-
Notifications
You must be signed in to change notification settings - Fork 682
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
(from AES) Partially revert "make generate: Get rid of the host proto…
…buf [ci-skip]" Just revert enough of it to get the protobuf-generated Python files for Host. We still want to be gone with the Go stuff. This partially reverts commit c95631aae086f1735b3a30cecf9ebd7eac32fcc5.
- Loading branch information
Showing
3 changed files
with
738 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,155 @@ | ||
/** | ||
* === HACK HACK HACK === | ||
* | ||
* The existence of Host_nojson.proto is because if we bring in all the | ||
* k8s.io types that we would want to, the generated *.pb.json.go files try | ||
* to import github.com/gogo/protobuf/jsonpb, and that turns out to crash on | ||
* some of the k8s.io types. Sigh. | ||
* | ||
* So, instead, we split out the minimal high-level stuff we need in most of | ||
* of the Go code into Host_nojson.proto, and leave the more detailed things | ||
* with the breaking types here. For more information on this brutality, see | ||
* https://github.com/datawire/ambassador/pull/1999#issuecomment-548939518. | ||
* | ||
* === end hack === | ||
* | ||
* Host defines a way that an Ambassador will be visible to the | ||
* outside world. A minimal Host defines a hostname (of course) by | ||
* which the Ambassador will be reachable, but a Host can also | ||
* tell an Ambassador how to manage TLS, and which resources to | ||
* examine for further configuration. | ||
*/ | ||
syntax = "proto3"; | ||
|
||
package getambassador.io.v2; | ||
|
||
import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto"; | ||
import "k8s.io/api/core/v1/generated.proto"; | ||
import "github.com/gogo/protobuf/gogoproto/gogo.proto"; | ||
import "google/protobuf/timestamp.proto"; | ||
import "google/protobuf/duration.proto"; | ||
|
||
// The Host resource will usually be a Kubernetes CRD, but it could | ||
// appear in other forms. The HostSpec is the part of the Host resource | ||
// that doesn't change, no matter what form it's in -- when it's a CRD, | ||
// this is the part in the "spec" dictionary. | ||
message HostSpec { | ||
// Common to all Ambassador objects (and optional). | ||
repeated string ambassador_id = 1; | ||
|
||
// Common to all Ambassador objects (and optional). | ||
int32 generation = 2; | ||
|
||
// Hostname by which the Ambassador can be reached. | ||
string hostname = 3; | ||
|
||
// Selector by which we can find further configuration. Defaults to hostname=$hostname | ||
k8s.io.apimachinery.pkg.apis.meta.v1.LabelSelector selector = 4; | ||
|
||
// Specifies whether/who to talk ACME with to automatically manage the $tlsSecret. | ||
ACMEProviderSpec acmeProvider = 5; | ||
|
||
// Name of the Kubernetes secret into which to save generated | ||
// certificates. If ACME is enabled (see $acmeProvider), then the | ||
// default is $hostname; otherwise the default is "". If the value | ||
// is "", then we do not do TLS for this Host. | ||
k8s.io.api.core.v1.LocalObjectReference tlsSecret = 6; | ||
|
||
// Request policy definition. | ||
RequestPolicy requestPolicy = 7; | ||
|
||
// Configuration for the Preview URL feature of Service Preview. Defaults to preview URLs not enabled. | ||
PreviewURLSpec previewUrl = 8; | ||
} | ||
|
||
enum HostTLSCertificateSource { | ||
Unknown = 0; | ||
None = 1; | ||
Other = 2; | ||
ACME = 3; | ||
} | ||
|
||
enum HostState { | ||
// The default value is the "zero" value, and it would be great if | ||
// "Pending" could be the default value; but it's Important that the | ||
// "zero" value be able to be shown as empty/omitted from display, | ||
// and we really do want `kubectl get hosts` to say "Pending" in the | ||
// "STATE" column, and not leave the column empty. | ||
Initial = 0; | ||
Pending = 1; | ||
Ready = 2; | ||
Error = 3; | ||
} | ||
|
||
enum HostPhase { | ||
NA = 0; | ||
DefaultsFilled = 1; | ||
ACMEUserPrivateKeyCreated = 2; | ||
ACMEUserRegistered = 3; | ||
ACMECertificateChallenge = 4; | ||
} | ||
|
||
message HostStatus { | ||
HostTLSCertificateSource tlsCertificateSource = 1; | ||
|
||
HostState state = 2; | ||
|
||
// phaseCompleted and phasePending are valid when state==Pending or | ||
// state==Error. | ||
HostPhase phaseCompleted = 3; | ||
HostPhase phasePending = 4; | ||
|
||
// errorReason, errorTimestamp, and errorBackoff are valid when state==Error. | ||
string errorReason = 5; | ||
google.protobuf.Timestamp errorTimestamp = 6 [(gogoproto.stdtime) = true]; | ||
google.protobuf.Duration errorBackoff = 7 [(gogoproto.stdduration) = true]; | ||
} | ||
|
||
message ACMEProviderSpec { | ||
// Specifies who to talk ACME with to get certs. Defaults to Let's | ||
// Encrypt; if "none" (case-insensitive), do not try to do ACME for | ||
// this Host. | ||
string authority = 1; | ||
|
||
string email = 2; | ||
|
||
k8s.io.api.core.v1.LocalObjectReference privateKeySecret = 3; | ||
|
||
// This is normally set automatically | ||
string registration = 4; | ||
} | ||
|
||
message RequestPolicy { | ||
// How shall we handle insecure requests? | ||
InsecureRequestPolicy insecure = 1; | ||
|
||
// Later we may define a 'secure' section too. | ||
} | ||
|
||
message InsecureRequestPolicy { | ||
// What action should be taken for an insecure request? | ||
InsecureRequestAction action = 1; | ||
|
||
// Is there an additional insecure port we should listen on? | ||
int32 additionalPort = 2; | ||
} | ||
|
||
enum InsecureRequestAction { | ||
Redirect = 0; | ||
Reject = 1; | ||
Route = 2; | ||
} | ||
|
||
message PreviewURLSpec { | ||
// Is the Preview URL feature enabled? | ||
bool enabled = 1; | ||
|
||
// What type of Preview URL is allowed? | ||
PreviewURLType type = 2; | ||
} | ||
|
||
enum PreviewURLType { | ||
Path = 0; | ||
// Wildcard = 1; | ||
// Datawire = 2; // FIXME rename this before release | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.