 @@ var _ = Describe("Access Log Policy", Ordered, func() { originalAlsArn := "" currentAlsArn := "" expectedGeneration := 1 - latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1beta1.HTTPRoute(*httpRoute))) + latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1.HTTPRoute(*httpRoute))) accessLogPolicy := &anv1alpha1.AccessLogPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: k8sResourceName, @@ -653,8 +652,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(logGroupArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -789,8 +788,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { alp = &anv1alpha1.AccessLogPolicy{} err = testFramework.Client.Get(ctx, alpNamespacedName, alp) Expect(err).To(BeNil()) - alp.Spec.TargetRef = &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + alp.Spec.TargetRef = &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "HTTPRoute", Name: gwv1alpha2.ObjectName(httpRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -883,8 +882,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { err = testFramework.Client.Get(ctx, alpNamespacedName, alp) Expect(err).To(BeNil()) alp.Spec.DestinationArn = aws.String(bucketArn) - alp.Spec.TargetRef = &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + alp.Spec.TargetRef = &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: "doesnotexist", Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -961,8 +960,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(logGroupArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "HTTPRoute", Name: gwv1alpha2.ObjectName(httpRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -993,8 +992,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { Expect(err).To(BeNil()) alp.Spec = anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(logGroupArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "HTTPRoute", Name: gwv1alpha2.ObjectName(httpRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -1035,8 +1034,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "Gateway", Name: gwv1alpha2.ObjectName(testGateway.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -1077,8 +1076,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "HTTPRoute", Name: gwv1alpha2.ObjectName(httpRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -1087,7 +1086,7 @@ var _ = Describe("Access Log Policy", Ordered, func() { } testFramework.ExpectCreated(ctx, accessLogPolicy) - latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1beta1.HTTPRoute(*httpRoute))) + latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1.HTTPRoute(*httpRoute))) Eventually(func(g Gomega) { // VPC Lattice Service should have an Access Log Subscription @@ -1121,8 +1120,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "GRPCRoute", Name: gwv1alpha2.ObjectName(grpcRoute.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -1179,8 +1178,8 @@ var _ = Describe("Access Log Policy", Ordered, func() { }, Spec: anv1alpha1.AccessLogPolicySpec{ DestinationArn: aws.String(bucketArn), - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Group: gwv1beta1.GroupName, + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Group: gwv1.GroupName, Kind: "HTTPRoute", Name: gwv1alpha2.ObjectName(route.Name), Namespace: (*gwv1alpha2.Namespace)(aws.String(k8snamespace)), @@ -1194,7 +1193,7 @@ var _ = Describe("Access Log Policy", Ordered, func() { Namespace: accessLogPolicy.Namespace, } - latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1beta1.HTTPRoute(*route))) + latticeService := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1.HTTPRoute(*route))) Eventually(func(g Gomega) { // VPC Lattice Service should have an Access Log Subscription diff --git a/test/suites/integration/byoc_test.go b/test/suites/integration/byoc_test.go index b08af4a7..6f1aad91 100644 --- a/test/suites/integration/byoc_test.go +++ b/test/suites/integration/byoc_test.go @@ -27,7 +27,6 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) var _ = Describe("Bring your own certificate (BYOC)", Ordered, func() { @@ -79,7 +78,7 @@ var _ = Describe("Bring your own certificate (BYOC)", Ordered, func() { testFramework.ExpectCreated(context.TODO(), deployment, service, httpRoute) // get lattice service dns name for route53 cname - svc := testFramework.GetVpcLatticeService(context.TODO(), core.NewHTTPRoute(gwv1beta1.HTTPRoute(*httpRoute))) + svc := testFramework.GetVpcLatticeService(context.TODO(), core.NewHTTPRoute(gwv1.HTTPRoute(*httpRoute))) latticeSvcDns = *svc.DnsEntry.DomainName log.Infof(ctx, "depoloyed lattice service, dns name: %s", latticeSvcDns) diff --git a/test/suites/integration/grpcroute_test.go b/test/suites/integration/grpcroute_test.go index 9eb27352..67562c6d 100644 --- a/test/suites/integration/grpcroute_test.go +++ b/test/suites/integration/grpcroute_test.go @@ -2,6 +2,7 @@ package integration import ( "strconv" + "time" "github.com/aws/aws-sdk-go/service/vpclattice" . "github.com/onsi/ginkgo/v2" @@ -10,8 +11,7 @@ import ( appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/gateway-api/apis/v1alpha2" - "sigs.k8s.io/gateway-api/apis/v1beta1" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/test/pkg/test" @@ -24,7 +24,7 @@ var _ = Describe("GRPCRoute test", Ordered, func() { grpcBinService *v1.Service grpcHelloWorldDeployment *appsv1.Deployment grpcHelloWorldService *v1.Service - grpcRoute *v1alpha2.GRPCRoute + grpcRoute *gwv1.GRPCRoute latticeService *vpclattice.ServiceSummary ) @@ -36,16 +36,16 @@ var _ = Describe("GRPCRoute test", Ordered, func() { When("Create a grpcRoute that have one rule with no matches BackendRef to grpcBinService", func() { It("Expect create grpcRoute successfully", func() { - grpcRoute = testFramework.NewGRPCRoute(k8snamespace, testGateway, []v1alpha2.GRPCRouteRule{ + grpcRoute = testFramework.NewGRPCRoute(k8snamespace, testGateway, []gwv1.GRPCRouteRule{ { - BackendRefs: []v1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: v1alpha2.BackendRef{ - BackendObjectReference: v1beta1.BackendObjectReference{ - Name: v1alpha2.ObjectName(grpcBinService.Name), - Namespace: lo.ToPtr(v1beta1.Namespace(grpcBinService.Namespace)), - Kind: lo.ToPtr(v1beta1.Kind("Service")), - Port: lo.ToPtr(v1beta1.PortNumber(19000)), + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ + Name: gwv1.ObjectName(grpcBinService.Name), + Namespace: lo.ToPtr(gwv1.Namespace(grpcBinService.Namespace)), + Kind: lo.ToPtr(gwv1.Kind("Service")), + Port: lo.ToPtr(gwv1.PortNumber(19000)), }, }, }, @@ -70,7 +70,7 @@ var _ = Describe("GRPCRoute test", Ordered, func() { g.Expect(len(rules)).To(Equal(1)) g.Expect(*rules[0].Match.HttpMatch.Method).To(Equal("POST")) g.Expect(*rules[0].Match.HttpMatch.PathMatch.Match.Prefix).To(Equal("/")) - }).Should(Succeed()) + }).Within(30 * time.Second).Should(Succeed()) }) Context("Traffic test: client pod (grpcurl-runner) can send request to all services/methods of grpcBinService", func() { @@ -132,11 +132,11 @@ var _ = Describe("GRPCRoute test", Ordered, func() { Expect(grpcRoute).To(Not(BeNil())) err := testFramework.Get(ctx, client.ObjectKeyFromObject(grpcRoute), grpcRoute) Expect(err).To(BeNil()) - grpcRoute.Spec.Rules = []v1alpha2.GRPCRouteRule{ + grpcRoute.Spec.Rules = []gwv1.GRPCRouteRule{ { - Matches: []v1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Headers: []v1alpha2.GRPCHeaderMatch{ + Headers: []gwv1.GRPCHeaderMatch{ { Name: "test-key1", Value: "test-value1", @@ -150,21 +150,21 @@ var _ = Describe("GRPCRoute test", Ordered, func() { Value: "test-value3", }, }, - Method: &v1alpha2.GRPCMethodMatch{ - Type: lo.ToPtr(v1alpha2.GRPCMethodMatchExact), + Method: &gwv1.GRPCMethodMatch{ + Type: lo.ToPtr(gwv1.GRPCMethodMatchExact), Service: lo.ToPtr("grpcbin.GRPCBin"), Method: lo.ToPtr("HeadersUnary"), }, }, }, - BackendRefs: []v1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: v1alpha2.BackendRef{ - BackendObjectReference: v1beta1.BackendObjectReference{ - Name: v1alpha2.ObjectName(grpcBinService.Name), - Namespace: lo.ToPtr(v1beta1.Namespace(grpcBinService.Namespace)), - Kind: lo.ToPtr(v1beta1.Kind("Service")), - Port: lo.ToPtr(v1beta1.PortNumber(19000)), + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ + Name: gwv1.ObjectName(grpcBinService.Name), + Namespace: lo.ToPtr(gwv1.Namespace(grpcBinService.Namespace)), + Kind: lo.ToPtr(gwv1.Kind("Service")), + Port: lo.ToPtr(gwv1.PortNumber(19000)), }, }, }, @@ -264,38 +264,38 @@ var _ = Describe("GRPCRoute test", Ordered, func() { It("Expect update GRPCRoute successfully", func() { err := testFramework.Get(ctx, client.ObjectKeyFromObject(grpcRoute), grpcRoute) Expect(err).To(BeNil()) - grpcRoute.Spec.Rules = []v1alpha2.GRPCRouteRule{ + grpcRoute.Spec.Rules = []gwv1.GRPCRouteRule{ { - Matches: []v1alpha2.GRPCRouteMatch{ + Matches: []gwv1.GRPCRouteMatch{ { - Method: &v1alpha2.GRPCMethodMatch{ - Type: lo.ToPtr(v1alpha2.GRPCMethodMatchExact), + Method: &gwv1.GRPCMethodMatch{ + Type: lo.ToPtr(gwv1.GRPCMethodMatchExact), Service: lo.ToPtr("addsvc.Add"), }, }, }, - BackendRefs: []v1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: v1alpha2.BackendRef{ - BackendObjectReference: v1beta1.BackendObjectReference{ - Name: v1alpha2.ObjectName(grpcBinService.Name), - Namespace: lo.ToPtr(v1beta1.Namespace(grpcBinService.Namespace)), - Kind: lo.ToPtr(v1beta1.Kind("Service")), - Port: lo.ToPtr(v1beta1.PortNumber(19000)), + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ + Name: gwv1.ObjectName(grpcBinService.Name), + Namespace: lo.ToPtr(gwv1.Namespace(grpcBinService.Namespace)), + Kind: lo.ToPtr(gwv1.Kind("Service")), + Port: lo.ToPtr(gwv1.PortNumber(19000)), }, }, }, }, }, { - BackendRefs: []v1alpha2.GRPCBackendRef{ + BackendRefs: []gwv1.GRPCBackendRef{ { - BackendRef: v1alpha2.BackendRef{ - BackendObjectReference: v1beta1.BackendObjectReference{ - Name: v1alpha2.ObjectName(grpcHelloWorldService.Name), - Namespace: lo.ToPtr(v1beta1.Namespace(grpcHelloWorldService.Namespace)), - Kind: lo.ToPtr(v1beta1.Kind("Service")), - Port: lo.ToPtr(v1beta1.PortNumber(10051)), + BackendRef: gwv1.BackendRef{ + BackendObjectReference: gwv1.BackendObjectReference{ + Name: gwv1.ObjectName(grpcHelloWorldService.Name), + Namespace: lo.ToPtr(gwv1.Namespace(grpcHelloWorldService.Namespace)), + Kind: lo.ToPtr(gwv1.Kind("Service")), + Port: lo.ToPtr(gwv1.PortNumber(10051)), }, }, }, diff --git a/test/suites/integration/httproute_creation_test.go b/test/suites/integration/httproute_creation_test.go index 91bb2360..76aaf8c1 100644 --- a/test/suites/integration/httproute_creation_test.go +++ b/test/suites/integration/httproute_creation_test.go @@ -14,7 +14,6 @@ import ( "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/test/pkg/test" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) var _ = Describe("HTTPRoute Creation", Ordered, func() { @@ -101,7 +100,7 @@ var _ = Describe("HTTPRoute Creation", Ordered, func() { ) testFramework.GetTargetGroup(ctx, service) - testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1beta1.HTTPRoute(*httpRoute))) + testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1.HTTPRoute(*httpRoute))) }) }) diff --git a/test/suites/integration/httproute_mutation_do_not_leak_target_group_test.go b/test/suites/integration/httproute_mutation_do_not_leak_target_group_test.go index cf914c13..aff4692f 100644 --- a/test/suites/integration/httproute_mutation_do_not_leak_target_group_test.go +++ b/test/suites/integration/httproute_mutation_do_not_leak_target_group_test.go @@ -13,7 +13,6 @@ import ( "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" gwv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1beta1" "strings" ) @@ -95,7 +94,7 @@ var _ = Describe("HTTPRoute Mutation", func() { testFramework.Get(ctx, types.NamespacedName{Name: pathMatchHttpRoute.Name, Namespace: pathMatchHttpRoute.Namespace}, pathMatchHttpRoute) fmt.Println("Will update the pathMatchHttpRoute to backendRefs to service1 and service3") - pathMatchHttpRoute.Spec.Rules[1].BackendRefs[0].BackendObjectReference.Name = v1beta1.ObjectName(service3.Name) + pathMatchHttpRoute.Spec.Rules[1].BackendRefs[0].BackendObjectReference.Name = gwv1.ObjectName(service3.Name) testFramework.Update(ctx, pathMatchHttpRoute) // Verify the targetGroup that corresponds to the service2 is deleted diff --git a/test/suites/integration/iamauthpolicy_test.go b/test/suites/integration/iamauthpolicy_test.go index 96941761..458e4ea4 100644 --- a/test/suites/integration/iamauthpolicy_test.go +++ b/test/suites/integration/iamauthpolicy_test.go @@ -20,11 +20,9 @@ import ( gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" + "github.com/aws/aws-application-networking-k8s/pkg/model/core" . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" - - "github.com/aws/aws-application-networking-k8s/pkg/model/core" ) var _ = Describe("IAM Auth Policy", Ordered, func() { @@ -45,7 +43,7 @@ var _ = Describe("IAM Auth Policy", Ordered, func() { p := &anv1alpha1.IAMAuthPolicy{ Spec: anv1alpha1.IAMAuthPolicySpec{ Policy: AllowAllInvoke, - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Group: gwv1.Group(trGroup), Kind: gwv1.Kind(trKind), Name: gwv1.ObjectName(trName), @@ -179,7 +177,7 @@ var _ = Describe("IAM Auth Policy", Ordered, func() { It("accepted, applied, and removed from HTTPRoute", func() { policy := newPolicy("http", "HTTPRoute", SvcName) - svc := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1beta1.HTTPRoute(*httpRoute))) + svc := testFramework.GetVpcLatticeService(ctx, core.NewHTTPRoute(gwv1.HTTPRoute(*httpRoute))) svcId := *svc.Id // accepted diff --git a/test/suites/integration/target_group_policy_test.go b/test/suites/integration/target_group_policy_test.go index 5479ff58..29229473 100644 --- a/test/suites/integration/target_group_policy_test.go +++ b/test/suites/integration/target_group_policy_test.go @@ -13,7 +13,6 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" gwv1 "sigs.k8s.io/gateway-api/apis/v1" gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gwv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" "github.com/aws/aws-application-networking-k8s/test/pkg/test" @@ -171,9 +170,9 @@ func createTargetGroupPolicy( Name: config.PolicyName, }, Spec: anv1alpha1.TargetGroupPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ - Kind: gwv1beta1.Kind("Service"), - Name: gwv1beta1.ObjectName(service.Name), + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ + Kind: gwv1.Kind("Service"), + Name: gwv1.ObjectName(service.Name), }, Protocol: config.Protocol, ProtocolVersion: config.ProtocolVersion, diff --git a/test/suites/integration/tlsroute_serviceexport_test.go b/test/suites/integration/tlsroute_serviceexport_test.go index 2c7cf821..ee0319ee 100644 --- a/test/suites/integration/tlsroute_serviceexport_test.go +++ b/test/suites/integration/tlsroute_serviceexport_test.go @@ -18,12 +18,10 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" - gwv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" - "sigs.k8s.io/gateway-api/apis/v1beta1" - "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/test/pkg/test" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" + "sigs.k8s.io/gateway-api/apis/v1alpha2" anv1alpha1 "github.com/aws/aws-application-networking-k8s/pkg/apis/applicationnetworking/v1alpha1" ) @@ -51,11 +49,11 @@ var _ = Describe("TLSRoute Service Export/Import Test", Ordered, func() { { BackendRefs: []gwv1.BackendRef{ { - BackendObjectReference: v1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: v1alpha2.ObjectName(httpsSvc1.Name), - Namespace: lo.ToPtr(v1beta1.Namespace(httpsSvc1.Namespace)), - Kind: lo.ToPtr(v1beta1.Kind("ServiceImport")), - Port: lo.ToPtr(v1beta1.PortNumber(443)), + Namespace: lo.ToPtr(gwv1.Namespace(httpsSvc1.Namespace)), + Kind: lo.ToPtr(gwv1.Kind("ServiceImport")), + Port: lo.ToPtr(gwv1.PortNumber(443)), }, }, }, @@ -142,7 +140,7 @@ func createTCPTargetGroupPolicy( Name: "tcp-policy", }, Spec: anv1alpha1.TargetGroupPolicySpec{ - TargetRef: &v1alpha2.PolicyTargetReference{ + TargetRef: &v1alpha2.NamespacedPolicyTargetReference{ Group: "application-networking.k8s.aws", Kind: gwv1.Kind("ServiceExport"), Name: gwv1.ObjectName(service.Name), diff --git a/test/suites/integration/tlsroute_test.go b/test/suites/integration/tlsroute_test.go index 34bef3e4..53c9c9b0 100644 --- a/test/suites/integration/tlsroute_test.go +++ b/test/suites/integration/tlsroute_test.go @@ -15,12 +15,10 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" - gwv1 "sigs.k8s.io/gateway-api/apis/v1" - "sigs.k8s.io/gateway-api/apis/v1alpha2" - "sigs.k8s.io/gateway-api/apis/v1beta1" - "github.com/aws/aws-application-networking-k8s/pkg/model/core" "github.com/aws/aws-application-networking-k8s/test/pkg/test" + gwv1 "sigs.k8s.io/gateway-api/apis/v1" + "sigs.k8s.io/gateway-api/apis/v1alpha2" ) var _ = Describe("TLSRoute test", Ordered, func() { @@ -36,11 +34,11 @@ var _ = Describe("TLSRoute test", Ordered, func() { { BackendRefs: []gwv1.BackendRef{ { - BackendObjectReference: v1beta1.BackendObjectReference{ + BackendObjectReference: gwv1.BackendObjectReference{ Name: v1alpha2.ObjectName(httpsSvc1.Name), - Namespace: lo.ToPtr(v1beta1.Namespace(httpsSvc1.Namespace)), - Kind: lo.ToPtr(v1beta1.Kind("Service")), - Port: lo.ToPtr(v1beta1.PortNumber(443)), + Namespace: lo.ToPtr(gwv1.Namespace(httpsSvc1.Namespace)), + Kind: lo.ToPtr(gwv1.Kind("Service")), + Port: lo.ToPtr(gwv1.PortNumber(443)), }, }, }, diff --git a/test/suites/integration/vpc_association_policy_test.go b/test/suites/integration/vpc_association_policy_test.go index e549d4b0..ce6cf460 100644 --- a/test/suites/integration/vpc_association_policy_test.go +++ b/test/suites/integration/vpc_association_policy_test.go @@ -76,11 +76,11 @@ var _ = Describe("Test vpc association policy", Serial, Ordered, func() { Namespace: k8snamespace, }, Spec: v1alpha1.VpcAssociationPolicySpec{ - TargetRef: &gwv1alpha2.PolicyTargetReference{ + TargetRef: &gwv1alpha2.NamespacedPolicyTargetReference{ Group: gwv1.GroupName, Kind: "Gateway", - Name: gwv1alpha2.ObjectName(testGateway.Name), - Namespace: lo.ToPtr(gwv1alpha2.Namespace(k8snamespace)), + Name: gwv1.ObjectName(testGateway.Name), + Namespace: lo.ToPtr(gwv1.Namespace(k8snamespace)), }, SecurityGroupIds: []v1alpha1.SecurityGroupId{sgId}, }, From 968bfa75e9c6dd0c8c14b503b8106c62b67ebbca Mon Sep 17 00:00:00 2001 From: erikfuller <16261515+erikfuller@users.noreply.github.com> Date: Mon, 9 Dec 2024 13:04:54 -0800 Subject: [PATCH 2/6] Updating linter and addressing findings --- .github/workflows/presubmit.yaml | 4 ++-- cmd/aws-application-networking-k8s/main.go | 6 +++--- hack/toolchain.sh | 4 ++-- pkg/controllers/route_controller_test.go | 2 +- pkg/gateway/model_build_lattice_service_test.go | 2 +- pkg/gateway/model_build_targetgroup_test.go | 2 +- pkg/webhook/pod_mutator_test.go | 3 +-- test/pkg/test/framework.go | 6 +++--- 8 files changed, 14 insertions(+), 15 deletions(-) diff --git a/.github/workflows/presubmit.yaml b/.github/workflows/presubmit.yaml index 340492c9..9615198a 100644 --- a/.github/workflows/presubmit.yaml +++ b/.github/workflows/presubmit.yaml @@ -19,14 +19,14 @@ jobs: - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.54 + version: v1.62.2 args: --verbose --timeout 30m presubmit: runs-on: ubuntu-latest strategy: matrix: - k8sVersion: ["1.24.x"] + k8sVersion: ["1.31.1"] env: K8S_VERSION: ${{ matrix.k8sVersion }} steps: diff --git a/cmd/aws-application-networking-k8s/main.go b/cmd/aws-application-networking-k8s/main.go index 9f1ac1a9..93637920 100644 --- a/cmd/aws-application-networking-k8s/main.go +++ b/cmd/aws-application-networking-k8s/main.go @@ -63,9 +63,9 @@ func init() { utilruntime.Must(clientgoscheme.AddToScheme(scheme)) //+kubebuilder:scaffold:scheme - utilruntime.Must(gwv1alpha2.AddToScheme(scheme)) - utilruntime.Must(gwv1.AddToScheme(scheme)) - utilruntime.Must(anv1alpha1.AddToScheme(scheme)) + utilruntime.Must(gwv1alpha2.Install(scheme)) + utilruntime.Must(gwv1.Install(scheme)) + utilruntime.Must(anv1alpha1.Install(scheme)) utilruntime.Must(discoveryv1.AddToScheme(scheme)) addOptionalCRDs(scheme) } diff --git a/hack/toolchain.sh b/hack/toolchain.sh index e848009b..a99b70ca 100755 --- a/hack/toolchain.sh +++ b/hack/toolchain.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash set -euo pipefail -K8S_VERSION="${K8S_VERSION:="1.22.x"}" +K8S_VERSION="${K8S_VERSION:="1.31.1"}" KUBEBUILDER_ASSETS="${KUBEBUILDER_ASSETS:="${HOME}/.kubebuilder/bin"}" main() { @@ -14,7 +14,7 @@ install_golangci_lint() { if { [ -z "${CI+x}" ] || [ "${CI}" != "true" ]; } && ! command -v golangci-lint &> /dev/null; then echo "golangci-lint is not installed in local machine. Installing..." # https://golangci-lint.run/usage/install/#local-installation - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.55.2 + curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.62.2 fi } diff --git a/pkg/controllers/route_controller_test.go b/pkg/controllers/route_controller_test.go index d7392296..3a9ff567 100644 --- a/pkg/controllers/route_controller_test.go +++ b/pkg/controllers/route_controller_test.go @@ -40,7 +40,7 @@ func TestRouteReconciler_ReconcileCreates(t *testing.T) { k8sScheme := runtime.NewScheme() clientgoscheme.AddToScheme(k8sScheme) - gwv1.AddToScheme(k8sScheme) + gwv1.Install(k8sScheme) discoveryv1.AddToScheme(k8sScheme) addOptionalCRDs(k8sScheme) diff --git a/pkg/gateway/model_build_lattice_service_test.go b/pkg/gateway/model_build_lattice_service_test.go index d952b5e0..c8b31f36 100644 --- a/pkg/gateway/model_build_lattice_service_test.go +++ b/pkg/gateway/model_build_lattice_service_test.go @@ -402,7 +402,7 @@ func Test_LatticeServiceModelBuild(t *testing.T) { k8sSchema := runtime.NewScheme() clientgoscheme.AddToScheme(k8sSchema) - gwv1.AddToScheme(k8sSchema) + gwv1.Install(k8sSchema) k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build() assert.NoError(t, k8sClient.Create(ctx, tt.gw.DeepCopy())) diff --git a/pkg/gateway/model_build_targetgroup_test.go b/pkg/gateway/model_build_targetgroup_test.go index 8142d9a2..cb9c2ca9 100644 --- a/pkg/gateway/model_build_targetgroup_test.go +++ b/pkg/gateway/model_build_targetgroup_test.go @@ -469,7 +469,7 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { k8sSchema := runtime.NewScheme() clientgoscheme.AddToScheme(k8sSchema) anv1alpha1.AddToScheme(k8sSchema) - gwv1.AddToScheme(k8sSchema) + gwv1.Install(k8sSchema) k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build() stack := core.NewDefaultStack(core.StackID(k8s.NamespacedName(tt.route.K8sObject()))) diff --git a/pkg/webhook/pod_mutator_test.go b/pkg/webhook/pod_mutator_test.go index 060083fb..f22fab6f 100644 --- a/pkg/webhook/pod_mutator_test.go +++ b/pkg/webhook/pod_mutator_test.go @@ -1072,8 +1072,7 @@ func Test_ReadinessGateInjection(t *testing.T) { k8sScheme := runtime.NewScheme() clientgoscheme.AddToScheme(k8sScheme) - gwv1.AddToScheme(k8sScheme) - gwv1.AddToScheme(k8sScheme) + gwv1.Install(k8sScheme) anv1alpha1.AddToScheme(k8sScheme) k8sClient := testclient.NewClientBuilder().WithScheme(k8sScheme).Build() diff --git a/test/pkg/test/framework.go b/test/pkg/test/framework.go index c62121e7..5086ab06 100644 --- a/test/pkg/test/framework.go +++ b/test/pkg/test/framework.go @@ -75,9 +75,9 @@ var ( func init() { format.MaxLength = 0 utilruntime.Must(clientgoscheme.AddToScheme(testScheme)) - utilruntime.Must(gwv1alpha2.AddToScheme(testScheme)) - utilruntime.Must(gwv1.AddToScheme(testScheme)) - utilruntime.Must(anv1alpha1.AddToScheme(testScheme)) + utilruntime.Must(gwv1alpha2.Install(testScheme)) + utilruntime.Must(gwv1.Install(testScheme)) + utilruntime.Must(anv1alpha1.Install(testScheme)) addOptionalCRDs(testScheme) } From 68bacd50c1e5fec84925c527fa8948832abf4c14 Mon Sep 17 00:00:00 2001 From: erikfuller <16261515+erikfuller@users.noreply.github.com> Date: Mon, 9 Dec 2024 14:36:59 -0800 Subject: [PATCH 3/6] updated make manifest to newer version, updated autogen yamls --- Makefile | 6 +- ...-networking.k8s.aws_accesslogpolicies.yaml | 109 +++++++-------- ...on-networking.k8s.aws_iamauthpolicies.yaml | 111 ++++++++------- ...ion-networking.k8s.aws_serviceexports.yaml | 42 +++--- ...ion-networking.k8s.aws_serviceimports.yaml | 87 +++++++----- ...etworking.k8s.aws_targetgrouppolicies.yaml | 130 +++++++++--------- ...orking.k8s.aws_vpcassociationpolicies.yaml | 114 +++++++-------- ...-networking.k8s.aws_accesslogpolicies.yaml | 109 +++++++-------- ...on-networking.k8s.aws_iamauthpolicies.yaml | 111 ++++++++------- ...ion-networking.k8s.aws_serviceexports.yaml | 42 +++--- ...ion-networking.k8s.aws_serviceimports.yaml | 87 +++++++----- ...etworking.k8s.aws_targetgrouppolicies.yaml | 130 +++++++++--------- ...orking.k8s.aws_vpcassociationpolicies.yaml | 114 +++++++-------- .../v1alpha1/zz_generated.deepcopy.go | 10 +- 14 files changed, 630 insertions(+), 572 deletions(-) diff --git a/Makefile b/Makefile index 5df94f9f..2326a91d 100644 --- a/Makefile +++ b/Makefile @@ -106,9 +106,9 @@ build-deploy: ## Create a deployment file that can be applied with `kubectl appl .PHONY: manifest manifest: ## Generate CRD manifest - go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.13.0 object paths=./pkg/apis/... - go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.13.0 crd paths=./pkg/apis/... output:crd:artifacts:config=config/crds/bases - go run k8s.io/code-generator/cmd/register-gen@v0.28.0 --input-dirs ./pkg/apis/applicationnetworking/v1alpha1 --output-base ./ --go-header-file hack/boilerplate.go.txt + go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.5 object paths=./pkg/apis/... + go run sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.5 crd paths=./pkg/apis/... output:crd:artifacts:config=config/crds/bases + go run k8s.io/code-generator/cmd/register-gen@v0.31.1 --logtostderr ./pkg/apis/applicationnetworking/v1alpha1 --go-header-file hack/boilerplate.go.txt cp config/crds/bases/application-networking.k8s.aws* helm/crds e2e-test-namespace := "e2e-test" diff --git a/config/crds/bases/application-networking.k8s.aws_accesslogpolicies.yaml b/config/crds/bases/application-networking.k8s.aws_accesslogpolicies.yaml index cbb290a3..0877aec1 100644 --- a/config/crds/bases/application-networking.k8s.aws_accesslogpolicies.yaml +++ b/config/crds/bases/application-networking.k8s.aws_accesslogpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: accesslogpolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,14 +27,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,17 +47,18 @@ spec: description: AccessLogPolicySpec defines the desired state of AccessLogPolicy. properties: destinationArn: - description: "The Amazon Resource Name (ARN) of the destination that - will store access logs. Supported values are S3 Bucket, CloudWatch - Log Group, and Firehose Delivery Stream ARNs. \n Changes to this - value results in replacement of the VPC Lattice Access Log Subscription." + description: |- + The Amazon Resource Name (ARN) of the destination that will store access logs. + Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stream ARNs. + + Changes to this value results in replacement of the VPC Lattice Access Log Subscription. pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)? type: string targetRef: - description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, - or GRPCRoute resource that will have this policy attached. \n This - field is following the guidelines of Kubernetes Gateway API policy - attachment." + description: |- + TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -71,10 +77,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -110,50 +117,48 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the AccessLogPolicy. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe AccessLogPolicy state. \n Known condition types are: - \n * \"Accepted\" * \"Ready\"" + description: |- + Conditions describe the current conditions of the AccessLogPolicy. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe AccessLogPolicy state. + + Known condition types are: + + * "Accepted" + * "Ready" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -168,10 +173,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crds/bases/application-networking.k8s.aws_iamauthpolicies.yaml b/config/crds/bases/application-networking.k8s.aws_iamauthpolicies.yaml index 1ac41268..a8b5b251 100644 --- a/config/crds/bases/application-networking.k8s.aws_iamauthpolicies.yaml +++ b/config/crds/bases/application-networking.k8s.aws_iamauthpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: iamauthpolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,25 +27,27 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. - When the controller handles IAMAuthPolicy creation, if the targetRef - k8s and VPC Lattice resource exists, the controller will change the - auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. - When the controller handles IAMAuthPolicy deletion, if the targetRef - k8s and VPC Lattice resource exists, the controller will change the - auth_type of that VPC Lattice resource to NONE and detach this policy. + description: |- + IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. + When the controller handles IAMAuthPolicy creation, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. + When the controller handles IAMAuthPolicy deletion, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to NONE and detach this policy. properties: policy: description: IAM auth policy content. It is a JSON string that uses @@ -53,10 +55,10 @@ spec: documentation to get [the common elements in an auth policy](https://docs.aws.amazon.com/vpc-lattice/latest/ug/auth-policies.html#auth-policies-common-elements) type: string targetRef: - description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, - or GRPCRoute resource that will have this policy attached. \n This - field is following the guidelines of Kubernetes Gateway API policy - attachment." + description: |- + TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -75,10 +77,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -114,50 +117,48 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the IAMAuthPolicy. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe IAMAuthPolicy state. \n Known condition types are: \n - * \"Accepted\" * \"Ready\"" + description: |- + Conditions describe the current conditions of the IAMAuthPolicy. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe IAMAuthPolicy state. + + Known condition types are: + + * "Accepted" + * "Ready" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -172,10 +173,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crds/bases/application-networking.k8s.aws_serviceexports.yaml b/config/crds/bases/application-networking.k8s.aws_serviceexports.yaml index d5d8d699..b3b01dab 100644 --- a/config/crds/bases/application-networking.k8s.aws_serviceexports.yaml +++ b/config/crds/bases/application-networking.k8s.aws_serviceexports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: serviceexports.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -17,32 +17,42 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: ServiceExport declares that the Service with the same name and - namespace as this export should be consumable from other clusters. + description: |- + ServiceExport declares that the Service with the same name and namespace + as this export should be consumable from other clusters. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object status: - description: status describes the current state of an exported service. - Service configuration comes from the Service that had the same name - and namespace as this ServiceExport. Populated by the multi-cluster - service implementation's controller. + description: |- + status describes the current state of an exported service. + Service configuration comes from the Service that had the same + name and namespace as this ServiceExport. + Populated by the multi-cluster service implementation's controller. properties: conditions: items: - description: "ServiceExportCondition contains details for the current - condition of this service export. \n Once [KEP-1623](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions) - is implemented, this will be replaced by metav1.Condition." + description: |- + ServiceExportCondition contains details for the current condition of this + service export. + + Once [KEP-1623](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions) is + implemented, this will be replaced by metav1.Condition. properties: lastTransitionTime: format: date-time diff --git a/config/crds/bases/application-networking.k8s.aws_serviceimports.yaml b/config/crds/bases/application-networking.k8s.aws_serviceimports.yaml index 7ebda6aa..31e37be6 100644 --- a/config/crds/bases/application-networking.k8s.aws_serviceimports.yaml +++ b/config/crds/bases/application-networking.k8s.aws_serviceimports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: serviceimports.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -21,14 +21,19 @@ spec: ClusterSet. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -48,28 +53,31 @@ spec: is exposed properties: appProtocol: - description: The application protocol for this port. This field - follows standard Kubernetes label syntax. Un-prefixed names - are reserved for IANA standard service names (as per RFC-6335 - and http://www.iana.org/assignments/service-names). Non-standard - protocols should use prefixed names such as mycompany.com/my-custom-protocol. + description: |- + The application protocol for this port. + This field follows standard Kubernetes label syntax. + Un-prefixed names are reserved for IANA standard service names (as per + RFC-6335 and http://www.iana.org/assignments/service-names). + Non-standard protocols should use prefixed names such as + mycompany.com/my-custom-protocol. Field can be enabled with ServiceAppProtocol feature gate. type: string name: - description: The name of this port within the service. This - must be a DNS_LABEL. All ports within a ServiceSpec must have - unique names. When considering the endpoints for a Service, - this must match the 'name' field in the EndpointPort. Optional - if only one ServicePort is defined on this service. + description: |- + The name of this port within the service. This must be a DNS_LABEL. + All ports within a ServiceSpec must have unique names. When considering + the endpoints for a Service, this must match the 'name' field in the + EndpointPort. + Optional if only one ServicePort is defined on this service. type: string port: description: The port that will be exposed by this service. format: int32 type: integer protocol: - default: TCP - description: The IP protocol for this port. Supports "TCP", - "UDP", and "SCTP". Default is TCP. + description: |- + The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + Default is TCP. type: string required: - port @@ -77,10 +85,13 @@ spec: type: array x-kubernetes-list-type: atomic sessionAffinity: - description: 'Supports "ClientIP" and "None". Used to maintain session - affinity. Enable client IP based session affinity. Must be ClientIP - or None. Defaults to None. Ignored when type is Headless More info: - https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + description: |- + Supports "ClientIP" and "None". Used to maintain session affinity. + Enable client IP based session affinity. + Must be ClientIP or None. + Defaults to None. + Ignored when type is Headless + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains session affinity configuration. @@ -90,17 +101,18 @@ spec: based session affinity. properties: timeoutSeconds: - description: timeoutSeconds specifies the seconds of ClientIP - type session sticky time. The value must be >0 && <=86400(for - 1 day) if ServiceAffinity == "ClientIP". Default value is - 10800(for 3 hours). + description: |- + timeoutSeconds specifies the seconds of ClientIP type session sticky time. + The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: - description: type defines the type of this service. Must be ClusterSetIP - or Headless. + description: |- + type defines the type of this service. + Must be ClusterSetIP or Headless. enum: - ClusterSetIP - Headless @@ -110,19 +122,22 @@ spec: - type type: object status: - description: status contains information about the exported services that - form the multi-cluster service referenced by this ServiceImport. + description: |- + status contains information about the exported services that form + the multi-cluster service referenced by this ServiceImport. properties: clusters: - description: clusters is the list of exporting clusters from which - this service was derived. + description: |- + clusters is the list of exporting clusters from which this service + was derived. items: description: ClusterStatus contains service configuration mapped to a specific source cluster properties: cluster: - description: cluster is the name of the exporting cluster. Must - be a valid RFC-1123 DNS label. + description: |- + cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS + label. type: string required: - cluster diff --git a/config/crds/bases/application-networking.k8s.aws_targetgrouppolicies.yaml b/config/crds/bases/application-networking.k8s.aws_targetgrouppolicies.yaml index 681b7032..fa52ce24 100644 --- a/config/crds/bases/application-networking.k8s.aws_targetgrouppolicies.yaml +++ b/config/crds/bases/application-networking.k8s.aws_targetgrouppolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: targetgrouppolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,14 +27,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,8 +47,10 @@ spec: description: TargetGroupPolicySpec defines the desired state of TargetGroupPolicy. properties: healthCheck: - description: "The health check configuration. \n Changes to this value - will update VPC Lattice resource in place." + description: |- + The health check configuration. + + Changes to this value will update VPC Lattice resource in place. properties: enabled: description: Indicates whether health checking is enabled. @@ -66,9 +73,9 @@ spec: description: The destination for health checks on the targets. type: string port: - description: The port used when performing health checks on targets. - If not specified, health check defaults to the port that a target - receives traffic on. + description: |- + The port used when performing health checks on targets. If not specified, health check defaults to the + port that a target receives traffic on. format: int64 maximum: 65535 minimum: 1 @@ -107,22 +114,24 @@ spec: type: integer type: object protocol: - description: "The protocol to use for routing traffic to the targets. - Supported values are HTTP (default), HTTPS and TCP. \n Changes to - this value results in a replacement of VPC Lattice target group." + description: |- + The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP. + + Changes to this value results in a replacement of VPC Lattice target group. type: string protocolVersion: - description: "The protocol version to use. Supported values are HTTP1 - (default) and HTTP2. When a policy Protocol is TCP, you should not - set this field. Otherwise, the whole TargetGroupPolicy will not - take effect. When a policy is behind GRPCRoute, this field value - will be ignored as GRPC is only supported through HTTP/2. \n Changes - to this value results in a replacement of VPC Lattice target group." + description: |- + The protocol version to use. Supported values are HTTP1 (default) and HTTP2. + When a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect. + When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. + + Changes to this value results in a replacement of VPC Lattice target group. type: string targetRef: - description: "TargetRef points to the kubernetes Service resource - that will have this policy attached. \n This field is following - the guidelines of Kubernetes Gateway API policy attachment." + description: |- + TargetRef points to the kubernetes Service resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -141,10 +150,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -179,50 +189,48 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the TargetGroup. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe TargetGroup state. \n Known condition types are: \n - * \"Accepted\" * \"Ready\"" + description: |- + Conditions describe the current conditions of the TargetGroup. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe TargetGroup state. + + Known condition types are: + + * "Accepted" + * "Ready" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -237,10 +245,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crds/bases/application-networking.k8s.aws_vpcassociationpolicies.yaml b/config/crds/bases/application-networking.k8s.aws_vpcassociationpolicies.yaml index 15e70923..3b43db91 100644 --- a/config/crds/bases/application-networking.k8s.aws_vpcassociationpolicies.yaml +++ b/config/crds/bases/application-networking.k8s.aws_vpcassociationpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: vpcassociationpolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,14 +27,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,15 +47,17 @@ spec: description: VpcAssociationPolicySpec defines the desired state of VpcAssociationPolicy. properties: associateWithVpc: - description: "AssociateWithVpc indicates whether the VpcServiceNetworkAssociation - should be created for the current VPC of k8s cluster. \n This value - will be considered true by default." + description: |- + AssociateWithVpc indicates whether the VpcServiceNetworkAssociation should be created for the current VPC of k8s cluster. + + This value will be considered true by default. type: boolean securityGroupIds: - description: "SecurityGroupIds defines the security groups enforced - on the VpcServiceNetworkAssociation. Security groups does not take - effect if AssociateWithVpc is set to false. \n For more details, - please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html" + description: |- + SecurityGroupIds defines the security groups enforced on the VpcServiceNetworkAssociation. + Security groups does not take effect if AssociateWithVpc is set to false. + + For more details, please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html items: maxLength: 32 minLength: 3 @@ -59,9 +66,10 @@ spec: minItems: 1 type: array targetRef: - description: "TargetRef points to the kubernetes Gateway resource - that will have this policy attached. \n This field is following - the guidelines of Kubernetes Gateway API policy attachment." + description: |- + TargetRef points to the kubernetes Gateway resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -80,10 +88,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -107,50 +116,47 @@ spec: reason: Pending status: Unknown type: Accepted - description: "Conditions describe the current conditions of the VpcAssociationPolicy. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe VpcAssociationPolicy state. \n Known condition types - are: \n * \"Accepted\"" + description: |- + Conditions describe the current conditions of the VpcAssociationPolicy. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe VpcAssociationPolicy state. + + Known condition types are: + + * "Accepted" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -165,10 +171,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/helm/crds/application-networking.k8s.aws_accesslogpolicies.yaml b/helm/crds/application-networking.k8s.aws_accesslogpolicies.yaml index cbb290a3..0877aec1 100644 --- a/helm/crds/application-networking.k8s.aws_accesslogpolicies.yaml +++ b/helm/crds/application-networking.k8s.aws_accesslogpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: accesslogpolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,14 +27,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,17 +47,18 @@ spec: description: AccessLogPolicySpec defines the desired state of AccessLogPolicy. properties: destinationArn: - description: "The Amazon Resource Name (ARN) of the destination that - will store access logs. Supported values are S3 Bucket, CloudWatch - Log Group, and Firehose Delivery Stream ARNs. \n Changes to this - value results in replacement of the VPC Lattice Access Log Subscription." + description: |- + The Amazon Resource Name (ARN) of the destination that will store access logs. + Supported values are S3 Bucket, CloudWatch Log Group, and Firehose Delivery Stream ARNs. + + Changes to this value results in replacement of the VPC Lattice Access Log Subscription. pattern: ^arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:([^/].*)? type: string targetRef: - description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, - or GRPCRoute resource that will have this policy attached. \n This - field is following the guidelines of Kubernetes Gateway API policy - attachment." + description: |- + TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -71,10 +77,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -110,50 +117,48 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the AccessLogPolicy. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe AccessLogPolicy state. \n Known condition types are: - \n * \"Accepted\" * \"Ready\"" + description: |- + Conditions describe the current conditions of the AccessLogPolicy. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe AccessLogPolicy state. + + Known condition types are: + + * "Accepted" + * "Ready" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -168,10 +173,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/helm/crds/application-networking.k8s.aws_iamauthpolicies.yaml b/helm/crds/application-networking.k8s.aws_iamauthpolicies.yaml index 1ac41268..a8b5b251 100644 --- a/helm/crds/application-networking.k8s.aws_iamauthpolicies.yaml +++ b/helm/crds/application-networking.k8s.aws_iamauthpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: iamauthpolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,25 +27,27 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object spec: - description: IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. - When the controller handles IAMAuthPolicy creation, if the targetRef - k8s and VPC Lattice resource exists, the controller will change the - auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. - When the controller handles IAMAuthPolicy deletion, if the targetRef - k8s and VPC Lattice resource exists, the controller will change the - auth_type of that VPC Lattice resource to NONE and detach this policy. + description: |- + IAMAuthPolicySpec defines the desired state of IAMAuthPolicy. + When the controller handles IAMAuthPolicy creation, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to AWS_IAM and attach this policy. + When the controller handles IAMAuthPolicy deletion, if the targetRef k8s and VPC Lattice resource exists, the controller will change the auth_type of that VPC Lattice resource to NONE and detach this policy. properties: policy: description: IAM auth policy content. It is a JSON string that uses @@ -53,10 +55,10 @@ spec: documentation to get [the common elements in an auth policy](https://docs.aws.amazon.com/vpc-lattice/latest/ug/auth-policies.html#auth-policies-common-elements) type: string targetRef: - description: "TargetRef points to the Kubernetes Gateway, HTTPRoute, - or GRPCRoute resource that will have this policy attached. \n This - field is following the guidelines of Kubernetes Gateway API policy - attachment." + description: |- + TargetRef points to the Kubernetes Gateway, HTTPRoute, or GRPCRoute resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -75,10 +77,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -114,50 +117,48 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the IAMAuthPolicy. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe IAMAuthPolicy state. \n Known condition types are: \n - * \"Accepted\" * \"Ready\"" + description: |- + Conditions describe the current conditions of the IAMAuthPolicy. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe IAMAuthPolicy state. + + Known condition types are: + + * "Accepted" + * "Ready" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -172,10 +173,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/helm/crds/application-networking.k8s.aws_serviceexports.yaml b/helm/crds/application-networking.k8s.aws_serviceexports.yaml index d5d8d699..b3b01dab 100644 --- a/helm/crds/application-networking.k8s.aws_serviceexports.yaml +++ b/helm/crds/application-networking.k8s.aws_serviceexports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: serviceexports.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -17,32 +17,42 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: ServiceExport declares that the Service with the same name and - namespace as this export should be consumable from other clusters. + description: |- + ServiceExport declares that the Service with the same name and namespace + as this export should be consumable from other clusters. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object status: - description: status describes the current state of an exported service. - Service configuration comes from the Service that had the same name - and namespace as this ServiceExport. Populated by the multi-cluster - service implementation's controller. + description: |- + status describes the current state of an exported service. + Service configuration comes from the Service that had the same + name and namespace as this ServiceExport. + Populated by the multi-cluster service implementation's controller. properties: conditions: items: - description: "ServiceExportCondition contains details for the current - condition of this service export. \n Once [KEP-1623](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions) - is implemented, this will be replaced by metav1.Condition." + description: |- + ServiceExportCondition contains details for the current condition of this + service export. + + Once [KEP-1623](https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions) is + implemented, this will be replaced by metav1.Condition. properties: lastTransitionTime: format: date-time diff --git a/helm/crds/application-networking.k8s.aws_serviceimports.yaml b/helm/crds/application-networking.k8s.aws_serviceimports.yaml index 7ebda6aa..31e37be6 100644 --- a/helm/crds/application-networking.k8s.aws_serviceimports.yaml +++ b/helm/crds/application-networking.k8s.aws_serviceimports.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: serviceimports.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -21,14 +21,19 @@ spec: ClusterSet. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -48,28 +53,31 @@ spec: is exposed properties: appProtocol: - description: The application protocol for this port. This field - follows standard Kubernetes label syntax. Un-prefixed names - are reserved for IANA standard service names (as per RFC-6335 - and http://www.iana.org/assignments/service-names). Non-standard - protocols should use prefixed names such as mycompany.com/my-custom-protocol. + description: |- + The application protocol for this port. + This field follows standard Kubernetes label syntax. + Un-prefixed names are reserved for IANA standard service names (as per + RFC-6335 and http://www.iana.org/assignments/service-names). + Non-standard protocols should use prefixed names such as + mycompany.com/my-custom-protocol. Field can be enabled with ServiceAppProtocol feature gate. type: string name: - description: The name of this port within the service. This - must be a DNS_LABEL. All ports within a ServiceSpec must have - unique names. When considering the endpoints for a Service, - this must match the 'name' field in the EndpointPort. Optional - if only one ServicePort is defined on this service. + description: |- + The name of this port within the service. This must be a DNS_LABEL. + All ports within a ServiceSpec must have unique names. When considering + the endpoints for a Service, this must match the 'name' field in the + EndpointPort. + Optional if only one ServicePort is defined on this service. type: string port: description: The port that will be exposed by this service. format: int32 type: integer protocol: - default: TCP - description: The IP protocol for this port. Supports "TCP", - "UDP", and "SCTP". Default is TCP. + description: |- + The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". + Default is TCP. type: string required: - port @@ -77,10 +85,13 @@ spec: type: array x-kubernetes-list-type: atomic sessionAffinity: - description: 'Supports "ClientIP" and "None". Used to maintain session - affinity. Enable client IP based session affinity. Must be ClientIP - or None. Defaults to None. Ignored when type is Headless More info: - https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies' + description: |- + Supports "ClientIP" and "None". Used to maintain session affinity. + Enable client IP based session affinity. + Must be ClientIP or None. + Defaults to None. + Ignored when type is Headless + More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies type: string sessionAffinityConfig: description: sessionAffinityConfig contains session affinity configuration. @@ -90,17 +101,18 @@ spec: based session affinity. properties: timeoutSeconds: - description: timeoutSeconds specifies the seconds of ClientIP - type session sticky time. The value must be >0 && <=86400(for - 1 day) if ServiceAffinity == "ClientIP". Default value is - 10800(for 3 hours). + description: |- + timeoutSeconds specifies the seconds of ClientIP type session sticky time. + The value must be >0 && <=86400(for 1 day) if ServiceAffinity == "ClientIP". + Default value is 10800(for 3 hours). format: int32 type: integer type: object type: object type: - description: type defines the type of this service. Must be ClusterSetIP - or Headless. + description: |- + type defines the type of this service. + Must be ClusterSetIP or Headless. enum: - ClusterSetIP - Headless @@ -110,19 +122,22 @@ spec: - type type: object status: - description: status contains information about the exported services that - form the multi-cluster service referenced by this ServiceImport. + description: |- + status contains information about the exported services that form + the multi-cluster service referenced by this ServiceImport. properties: clusters: - description: clusters is the list of exporting clusters from which - this service was derived. + description: |- + clusters is the list of exporting clusters from which this service + was derived. items: description: ClusterStatus contains service configuration mapped to a specific source cluster properties: cluster: - description: cluster is the name of the exporting cluster. Must - be a valid RFC-1123 DNS label. + description: |- + cluster is the name of the exporting cluster. Must be a valid RFC-1123 DNS + label. type: string required: - cluster diff --git a/helm/crds/application-networking.k8s.aws_targetgrouppolicies.yaml b/helm/crds/application-networking.k8s.aws_targetgrouppolicies.yaml index 681b7032..fa52ce24 100644 --- a/helm/crds/application-networking.k8s.aws_targetgrouppolicies.yaml +++ b/helm/crds/application-networking.k8s.aws_targetgrouppolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: targetgrouppolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,14 +27,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,8 +47,10 @@ spec: description: TargetGroupPolicySpec defines the desired state of TargetGroupPolicy. properties: healthCheck: - description: "The health check configuration. \n Changes to this value - will update VPC Lattice resource in place." + description: |- + The health check configuration. + + Changes to this value will update VPC Lattice resource in place. properties: enabled: description: Indicates whether health checking is enabled. @@ -66,9 +73,9 @@ spec: description: The destination for health checks on the targets. type: string port: - description: The port used when performing health checks on targets. - If not specified, health check defaults to the port that a target - receives traffic on. + description: |- + The port used when performing health checks on targets. If not specified, health check defaults to the + port that a target receives traffic on. format: int64 maximum: 65535 minimum: 1 @@ -107,22 +114,24 @@ spec: type: integer type: object protocol: - description: "The protocol to use for routing traffic to the targets. - Supported values are HTTP (default), HTTPS and TCP. \n Changes to - this value results in a replacement of VPC Lattice target group." + description: |- + The protocol to use for routing traffic to the targets. Supported values are HTTP (default), HTTPS and TCP. + + Changes to this value results in a replacement of VPC Lattice target group. type: string protocolVersion: - description: "The protocol version to use. Supported values are HTTP1 - (default) and HTTP2. When a policy Protocol is TCP, you should not - set this field. Otherwise, the whole TargetGroupPolicy will not - take effect. When a policy is behind GRPCRoute, this field value - will be ignored as GRPC is only supported through HTTP/2. \n Changes - to this value results in a replacement of VPC Lattice target group." + description: |- + The protocol version to use. Supported values are HTTP1 (default) and HTTP2. + When a policy Protocol is TCP, you should not set this field. Otherwise, the whole TargetGroupPolicy will not take effect. + When a policy is behind GRPCRoute, this field value will be ignored as GRPC is only supported through HTTP/2. + + Changes to this value results in a replacement of VPC Lattice target group. type: string targetRef: - description: "TargetRef points to the kubernetes Service resource - that will have this policy attached. \n This field is following - the guidelines of Kubernetes Gateway API policy attachment." + description: |- + TargetRef points to the kubernetes Service resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -141,10 +150,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -179,50 +189,48 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the TargetGroup. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe TargetGroup state. \n Known condition types are: \n - * \"Accepted\" * \"Ready\"" + description: |- + Conditions describe the current conditions of the TargetGroup. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe TargetGroup state. + + Known condition types are: + + * "Accepted" + * "Ready" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -237,10 +245,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/helm/crds/application-networking.k8s.aws_vpcassociationpolicies.yaml b/helm/crds/application-networking.k8s.aws_vpcassociationpolicies.yaml index 15e70923..3b43db91 100644 --- a/helm/crds/application-networking.k8s.aws_vpcassociationpolicies.yaml +++ b/helm/crds/application-networking.k8s.aws_vpcassociationpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.16.5 name: vpcassociationpolicies.application-networking.k8s.aws spec: group: application-networking.k8s.aws @@ -27,14 +27,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,15 +47,17 @@ spec: description: VpcAssociationPolicySpec defines the desired state of VpcAssociationPolicy. properties: associateWithVpc: - description: "AssociateWithVpc indicates whether the VpcServiceNetworkAssociation - should be created for the current VPC of k8s cluster. \n This value - will be considered true by default." + description: |- + AssociateWithVpc indicates whether the VpcServiceNetworkAssociation should be created for the current VPC of k8s cluster. + + This value will be considered true by default. type: boolean securityGroupIds: - description: "SecurityGroupIds defines the security groups enforced - on the VpcServiceNetworkAssociation. Security groups does not take - effect if AssociateWithVpc is set to false. \n For more details, - please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html" + description: |- + SecurityGroupIds defines the security groups enforced on the VpcServiceNetworkAssociation. + Security groups does not take effect if AssociateWithVpc is set to false. + + For more details, please check the VPC Lattice documentation https://docs.aws.amazon.com/vpc-lattice/latest/ug/security-groups.html items: maxLength: 32 minLength: 3 @@ -59,9 +66,10 @@ spec: minItems: 1 type: array targetRef: - description: "TargetRef points to the kubernetes Gateway resource - that will have this policy attached. \n This field is following - the guidelines of Kubernetes Gateway API policy attachment." + description: |- + TargetRef points to the kubernetes Gateway resource that will have this policy attached. + + This field is following the guidelines of Kubernetes Gateway API policy attachment. properties: group: description: Group is the group of the target resource. @@ -80,10 +88,11 @@ spec: minLength: 1 type: string namespace: - description: Namespace is the namespace of the referent. When - unspecified, the local namespace is inferred. Even when policy - targets a resource in a different namespace, it MUST only apply - to traffic originating from the same namespace as the policy. + description: |- + Namespace is the namespace of the referent. When unspecified, the local + namespace is inferred. Even when policy targets a resource in a different + namespace, it MUST only apply to traffic originating from the same + namespace as the policy. maxLength: 63 minLength: 1 pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ @@ -107,50 +116,47 @@ spec: reason: Pending status: Unknown type: Accepted - description: "Conditions describe the current conditions of the VpcAssociationPolicy. - \n Implementations should prefer to express Policy conditions using - the `PolicyConditionType` and `PolicyConditionReason` constants - so that operators and tools can converge on a common vocabulary - to describe VpcAssociationPolicy state. \n Known condition types - are: \n * \"Accepted\"" + description: |- + Conditions describe the current conditions of the VpcAssociationPolicy. + + Implementations should prefer to express Policy conditions + using the `PolicyConditionType` and `PolicyConditionReason` + constants so that operators and tools can converge on a common + vocabulary to describe VpcAssociationPolicy state. + + Known condition types are: + + * "Accepted" items: - description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -165,10 +171,6 @@ spec: type: string type: description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go index ec0f0eaf..83eef84f 100644 --- a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go @@ -8,7 +8,7 @@ import ( corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" - gwv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" + "sigs.k8s.io/gateway-api/apis/v1alpha2" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -80,7 +80,7 @@ func (in *AccessLogPolicySpec) DeepCopyInto(out *AccessLogPolicySpec) { } if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(gwv1alpha2.NamespacedPolicyTargetReference) + *out = new(v1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } } @@ -261,7 +261,7 @@ func (in *IAMAuthPolicySpec) DeepCopyInto(out *IAMAuthPolicySpec) { *out = *in if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(gwv1alpha2.NamespacedPolicyTargetReference) + *out = new(v1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } } @@ -612,7 +612,7 @@ func (in *TargetGroupPolicySpec) DeepCopyInto(out *TargetGroupPolicySpec) { } if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(gwv1alpha2.NamespacedPolicyTargetReference) + *out = new(v1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } if in.HealthCheck != nil { @@ -728,7 +728,7 @@ func (in *VpcAssociationPolicySpec) DeepCopyInto(out *VpcAssociationPolicySpec) } if in.TargetRef != nil { in, out := &in.TargetRef, &out.TargetRef - *out = new(gwv1alpha2.NamespacedPolicyTargetReference) + *out = new(v1alpha2.NamespacedPolicyTargetReference) (*in).DeepCopyInto(*out) } } From d7c6599f65ff17433b7bb00e18396127682fc206 Mon Sep 17 00:00:00 2001 From: erikfuller <16261515+erikfuller@users.noreply.github.com> Date: Mon, 9 Dec 2024 15:33:30 -0800 Subject: [PATCH 4/6] removed autogen files to fix make vet --- .../v1alpha1/zz_generated.deepcopy.go | 766 ------------------ .../v1alpha1/zz_generated.register.go | 76 -- 2 files changed, 842 deletions(-) delete mode 100644 pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go delete mode 100644 pkg/apis/applicationnetworking/v1alpha1/zz_generated.register.go diff --git a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 83eef84f..00000000 --- a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,766 +0,0 @@ -//go:build !ignore_autogenerated - -// Code generated by controller-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/gateway-api/apis/v1alpha2" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AccessLogPolicy) DeepCopyInto(out *AccessLogPolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicy. -func (in *AccessLogPolicy) DeepCopy() *AccessLogPolicy { - if in == nil { - return nil - } - out := new(AccessLogPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AccessLogPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AccessLogPolicyList) DeepCopyInto(out *AccessLogPolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]AccessLogPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicyList. -func (in *AccessLogPolicyList) DeepCopy() *AccessLogPolicyList { - if in == nil { - return nil - } - out := new(AccessLogPolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *AccessLogPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AccessLogPolicySpec) DeepCopyInto(out *AccessLogPolicySpec) { - *out = *in - if in.DestinationArn != nil { - in, out := &in.DestinationArn, &out.DestinationArn - *out = new(string) - **out = **in - } - if in.TargetRef != nil { - in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.NamespacedPolicyTargetReference) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicySpec. -func (in *AccessLogPolicySpec) DeepCopy() *AccessLogPolicySpec { - if in == nil { - return nil - } - out := new(AccessLogPolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *AccessLogPolicyStatus) DeepCopyInto(out *AccessLogPolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicyStatus. -func (in *AccessLogPolicyStatus) DeepCopy() *AccessLogPolicyStatus { - if in == nil { - return nil - } - out := new(AccessLogPolicyStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus) { - *out = *in -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus. -func (in *ClusterStatus) DeepCopy() *ClusterStatus { - if in == nil { - return nil - } - out := new(ClusterStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *HealthCheckConfig) DeepCopyInto(out *HealthCheckConfig) { - *out = *in - if in.Enabled != nil { - in, out := &in.Enabled, &out.Enabled - *out = new(bool) - **out = **in - } - if in.IntervalSeconds != nil { - in, out := &in.IntervalSeconds, &out.IntervalSeconds - *out = new(int64) - **out = **in - } - if in.TimeoutSeconds != nil { - in, out := &in.TimeoutSeconds, &out.TimeoutSeconds - *out = new(int64) - **out = **in - } - if in.HealthyThresholdCount != nil { - in, out := &in.HealthyThresholdCount, &out.HealthyThresholdCount - *out = new(int64) - **out = **in - } - if in.UnhealthyThresholdCount != nil { - in, out := &in.UnhealthyThresholdCount, &out.UnhealthyThresholdCount - *out = new(int64) - **out = **in - } - if in.StatusMatch != nil { - in, out := &in.StatusMatch, &out.StatusMatch - *out = new(string) - **out = **in - } - if in.Path != nil { - in, out := &in.Path, &out.Path - *out = new(string) - **out = **in - } - if in.Port != nil { - in, out := &in.Port, &out.Port - *out = new(int64) - **out = **in - } - if in.Protocol != nil { - in, out := &in.Protocol, &out.Protocol - *out = new(HealthCheckProtocol) - **out = **in - } - if in.ProtocolVersion != nil { - in, out := &in.ProtocolVersion, &out.ProtocolVersion - *out = new(HealthCheckProtocolVersion) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthCheckConfig. -func (in *HealthCheckConfig) DeepCopy() *HealthCheckConfig { - if in == nil { - return nil - } - out := new(HealthCheckConfig) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IAMAuthPolicy) DeepCopyInto(out *IAMAuthPolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicy. -func (in *IAMAuthPolicy) DeepCopy() *IAMAuthPolicy { - if in == nil { - return nil - } - out := new(IAMAuthPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IAMAuthPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IAMAuthPolicyList) DeepCopyInto(out *IAMAuthPolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]IAMAuthPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicyList. -func (in *IAMAuthPolicyList) DeepCopy() *IAMAuthPolicyList { - if in == nil { - return nil - } - out := new(IAMAuthPolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *IAMAuthPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IAMAuthPolicySpec) DeepCopyInto(out *IAMAuthPolicySpec) { - *out = *in - if in.TargetRef != nil { - in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.NamespacedPolicyTargetReference) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicySpec. -func (in *IAMAuthPolicySpec) DeepCopy() *IAMAuthPolicySpec { - if in == nil { - return nil - } - out := new(IAMAuthPolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IAMAuthPolicyStatus) DeepCopyInto(out *IAMAuthPolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicyStatus. -func (in *IAMAuthPolicyStatus) DeepCopy() *IAMAuthPolicyStatus { - if in == nil { - return nil - } - out := new(IAMAuthPolicyStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceExport) DeepCopyInto(out *ServiceExport) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExport. -func (in *ServiceExport) DeepCopy() *ServiceExport { - if in == nil { - return nil - } - out := new(ServiceExport) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceExport) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceExportCondition) DeepCopyInto(out *ServiceExportCondition) { - *out = *in - if in.LastTransitionTime != nil { - in, out := &in.LastTransitionTime, &out.LastTransitionTime - *out = (*in).DeepCopy() - } - if in.Reason != nil { - in, out := &in.Reason, &out.Reason - *out = new(string) - **out = **in - } - if in.Message != nil { - in, out := &in.Message, &out.Message - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExportCondition. -func (in *ServiceExportCondition) DeepCopy() *ServiceExportCondition { - if in == nil { - return nil - } - out := new(ServiceExportCondition) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceExportList) DeepCopyInto(out *ServiceExportList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ServiceExport, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExportList. -func (in *ServiceExportList) DeepCopy() *ServiceExportList { - if in == nil { - return nil - } - out := new(ServiceExportList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceExportList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceExportStatus) DeepCopyInto(out *ServiceExportStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]ServiceExportCondition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExportStatus. -func (in *ServiceExportStatus) DeepCopy() *ServiceExportStatus { - if in == nil { - return nil - } - out := new(ServiceExportStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceImport) DeepCopyInto(out *ServiceImport) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImport. -func (in *ServiceImport) DeepCopy() *ServiceImport { - if in == nil { - return nil - } - out := new(ServiceImport) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceImport) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceImportList) DeepCopyInto(out *ServiceImportList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]ServiceImport, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImportList. -func (in *ServiceImportList) DeepCopy() *ServiceImportList { - if in == nil { - return nil - } - out := new(ServiceImportList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *ServiceImportList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceImportSpec) DeepCopyInto(out *ServiceImportSpec) { - *out = *in - if in.Ports != nil { - in, out := &in.Ports, &out.Ports - *out = make([]ServicePort, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - if in.IPs != nil { - in, out := &in.IPs, &out.IPs - *out = make([]string, len(*in)) - copy(*out, *in) - } - if in.SessionAffinityConfig != nil { - in, out := &in.SessionAffinityConfig, &out.SessionAffinityConfig - *out = new(corev1.SessionAffinityConfig) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImportSpec. -func (in *ServiceImportSpec) DeepCopy() *ServiceImportSpec { - if in == nil { - return nil - } - out := new(ServiceImportSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServiceImportStatus) DeepCopyInto(out *ServiceImportStatus) { - *out = *in - if in.Clusters != nil { - in, out := &in.Clusters, &out.Clusters - *out = make([]ClusterStatus, len(*in)) - copy(*out, *in) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImportStatus. -func (in *ServiceImportStatus) DeepCopy() *ServiceImportStatus { - if in == nil { - return nil - } - out := new(ServiceImportStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ServicePort) DeepCopyInto(out *ServicePort) { - *out = *in - if in.AppProtocol != nil { - in, out := &in.AppProtocol, &out.AppProtocol - *out = new(string) - **out = **in - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServicePort. -func (in *ServicePort) DeepCopy() *ServicePort { - if in == nil { - return nil - } - out := new(ServicePort) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetGroupPolicy) DeepCopyInto(out *TargetGroupPolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicy. -func (in *TargetGroupPolicy) DeepCopy() *TargetGroupPolicy { - if in == nil { - return nil - } - out := new(TargetGroupPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TargetGroupPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetGroupPolicyList) DeepCopyInto(out *TargetGroupPolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]TargetGroupPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicyList. -func (in *TargetGroupPolicyList) DeepCopy() *TargetGroupPolicyList { - if in == nil { - return nil - } - out := new(TargetGroupPolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TargetGroupPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetGroupPolicySpec) DeepCopyInto(out *TargetGroupPolicySpec) { - *out = *in - if in.Protocol != nil { - in, out := &in.Protocol, &out.Protocol - *out = new(string) - **out = **in - } - if in.ProtocolVersion != nil { - in, out := &in.ProtocolVersion, &out.ProtocolVersion - *out = new(string) - **out = **in - } - if in.TargetRef != nil { - in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.NamespacedPolicyTargetReference) - (*in).DeepCopyInto(*out) - } - if in.HealthCheck != nil { - in, out := &in.HealthCheck, &out.HealthCheck - *out = new(HealthCheckConfig) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicySpec. -func (in *TargetGroupPolicySpec) DeepCopy() *TargetGroupPolicySpec { - if in == nil { - return nil - } - out := new(TargetGroupPolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TargetGroupPolicyStatus) DeepCopyInto(out *TargetGroupPolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicyStatus. -func (in *TargetGroupPolicyStatus) DeepCopy() *TargetGroupPolicyStatus { - if in == nil { - return nil - } - out := new(TargetGroupPolicyStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VpcAssociationPolicy) DeepCopyInto(out *VpcAssociationPolicy) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicy. -func (in *VpcAssociationPolicy) DeepCopy() *VpcAssociationPolicy { - if in == nil { - return nil - } - out := new(VpcAssociationPolicy) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *VpcAssociationPolicy) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VpcAssociationPolicyList) DeepCopyInto(out *VpcAssociationPolicyList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]VpcAssociationPolicy, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicyList. -func (in *VpcAssociationPolicyList) DeepCopy() *VpcAssociationPolicyList { - if in == nil { - return nil - } - out := new(VpcAssociationPolicyList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *VpcAssociationPolicyList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VpcAssociationPolicySpec) DeepCopyInto(out *VpcAssociationPolicySpec) { - *out = *in - if in.SecurityGroupIds != nil { - in, out := &in.SecurityGroupIds, &out.SecurityGroupIds - *out = make([]SecurityGroupId, len(*in)) - copy(*out, *in) - } - if in.AssociateWithVpc != nil { - in, out := &in.AssociateWithVpc, &out.AssociateWithVpc - *out = new(bool) - **out = **in - } - if in.TargetRef != nil { - in, out := &in.TargetRef, &out.TargetRef - *out = new(v1alpha2.NamespacedPolicyTargetReference) - (*in).DeepCopyInto(*out) - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicySpec. -func (in *VpcAssociationPolicySpec) DeepCopy() *VpcAssociationPolicySpec { - if in == nil { - return nil - } - out := new(VpcAssociationPolicySpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *VpcAssociationPolicyStatus) DeepCopyInto(out *VpcAssociationPolicyStatus) { - *out = *in - if in.Conditions != nil { - in, out := &in.Conditions, &out.Conditions - *out = make([]v1.Condition, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicyStatus. -func (in *VpcAssociationPolicyStatus) DeepCopy() *VpcAssociationPolicyStatus { - if in == nil { - return nil - } - out := new(VpcAssociationPolicyStatus) - in.DeepCopyInto(out) - return out -} diff --git a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.register.go b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.register.go deleted file mode 100644 index e0dd2f8e..00000000 --- a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.register.go +++ /dev/null @@ -1,76 +0,0 @@ -/* -Copyright 2021. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -// Code generated by register-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" - "k8s.io/apimachinery/pkg/runtime/schema" -) - -// GroupName specifies the group name used to register the objects. -const GroupName = "application-networking.k8s.aws" - -// GroupVersion specifies the group and the version used to register the objects. -var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -// SchemeGroupVersion is group version used to register these objects -// Deprecated: use GroupVersion instead. -var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} - -// Resource takes an unqualified resource and returns a Group qualified GroupResource -func Resource(resource string) schema.GroupResource { - return SchemeGroupVersion.WithResource(resource).GroupResource() -} - -var ( - // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. - SchemeBuilder runtime.SchemeBuilder - localSchemeBuilder = &SchemeBuilder - // Depreciated: use Install instead - AddToScheme = localSchemeBuilder.AddToScheme - Install = localSchemeBuilder.AddToScheme -) - -func init() { - // We only register manually written functions here. The registration of the - // generated functions takes place in the generated files. The separation - // makes the code compile even when the generated files are missing. - localSchemeBuilder.Register(addKnownTypes) -} - -// Adds the list of known types to Scheme. -func addKnownTypes(scheme *runtime.Scheme) error { - scheme.AddKnownTypes(SchemeGroupVersion, - &AccessLogPolicy{}, - &AccessLogPolicyList{}, - &IAMAuthPolicy{}, - &IAMAuthPolicyList{}, - &ServiceExport{}, - &ServiceExportList{}, - &ServiceImport{}, - &ServiceImportList{}, - &TargetGroupPolicy{}, - &TargetGroupPolicyList{}, - &VpcAssociationPolicy{}, - &VpcAssociationPolicyList{}, - ) - // AddToGroupVersion allows the serialization of client types like ListOptions. - v1.AddToGroupVersion(scheme, SchemeGroupVersion) - return nil -} From b87d43fa660c82f4be81277b43f7316aef4c1205 Mon Sep 17 00:00:00 2001 From: erikfuller <16261515+erikfuller@users.noreply.github.com> Date: Mon, 9 Dec 2024 15:39:05 -0800 Subject: [PATCH 5/6] adding back autogen files for linting --- .../v1alpha1/generated.register.go | 79 ++ .../v1alpha1/zz_generated.deepcopy.go | 766 ++++++++++++++++++ 2 files changed, 845 insertions(+) create mode 100644 pkg/apis/applicationnetworking/v1alpha1/generated.register.go create mode 100644 pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go diff --git a/pkg/apis/applicationnetworking/v1alpha1/generated.register.go b/pkg/apis/applicationnetworking/v1alpha1/generated.register.go new file mode 100644 index 00000000..797d79d3 --- /dev/null +++ b/pkg/apis/applicationnetworking/v1alpha1/generated.register.go @@ -0,0 +1,79 @@ +//go:build !ignore_autogenerated +// +build !ignore_autogenerated + +/* +Copyright 2021. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +// Code generated by register-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName specifies the group name used to register the objects. +const GroupName = "application-networking.k8s.aws" + +// GroupVersion specifies the group and the version used to register the objects. +var GroupVersion = v1.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// SchemeGroupVersion is group version used to register these objects +// Deprecated: use GroupVersion instead. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + // Deprecated: use Install instead + AddToScheme = localSchemeBuilder.AddToScheme + Install = localSchemeBuilder.AddToScheme +) + +func init() { + // We only register manually written functions here. The registration of the + // generated functions takes place in the generated files. The separation + // makes the code compile even when the generated files are missing. + localSchemeBuilder.Register(addKnownTypes) +} + +// Adds the list of known types to Scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &AccessLogPolicy{}, + &AccessLogPolicyList{}, + &IAMAuthPolicy{}, + &IAMAuthPolicyList{}, + &ServiceExport{}, + &ServiceExportList{}, + &ServiceImport{}, + &ServiceImportList{}, + &TargetGroupPolicy{}, + &TargetGroupPolicyList{}, + &VpcAssociationPolicy{}, + &VpcAssociationPolicyList{}, + ) + // AddToGroupVersion allows the serialization of client types like ListOptions. + v1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000..26a3ef3d --- /dev/null +++ b/pkg/apis/applicationnetworking/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,766 @@ +//go:build !ignore_autogenerated + +// Code generated by controller-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + corev1 "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + "sigs.k8s.io/gateway-api/apis/v1alpha2" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessLogPolicy) DeepCopyInto(out *AccessLogPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicy. +func (in *AccessLogPolicy) DeepCopy() *AccessLogPolicy { + if in == nil { + return nil + } + out := new(AccessLogPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AccessLogPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessLogPolicyList) DeepCopyInto(out *AccessLogPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AccessLogPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicyList. +func (in *AccessLogPolicyList) DeepCopy() *AccessLogPolicyList { + if in == nil { + return nil + } + out := new(AccessLogPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AccessLogPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessLogPolicySpec) DeepCopyInto(out *AccessLogPolicySpec) { + *out = *in + if in.DestinationArn != nil { + in, out := &in.DestinationArn, &out.DestinationArn + *out = new(string) + **out = **in + } + if in.TargetRef != nil { + in, out := &in.TargetRef, &out.TargetRef + *out = new(v1alpha2.NamespacedPolicyTargetReference) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicySpec. +func (in *AccessLogPolicySpec) DeepCopy() *AccessLogPolicySpec { + if in == nil { + return nil + } + out := new(AccessLogPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AccessLogPolicyStatus) DeepCopyInto(out *AccessLogPolicyStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessLogPolicyStatus. +func (in *AccessLogPolicyStatus) DeepCopy() *AccessLogPolicyStatus { + if in == nil { + return nil + } + out := new(AccessLogPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterStatus) DeepCopyInto(out *ClusterStatus) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterStatus. +func (in *ClusterStatus) DeepCopy() *ClusterStatus { + if in == nil { + return nil + } + out := new(ClusterStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HealthCheckConfig) DeepCopyInto(out *HealthCheckConfig) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.IntervalSeconds != nil { + in, out := &in.IntervalSeconds, &out.IntervalSeconds + *out = new(int64) + **out = **in + } + if in.TimeoutSeconds != nil { + in, out := &in.TimeoutSeconds, &out.TimeoutSeconds + *out = new(int64) + **out = **in + } + if in.HealthyThresholdCount != nil { + in, out := &in.HealthyThresholdCount, &out.HealthyThresholdCount + *out = new(int64) + **out = **in + } + if in.UnhealthyThresholdCount != nil { + in, out := &in.UnhealthyThresholdCount, &out.UnhealthyThresholdCount + *out = new(int64) + **out = **in + } + if in.StatusMatch != nil { + in, out := &in.StatusMatch, &out.StatusMatch + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Port != nil { + in, out := &in.Port, &out.Port + *out = new(int64) + **out = **in + } + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(HealthCheckProtocol) + **out = **in + } + if in.ProtocolVersion != nil { + in, out := &in.ProtocolVersion, &out.ProtocolVersion + *out = new(HealthCheckProtocolVersion) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HealthCheckConfig. +func (in *HealthCheckConfig) DeepCopy() *HealthCheckConfig { + if in == nil { + return nil + } + out := new(HealthCheckConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IAMAuthPolicy) DeepCopyInto(out *IAMAuthPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicy. +func (in *IAMAuthPolicy) DeepCopy() *IAMAuthPolicy { + if in == nil { + return nil + } + out := new(IAMAuthPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IAMAuthPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IAMAuthPolicyList) DeepCopyInto(out *IAMAuthPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]IAMAuthPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicyList. +func (in *IAMAuthPolicyList) DeepCopy() *IAMAuthPolicyList { + if in == nil { + return nil + } + out := new(IAMAuthPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *IAMAuthPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IAMAuthPolicySpec) DeepCopyInto(out *IAMAuthPolicySpec) { + *out = *in + if in.TargetRef != nil { + in, out := &in.TargetRef, &out.TargetRef + *out = new(v1alpha2.NamespacedPolicyTargetReference) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicySpec. +func (in *IAMAuthPolicySpec) DeepCopy() *IAMAuthPolicySpec { + if in == nil { + return nil + } + out := new(IAMAuthPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IAMAuthPolicyStatus) DeepCopyInto(out *IAMAuthPolicyStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthPolicyStatus. +func (in *IAMAuthPolicyStatus) DeepCopy() *IAMAuthPolicyStatus { + if in == nil { + return nil + } + out := new(IAMAuthPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceExport) DeepCopyInto(out *ServiceExport) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExport. +func (in *ServiceExport) DeepCopy() *ServiceExport { + if in == nil { + return nil + } + out := new(ServiceExport) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ServiceExport) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceExportCondition) DeepCopyInto(out *ServiceExportCondition) { + *out = *in + if in.LastTransitionTime != nil { + in, out := &in.LastTransitionTime, &out.LastTransitionTime + *out = (*in).DeepCopy() + } + if in.Reason != nil { + in, out := &in.Reason, &out.Reason + *out = new(string) + **out = **in + } + if in.Message != nil { + in, out := &in.Message, &out.Message + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExportCondition. +func (in *ServiceExportCondition) DeepCopy() *ServiceExportCondition { + if in == nil { + return nil + } + out := new(ServiceExportCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceExportList) DeepCopyInto(out *ServiceExportList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ServiceExport, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExportList. +func (in *ServiceExportList) DeepCopy() *ServiceExportList { + if in == nil { + return nil + } + out := new(ServiceExportList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ServiceExportList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceExportStatus) DeepCopyInto(out *ServiceExportStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]ServiceExportCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceExportStatus. +func (in *ServiceExportStatus) DeepCopy() *ServiceExportStatus { + if in == nil { + return nil + } + out := new(ServiceExportStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceImport) DeepCopyInto(out *ServiceImport) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImport. +func (in *ServiceImport) DeepCopy() *ServiceImport { + if in == nil { + return nil + } + out := new(ServiceImport) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ServiceImport) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceImportList) DeepCopyInto(out *ServiceImportList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ServiceImport, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImportList. +func (in *ServiceImportList) DeepCopy() *ServiceImportList { + if in == nil { + return nil + } + out := new(ServiceImportList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ServiceImportList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceImportSpec) DeepCopyInto(out *ServiceImportSpec) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]ServicePort, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IPs != nil { + in, out := &in.IPs, &out.IPs + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.SessionAffinityConfig != nil { + in, out := &in.SessionAffinityConfig, &out.SessionAffinityConfig + *out = new(corev1.SessionAffinityConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImportSpec. +func (in *ServiceImportSpec) DeepCopy() *ServiceImportSpec { + if in == nil { + return nil + } + out := new(ServiceImportSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServiceImportStatus) DeepCopyInto(out *ServiceImportStatus) { + *out = *in + if in.Clusters != nil { + in, out := &in.Clusters, &out.Clusters + *out = make([]ClusterStatus, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceImportStatus. +func (in *ServiceImportStatus) DeepCopy() *ServiceImportStatus { + if in == nil { + return nil + } + out := new(ServiceImportStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ServicePort) DeepCopyInto(out *ServicePort) { + *out = *in + if in.AppProtocol != nil { + in, out := &in.AppProtocol, &out.AppProtocol + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServicePort. +func (in *ServicePort) DeepCopy() *ServicePort { + if in == nil { + return nil + } + out := new(ServicePort) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetGroupPolicy) DeepCopyInto(out *TargetGroupPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicy. +func (in *TargetGroupPolicy) DeepCopy() *TargetGroupPolicy { + if in == nil { + return nil + } + out := new(TargetGroupPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TargetGroupPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetGroupPolicyList) DeepCopyInto(out *TargetGroupPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]TargetGroupPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicyList. +func (in *TargetGroupPolicyList) DeepCopy() *TargetGroupPolicyList { + if in == nil { + return nil + } + out := new(TargetGroupPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TargetGroupPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetGroupPolicySpec) DeepCopyInto(out *TargetGroupPolicySpec) { + *out = *in + if in.Protocol != nil { + in, out := &in.Protocol, &out.Protocol + *out = new(string) + **out = **in + } + if in.ProtocolVersion != nil { + in, out := &in.ProtocolVersion, &out.ProtocolVersion + *out = new(string) + **out = **in + } + if in.TargetRef != nil { + in, out := &in.TargetRef, &out.TargetRef + *out = new(v1alpha2.NamespacedPolicyTargetReference) + (*in).DeepCopyInto(*out) + } + if in.HealthCheck != nil { + in, out := &in.HealthCheck, &out.HealthCheck + *out = new(HealthCheckConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicySpec. +func (in *TargetGroupPolicySpec) DeepCopy() *TargetGroupPolicySpec { + if in == nil { + return nil + } + out := new(TargetGroupPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetGroupPolicyStatus) DeepCopyInto(out *TargetGroupPolicyStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetGroupPolicyStatus. +func (in *TargetGroupPolicyStatus) DeepCopy() *TargetGroupPolicyStatus { + if in == nil { + return nil + } + out := new(TargetGroupPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VpcAssociationPolicy) DeepCopyInto(out *VpcAssociationPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicy. +func (in *VpcAssociationPolicy) DeepCopy() *VpcAssociationPolicy { + if in == nil { + return nil + } + out := new(VpcAssociationPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VpcAssociationPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VpcAssociationPolicyList) DeepCopyInto(out *VpcAssociationPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]VpcAssociationPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicyList. +func (in *VpcAssociationPolicyList) DeepCopy() *VpcAssociationPolicyList { + if in == nil { + return nil + } + out := new(VpcAssociationPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *VpcAssociationPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VpcAssociationPolicySpec) DeepCopyInto(out *VpcAssociationPolicySpec) { + *out = *in + if in.SecurityGroupIds != nil { + in, out := &in.SecurityGroupIds, &out.SecurityGroupIds + *out = make([]SecurityGroupId, len(*in)) + copy(*out, *in) + } + if in.AssociateWithVpc != nil { + in, out := &in.AssociateWithVpc, &out.AssociateWithVpc + *out = new(bool) + **out = **in + } + if in.TargetRef != nil { + in, out := &in.TargetRef, &out.TargetRef + *out = new(v1alpha2.NamespacedPolicyTargetReference) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicySpec. +func (in *VpcAssociationPolicySpec) DeepCopy() *VpcAssociationPolicySpec { + if in == nil { + return nil + } + out := new(VpcAssociationPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *VpcAssociationPolicyStatus) DeepCopyInto(out *VpcAssociationPolicyStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1.Condition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VpcAssociationPolicyStatus. +func (in *VpcAssociationPolicyStatus) DeepCopy() *VpcAssociationPolicyStatus { + if in == nil { + return nil + } + out := new(VpcAssociationPolicyStatus) + in.DeepCopyInto(out) + return out +} From 7f578012a132202491513682ec301bc14c84cdcb Mon Sep 17 00:00:00 2001 From: erikfuller <16261515+erikfuller@users.noreply.github.com> Date: Mon, 9 Dec 2024 15:41:08 -0800 Subject: [PATCH 6/6] address linter findings --- pkg/gateway/model_build_targetgroup_test.go | 4 ++-- pkg/webhook/pod_mutator_test.go | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkg/gateway/model_build_targetgroup_test.go b/pkg/gateway/model_build_targetgroup_test.go index cb9c2ca9..a5ab93f8 100644 --- a/pkg/gateway/model_build_targetgroup_test.go +++ b/pkg/gateway/model_build_targetgroup_test.go @@ -213,7 +213,7 @@ func Test_TGModelByServiceExportBuild(t *testing.T) { k8sSchema := runtime.NewScheme() clientgoscheme.AddToScheme(k8sSchema) - anv1alpha1.AddToScheme(k8sSchema) + anv1alpha1.Install(k8sSchema) k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build() if tt.svc != nil { @@ -468,7 +468,7 @@ func Test_TGModelByHTTPRouteBuild(t *testing.T) { k8sSchema := runtime.NewScheme() clientgoscheme.AddToScheme(k8sSchema) - anv1alpha1.AddToScheme(k8sSchema) + anv1alpha1.Install(k8sSchema) gwv1.Install(k8sSchema) k8sClient := testclient.NewClientBuilder().WithScheme(k8sSchema).Build() diff --git a/pkg/webhook/pod_mutator_test.go b/pkg/webhook/pod_mutator_test.go index f22fab6f..1590ed7b 100644 --- a/pkg/webhook/pod_mutator_test.go +++ b/pkg/webhook/pod_mutator_test.go @@ -1073,7 +1073,7 @@ func Test_ReadinessGateInjection(t *testing.T) { k8sScheme := runtime.NewScheme() clientgoscheme.AddToScheme(k8sScheme) gwv1.Install(k8sScheme) - anv1alpha1.AddToScheme(k8sScheme) + anv1alpha1.Install(k8sScheme) k8sClient := testclient.NewClientBuilder().WithScheme(k8sScheme).Build()