-
Notifications
You must be signed in to change notification settings - Fork 683
/
crd_authservice.go
97 lines (83 loc) · 3.82 KB
/
crd_authservice.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
// Copyright 2020 Datawire. All rights reserved
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
///////////////////////////////////////////////////////////////////////////
// Important: Run "make generate-fast" to regenerate code after modifying
// this file.
///////////////////////////////////////////////////////////////////////////
package v3alpha1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
type AuthServiceIncludeBody struct {
// These aren't pointer types because they are required.
// +kubebuilder:validation:Required
MaxBytes int `json:"max_bytes,omitempty"`
// +kubebuilder:validation:Required
AllowPartial bool `json:"allow_partial,omitempty"`
}
// TODO(lukeshu): In v3alpha2, consider getting rid of this struct type in favor of just using an
// int (i.e. `statusOnError: 500` instead of the current `statusOnError: { code: 500 }`).
type AuthServiceStatusOnError struct {
Code int `json:"code,omitempty"`
}
// AuthServiceSpec defines the desired state of AuthService
type AuthServiceSpec struct {
AmbassadorID AmbassadorID `json:"ambassador_id,omitempty"`
// TODO(lukeshu): In v3alpha2, consider renameing `auth_service` to just `service`, for
// consistency with the other resource types.
//
// +kubebuilder:validation:Required
AuthService string `json:"auth_service,omitempty"`
PathPrefix string `json:"path_prefix,omitempty"`
TLS string `json:"tls,omitempty"`
// +kubebuilder:validation:Enum={"http","grpc"}
Proto string `json:"proto,omitempty"`
Timeout *MillisecondDuration `json:"timeout_ms,omitempty"`
AllowedRequestHeaders []string `json:"allowed_request_headers,omitempty"`
AllowedAuthorizationHeaders []string `json:"allowed_authorization_headers,omitempty"`
AddAuthHeaders map[string]string `json:"add_auth_headers,omitempty"`
// TODO(lukeshu): In v3alpha2, drop allow_request_body in favor of
// include_body. allow_request_body has been deprecated for a long time.
AllowRequestBody *bool `json:"allow_request_body,omitempty"`
AddLinkerdHeaders *bool `json:"add_linkerd_headers,omitempty"`
FailureModeAllow *bool `json:"failure_mode_allow,omitempty"`
IncludeBody *AuthServiceIncludeBody `json:"include_body,omitempty"`
StatusOnError *AuthServiceStatusOnError `json:"status_on_error,omitempty"`
// ProtocolVersion is the envoy api transport protocol version
//
// +kubebuilder:validation:Enum={"v2","v3"}
ProtocolVersion string `json:"protocol_version,omitempty"`
StatsName string `json:"stats_name,omitempty"`
CircuitBreakers []*CircuitBreaker `json:"circuit_breakers,omitempty"`
V2ExplicitTLS *V2ExplicitTLS `json:"v2ExplicitTLS,omitempty"`
}
// AuthService is the Schema for the authservices API
//
// +kubebuilder:object:root=true
type AuthService struct {
metav1.TypeMeta `json:""`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec AuthServiceSpec `json:"spec,omitempty"`
}
// AuthServiceList contains a list of AuthServices.
//
// +kubebuilder:object:root=true
type AuthServiceList struct {
metav1.TypeMeta `json:""`
metav1.ListMeta `json:"metadata,omitempty"`
Items []AuthService `json:"items"`
}
func init() {
SchemeBuilder.Register(&AuthService{}, &AuthServiceList{})
}