v1

package
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 5, 2024 License: Apache-2.0 Imports: 26 Imported by: 0

Documentation

Overview

Package v1 contains API Schema definitions for the kuadrant.io v1 API group +kubebuilder:object:generate=true +groupName=kuadrant.io

Index

Constants

View Source 
const (
	AtomicMergeStrategy     = "atomic"
	PolicyRuleMergeStrategy = "merge"
)
View Source 
const GroupName = "kuadrant.io"

GroupName specifies the group name used to register the objects.

Variables

View Source 
var (
	AuthPolicyGroupKind  = schema.GroupKind{Group: GroupVersion.Group, Kind: "AuthPolicy"}
	AuthPoliciesResource = GroupVersion.WithResource("authpolicies")
)
View Source 
var (
	DNSPoliciesResource = GroupVersion.WithResource("dnspolicies")
	DNSPolicyGroupKind  = schema.GroupKind{Group: GroupVersion.Group, Kind: "DNSPolicy"}
)
View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	RateLimitPolicyGroupKind  = schema.GroupKind{Group: GroupVersion.Group, Kind: "RateLimitPolicy"}
	RateLimitPoliciesResource = GroupVersion.WithResource("ratelimitpolicies")
	// Top level predicate rules key starting with # to prevent conflict with limit names
	// TODO(eastizle): this coupling between limit names and rule IDs is a bad smell. Merging implementation should be enhanced.
	RulesKeyTopLevelPredicates = "###_TOP_LEVEL_PREDICATES_###"
)
View Source 
var (
	TLSPoliciesResource = GroupVersion.WithResource("tlspolicies")
	TLSPolicyGroupKind  = schema.GroupKind{Group: GroupVersion.Group, Kind: "TLSPolicy"}
)

Functions

func AtomicDefaultsMergeStrategy 

func AtomicDefaultsMergeStrategy(source, target machinery.Policy) machinery.Policy

AtomicDefaultsMergeStrategy implements a merge strategy that returns the target Policy if it exists, otherwise it returns the source Policy.

func AtomicOverridesMergeStrategy 

func AtomicOverridesMergeStrategy(source, _ machinery.Policy) machinery.Policy

AtomicOverridesMergeStrategy implements a merge strategy that overrides a target Policy with a source one.

func DefaultsMergeStrategy 

func DefaultsMergeStrategy(strategy string) machinery.MergeStrategy

func EffectivePolicyForPath 

func EffectivePolicyForPath[T machinery.Policy](path []machinery.Targetable, predicate func(machinery.Policy) bool) *T

EffectivePolicyForPath returns the effective policy for a given path, merging all policies in the path. The policies in the path are sorted from the least specific to the most specific. Only policies whose predicate returns true are considered.

func OverridesMergeStrategy 

func OverridesMergeStrategy(strategy string) machinery.MergeStrategy

func PathID 

func PathID(path []machinery.Targetable) string

func PoliciesInPath 

func PoliciesInPath(path []machinery.Targetable, predicate func(machinery.Policy) bool) []machinery.Policy

OrderedPoliciesForPath gathers all policies in a path sorted from the least specific to the most specific. Only policies whose predicate returns true are considered.

func PolicyRuleDefaultsMergeStrategy 

func PolicyRuleDefaultsMergeStrategy(source, target machinery.Policy) machinery.Policy

PolicyRuleDefaultsMergeStrategy implements a merge strategy that merges a source Policy into a target one by keeping the policy rules from the target and adding the ones from the source that do not exist in the target.

func PolicyRuleOverridesMergeStrategy 

func PolicyRuleOverridesMergeStrategy(source, target machinery.Policy) machinery.Policy

PolicyRuleOverridesMergeStrategy implements a merge strategy that merges a source Policy into a target one by using the policy rules from the source and keeping from the target only the policy rules that do not exist in the source.

Types

type AuthPolicy 

type AuthPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AuthPolicySpec   `json:"spec,omitempty"`
	Status AuthPolicyStatus `json:"status,omitempty"`
}

AuthPolicy enables authentication and authorization for service workloads in a Gateway API network

func (*AuthPolicy) DeepCopy 

func (in *AuthPolicy) DeepCopy() *AuthPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthPolicy.

func (*AuthPolicy) DeepCopyInto 

func (in *AuthPolicy) DeepCopyInto(out *AuthPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthPolicy) DeepCopyObject 

func (in *AuthPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthPolicy) Empty 

func (p *AuthPolicy) Empty() bool

func (*AuthPolicy) GetLocator 

func (p *AuthPolicy) GetLocator() string

func (*AuthPolicy) GetMergeStrategy 

func (p *AuthPolicy) GetMergeStrategy() machinery.MergeStrategy

func (*AuthPolicy) GetName 

func (p *AuthPolicy) GetName() string

func (*AuthPolicy) GetNamespace 

func (p *AuthPolicy) GetNamespace() string

func (*AuthPolicy) GetStatus 

func (p *AuthPolicy) GetStatus() kuadrantgatewayapi.PolicyStatus

func (*AuthPolicy) GetTargetRef deprecated 

func (p *AuthPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference

Deprecated: Use GetTargetRefs instead

func (*AuthPolicy) GetTargetRefs 

func (p *AuthPolicy) GetTargetRefs() []machinery.PolicyTargetReference

func (*AuthPolicy) Kind 

func (p *AuthPolicy) Kind() string

func (*AuthPolicy) Merge 

func (p *AuthPolicy) Merge(other machinery.Policy) machinery.Policy

func (*AuthPolicy) Rules 

func (p *AuthPolicy) Rules() map[string]MergeableRule

func (*AuthPolicy) SetRules 

func (p *AuthPolicy) SetRules(rules map[string]MergeableRule)

type AuthPolicyList 

type AuthPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthPolicy `json:"items"`
}

AuthPolicyList contains a list of AuthPolicy

func (*AuthPolicyList) DeepCopy 

func (in *AuthPolicyList) DeepCopy() *AuthPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthPolicyList.

func (*AuthPolicyList) DeepCopyInto 

func (in *AuthPolicyList) DeepCopyInto(out *AuthPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthPolicyList) DeepCopyObject 

func (in *AuthPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AuthPolicySpec 

type AuthPolicySpec struct {
	// Reference to the object to which this policy applies.
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'"
	// +kubebuilder:validation:XValidation:rule="self.kind == 'HTTPRoute' || self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'HTTPRoute' and 'Gateway'"
	TargetRef gatewayapiv1alpha2.LocalPolicyTargetReferenceWithSectionName `json:"targetRef"`

	// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides.
	// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults).
	// +optional
	Defaults *MergeableAuthPolicySpec `json:"defaults,omitempty"`

	// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides.
	// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults).
	// +optional
	Overrides *MergeableAuthPolicySpec `json:"overrides,omitempty"`

	// Bare set of policy rules (implicit defaults).
	// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults).
	AuthPolicySpecProper `json:""`
}

+kubebuilder:validation:XValidation:rule="!(has(self.defaults) && (has(self.patterns) || has(self.when) || has(self.rules)))",message="Implicit and explicit defaults are mutually exclusive" +kubebuilder:validation:XValidation:rule="!(has(self.overrides) && (has(self.patterns) || has(self.when) || has(self.rules)))",message="Implicit defaults and explicit overrides are mutually exclusive" +kubebuilder:validation:XValidation:rule="!(has(self.overrides) && has(self.defaults))",message="Explicit overrides and explicit defaults are mutually exclusive" +kubebuilder:validation:XValidation:rule="!(has(self.overrides) || has(self.defaults)) ? has(self.rules) && ((has(self.rules.authentication) && size(self.rules.authentication) > 0) || (has(self.rules.metadata) && size(self.rules.metadata) > 0) || (has(self.rules.authorization) && size(self.rules.authorization) > 0) || (has(self.rules.response) && (has(self.rules.response.unauthenticated) || has(self.rules.response.unauthorized) || (has(self.rules.response.success) && (size(self.rules.response.success.headers) > 0 || size(self.rules.response.success.filters) > 0)))) || (has(self.rules.callbacks) && size(self.rules.callbacks) > 0)) : true",message="At least one spec.rules must be defined" +kubebuilder:validation:XValidation:rule="has(self.defaults) ? has(self.defaults.rules) && ((has(self.defaults.rules.authentication) && size(self.defaults.rules.authentication) > 0) || (has(self.defaults.rules.metadata) && size(self.defaults.rules.metadata) > 0) || (has(self.defaults.rules.authorization) && size(self.defaults.rules.authorization) > 0) || (has(self.defaults.rules.response) && (has(self.defaults.rules.response.unauthenticated) || has(self.defaults.rules.response.unauthorized) || (has(self.defaults.rules.response.success) && (size(self.defaults.rules.response.success.headers) > 0 || size(self.defaults.rules.response.success.filters) > 0)))) || (has(self.defaults.rules.callbacks) && size(self.defaults.rules.callbacks) > 0)) : true",message="At least one spec.defaults.rules must be defined" +kubebuilder:validation:XValidation:rule="has(self.overrides) ? has(self.overrides.rules) && ((has(self.overrides.rules.authentication) && size(self.overrides.rules.authentication) > 0) || (has(self.overrides.rules.metadata) && size(self.overrides.rules.metadata) > 0) || (has(self.overrides.rules.authorization) && size(self.overrides.rules.authorization) > 0) || (has(self.overrides.rules.response) && (has(self.overrides.rules.response.unauthenticated) || has(self.overrides.rules.response.unauthorized) || (has(self.overrides.rules.response.success) && (size(self.overrides.rules.response.success.headers) > 0 || size(self.overrides.rules.response.success.filters) > 0)))) || (has(self.overrides.rules.callbacks) && size(self.overrides.rules.callbacks) > 0)) : true",message="At least one spec.overrides.rules must be defined"

func (*AuthPolicySpec) DeepCopy 

func (in *AuthPolicySpec) DeepCopy() *AuthPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthPolicySpec.

func (*AuthPolicySpec) DeepCopyInto 

func (in *AuthPolicySpec) DeepCopyInto(out *AuthPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthPolicySpec) Proper 

func (s *AuthPolicySpec) Proper() *AuthPolicySpecProper

type AuthPolicySpecProper 

type AuthPolicySpecProper struct {
	// Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules.
	// +optional
	NamedPatterns map[string]MergeablePatternExpressions `json:"patterns,omitempty"`

	// Overall conditions for the AuthPolicy to be enforced.
	// If omitted, the AuthPolicy will be enforced at all requests to the protected routes.
	// If present, all conditions must match for the AuthPolicy to be enforced; otherwise, the authorization service skips the AuthPolicy and returns to the auth request with status OK.
	// +optional
	MergeableWhenPredicates `json:""`

	// The auth rules of the policy.
	// See Authorino's AuthConfig CRD for more details.
	AuthScheme *AuthSchemeSpec `json:"rules,omitempty"`
}

AuthPolicySpecProper contains common shared fields for defaults and overrides

func (*AuthPolicySpecProper) DeepCopy 

func (in *AuthPolicySpecProper) DeepCopy() *AuthPolicySpecProper

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthPolicySpecProper.

func (*AuthPolicySpecProper) DeepCopyInto 

func (in *AuthPolicySpecProper) DeepCopyInto(out *AuthPolicySpecProper)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthPolicyStatus 

type AuthPolicyStatus struct {
	// ObservedGeneration reflects the generation of the most recently observed spec.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// Represents the observations of a foo's current state.
	// Known .status.conditions.type are: "Available"
	// +patchMergeKey=type
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=type
	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
}

func (*AuthPolicyStatus) DeepCopy 

func (in *AuthPolicyStatus) DeepCopy() *AuthPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthPolicyStatus.

func (*AuthPolicyStatus) DeepCopyInto 

func (in *AuthPolicyStatus) DeepCopyInto(out *AuthPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthPolicyStatus) Equals 

func (s *AuthPolicyStatus) Equals(other *AuthPolicyStatus, logger logr.Logger) bool

func (*AuthPolicyStatus) GetConditions 

func (s *AuthPolicyStatus) GetConditions() []metav1.Condition

type AuthSchemeSpec 

type AuthSchemeSpec struct {
	// Authentication configs.
	// At least one config MUST evaluate to a valid identity object for the auth request to be successful.
	// +optional
	Authentication map[string]MergeableAuthenticationSpec `json:"authentication,omitempty"`

	// Metadata sources.
	// Authorino fetches auth metadata as JSON from sources specified in this config.
	// +optional
	Metadata map[string]MergeableMetadataSpec `json:"metadata,omitempty"`

	// Authorization policies.
	// All policies MUST evaluate to "allowed = true" for the auth request be successful.
	// +optional
	Authorization map[string]MergeableAuthorizationSpec `json:"authorization,omitempty"`

	// Response items.
	// Authorino builds custom responses to the client of the auth request.
	// +optional
	Response *MergeableResponseSpec `json:"response,omitempty"`

	// Callback functions.
	// Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config.
	// +optional
	Callbacks map[string]MergeableCallbackSpec `json:"callbacks,omitempty"`
}

func (*AuthSchemeSpec) DeepCopy 

func (in *AuthSchemeSpec) DeepCopy() *AuthSchemeSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthSchemeSpec.

func (*AuthSchemeSpec) DeepCopyInto 

func (in *AuthSchemeSpec) DeepCopyInto(out *AuthSchemeSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CertificateSpec 

type CertificateSpec struct {
	// IssuerRef is a reference to the issuer for this certificate.
	// If the `kind` field is not set, or set to `Issuer`, an Issuer resource
	// with the given name in the same namespace as the Certificate will be used.
	// If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the
	// provided name will be used.
	// The `name` field in this stanza is required at all times.
	IssuerRef certmanmetav1.ObjectReference `json:"issuerRef"`

	// CommonName is a common name to be used on the Certificate.
	// The CommonName should have a length of 64 characters or fewer to avoid
	// generating invalid CSRs.
	// This value is ignored by TLS clients when any subject alt name is set.
	// This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4
	// +optional
	CommonName string `json:"commonName,omitempty"`

	// The requested 'duration' (i.e. lifetime) of the Certificate. This option
	// may be ignored/overridden by some issuer types. If unset this defaults to
	// 90 days. Certificate will be renewed either 2/3 through its duration or
	// `renewBefore` period before its expiry, whichever is later. Minimum
	// accepted duration is 1 hour. Value must be in units accepted by Go
	// time.ParseDuration https://golang.org/pkg/time/#ParseDuration
	// +optional
	Duration *metav1.Duration `json:"duration,omitempty"`

	// How long before the currently issued certificate's expiry
	// cert-manager should renew the certificate. The default is 2/3 of the
	// issued certificate's duration. Minimum accepted value is 5 minutes.
	// Value must be in units accepted by Go time.ParseDuration
	// https://golang.org/pkg/time/#ParseDuration
	// +optional
	RenewBefore *metav1.Duration `json:"renewBefore,omitempty"`

	// Usages is the set of x509 usages that are requested for the certificate.
	// Defaults to `digital signature` and `key encipherment` if not specified.
	// +optional
	Usages []certmanv1.KeyUsage `json:"usages,omitempty"`

	// RevisionHistoryLimit is the maximum number of CertificateRequest revisions
	// that are maintained in the Certificate's history. Each revision represents
	// a single `CertificateRequest` created by this Certificate, either when it
	// was created, renewed, or Spec was changed. Revisions will be removed by
	// oldest first if the number of revisions exceeds this number. If set,
	// revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`),
	// revisions will not be garbage collected. Default value is `nil`.
	// +kubebuilder:validation:ExclusiveMaximum=false
	// +optional
	RevisionHistoryLimit *int32 `json:"revisionHistoryLimit,omitempty"`

	// Options to control private keys used for the Certificate.
	// +optional
	PrivateKey *certmanv1.CertificatePrivateKey `json:"privateKey,omitempty"`
}

CertificateSpec defines the certificate manager certificate spec that can be set via the TLSPolicy. Rather than allowing the whole certmanv1.CertificateSpec to be inlined we are only including the same fields that are currently supported by the annotation approach to securing gateways as outlined here https://cert-manager.io/docs/usage/gateway/#supported-annotations

func (*CertificateSpec) DeepCopy 

func (in *CertificateSpec) DeepCopy() *CertificateSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CertificateSpec.

func (*CertificateSpec) DeepCopyInto 

func (in *CertificateSpec) DeepCopyInto(out *CertificateSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Counter 

type Counter struct {
	Expression Expression `json:"expression"`
}

func (*Counter) DeepCopy 

func (in *Counter) DeepCopy() *Counter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Counter.

func (*Counter) DeepCopyInto 

func (in *Counter) DeepCopyInto(out *Counter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DNSPolicy 

type DNSPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   DNSPolicySpec   `json:"spec,omitempty"`
	Status DNSPolicyStatus `json:"status,omitempty"`
}

DNSPolicy is the Schema for the dnspolicies API

func NewDNSPolicy 

func NewDNSPolicy(name, ns string) *DNSPolicy

func (*DNSPolicy) DeepCopy 

func (in *DNSPolicy) DeepCopy() *DNSPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSPolicy.

func (*DNSPolicy) DeepCopyInto 

func (in *DNSPolicy) DeepCopyInto(out *DNSPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*DNSPolicy) DeepCopyObject 

func (in *DNSPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*DNSPolicy) GetLocator 

func (p *DNSPolicy) GetLocator() string

func (*DNSPolicy) GetMergeStrategy 

func (p *DNSPolicy) GetMergeStrategy() machinery.MergeStrategy

func (*DNSPolicy) GetStatus 

func (p *DNSPolicy) GetStatus() kuadrantgatewayapi.PolicyStatus

func (*DNSPolicy) GetTargetRef deprecated 

func (p *DNSPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference

Deprecated: Use GetTargetRefs instead

func (*DNSPolicy) GetTargetRefs 

func (p *DNSPolicy) GetTargetRefs() []machinery.PolicyTargetReference

func (*DNSPolicy) Kind 

func (p *DNSPolicy) Kind() string

func (*DNSPolicy) Merge 

func (p *DNSPolicy) Merge(other machinery.Policy) machinery.Policy

func (*DNSPolicy) Validate 

func (p *DNSPolicy) Validate() error

func (*DNSPolicy) WithExcludeAddresses 

func (p *DNSPolicy) WithExcludeAddresses(excluded []string) *DNSPolicy

func (*DNSPolicy) WithHealthCheck 

func (p *DNSPolicy) WithHealthCheck(healthCheck dnsv1alpha1.HealthCheckSpec) *DNSPolicy

func (*DNSPolicy) WithHealthCheckFor 

func (p *DNSPolicy) WithHealthCheckFor(endpoint string, port int, protocol string, failureThreshold int) *DNSPolicy

func (*DNSPolicy) WithLoadBalancing 

func (p *DNSPolicy) WithLoadBalancing(loadBalancing LoadBalancingSpec) *DNSPolicy

func (*DNSPolicy) WithLoadBalancingFor 

func (p *DNSPolicy) WithLoadBalancingFor(weight int, geo string, isDefaultGeo bool) *DNSPolicy

func (*DNSPolicy) WithProviderRef 

func (p *DNSPolicy) WithProviderRef(providerRef dnsv1alpha1.ProviderRef) *DNSPolicy

func (*DNSPolicy) WithProviderSecret 

func (p *DNSPolicy) WithProviderSecret(s corev1.Secret) *DNSPolicy

func (*DNSPolicy) WithTargetGateway 

func (p *DNSPolicy) WithTargetGateway(gwName string) *DNSPolicy

func (*DNSPolicy) WithTargetGatewayListener 

func (p *DNSPolicy) WithTargetGatewayListener(gwName string, lName string) *DNSPolicy

func (*DNSPolicy) WithTargetRef 

func (p *DNSPolicy) WithTargetRef(targetRef gatewayapiv1alpha2.LocalPolicyTargetReferenceWithSectionName) *DNSPolicy

type DNSPolicyList 

type DNSPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []DNSPolicy `json:"items"`
}

DNSPolicyList contains a list of DNSPolicy

func (*DNSPolicyList) DeepCopy 

func (in *DNSPolicyList) DeepCopy() *DNSPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSPolicyList.

func (*DNSPolicyList) DeepCopyInto 

func (in *DNSPolicyList) DeepCopyInto(out *DNSPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*DNSPolicyList) DeepCopyObject 

func (in *DNSPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type DNSPolicySpec 

type DNSPolicySpec struct {
	// targetRef identifies an API object to apply policy to.
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'"
	// +kubebuilder:validation:XValidation:rule="self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'Gateway'"
	TargetRef gatewayapiv1alpha2.LocalPolicyTargetReferenceWithSectionName `json:"targetRef"`

	// +optional
	HealthCheck *dnsv1alpha1.HealthCheckSpec `json:"healthCheck,omitempty"`

	// +optional
	LoadBalancing *LoadBalancingSpec `json:"loadBalancing,omitempty"`

	// providerRefs is a list of references to provider secrets. Max is one but intention is to allow this to be more in the future
	// +kubebuilder:validation:MaxItems=1
	// +kubebuilder:validation:MinItems=1
	ProviderRefs []dnsv1alpha1.ProviderRef `json:"providerRefs"`

	// ExcludeAddresses is a list of addresses (either hostnames, CIDR or IPAddresses) that DNSPolicy should not use as values in the configured DNS provider records. The default is to allow all addresses configured in the Gateway DNSPolicy is targeting
	// +optional
	ExcludeAddresses ExcludeAddresses `json:"excludeAddresses,omitempty"`
}

DNSPolicySpec defines the desired state of DNSPolicy

func (*DNSPolicySpec) DeepCopy 

func (in *DNSPolicySpec) DeepCopy() *DNSPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSPolicySpec.

func (*DNSPolicySpec) DeepCopyInto 

func (in *DNSPolicySpec) DeepCopyInto(out *DNSPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DNSPolicyStatus 

type DNSPolicyStatus struct {
	// conditions are any conditions associated with the policy
	//
	// If configuring the policy fails, the "Failed" condition will be set with a
	// reason and message describing the cause of the failure.
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// observedGeneration is the most recently observed generation of the
	// DNSPolicy.  When the DNSPolicy is updated, the controller updates the
	// corresponding configuration. If an update fails, that failure is
	// recorded in the status condition
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// +optional
	HealthCheck *dnsv1alpha1.HealthCheckStatus `json:"healthCheck,omitempty"`

	// +optional
	RecordConditions map[string][]metav1.Condition `json:"recordConditions,omitempty"`
	// TotalRecords records the total number of individual DNSRecords managed by this DNSPolicy
	// +optional
	TotalRecords int32 `json:"totalRecords,omitempty"`
}

DNSPolicyStatus defines the observed state of DNSPolicy

func (*DNSPolicyStatus) DeepCopy 

func (in *DNSPolicyStatus) DeepCopy() *DNSPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DNSPolicyStatus.

func (*DNSPolicyStatus) DeepCopyInto 

func (in *DNSPolicyStatus) DeepCopyInto(out *DNSPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*DNSPolicyStatus) GetConditions 

func (s *DNSPolicyStatus) GetConditions() []metav1.Condition

type Duration 

type Duration string

Duration follows Gateway API Duration format: https://gateway-api.sigs.k8s.io/geps/gep-2257/?h=duration#gateway-api-duration-format MUST match the regular expression ^([0-9]{1,5}(h|m|s|ms)){1,4}$ MUST be interpreted as specified by Golang's time.ParseDuration +kubebuilder:validation:Pattern=`^([0-9]{1,5}(h|m|s|ms)){1,4}$`

func (Duration) Seconds 

func (d Duration) Seconds() int

type ExcludeAddresses 

type ExcludeAddresses []string

+kubebuilder:validation:MaxItems=20

func (ExcludeAddresses) DeepCopy 

func (in ExcludeAddresses) DeepCopy() ExcludeAddresses

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExcludeAddresses.

func (ExcludeAddresses) DeepCopyInto 

func (in ExcludeAddresses) DeepCopyInto(out *ExcludeAddresses)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ExcludeAddresses) Validate 

func (ea ExcludeAddresses) Validate() error

type Expression 

type Expression string

Expression defines one CEL expression Expression can use well known attributes Attributes: https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/advanced/attributes Well-known selectors: https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors They are named by a dot-separated path (e.g. request.path) Example: "request.path" -> The path portion of the URL +kubebuilder:validation:MinLength=1

type GeoCode 

type GeoCode string
const (
	DefaultGeo  GeoCode = "default"
	WildcardGeo GeoCode = "*"
)

func (GeoCode) IsDefaultCode 

func (gc GeoCode) IsDefaultCode() bool

func (GeoCode) IsWildcard 

func (gc GeoCode) IsWildcard() bool

type Limit 

type Limit struct {
	// When holds a list of "limit-level" `Predicate`s
	// Called also "soft" conditions as route selectors must also match
	// +optional
	When WhenPredicates `json:"when,omitempty"`

	// Counters defines additional rate limit counters based on CEL expressions which can reference well known selectors
	// TODO Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors
	// +optional
	Counters []Counter `json:"counters,omitempty"`

	// Rates holds the list of limit rates
	// +optional
	Rates []Rate `json:"rates,omitempty"`

	// Source stores the locator of the policy where the limit is orignaly defined (internal use)
	Source string `json:"-"`
}

Limit represents a complete rate limit configuration

func (Limit) CountersAsStringList 

func (l Limit) CountersAsStringList() []string

func (*Limit) DeepCopy 

func (in *Limit) DeepCopy() *Limit

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Limit.

func (*Limit) DeepCopyInto 

func (in *Limit) DeepCopyInto(out *Limit)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Limit) GetSource 

func (l *Limit) GetSource() string

func (*Limit) GetSpec 

func (l *Limit) GetSpec() any

func (*Limit) WithSource 

func (l *Limit) WithSource(source string) MergeableRule

type LoadBalancingSpec 

type LoadBalancingSpec struct {
	// weight value to apply to weighted endpoints.
	//
	// The maximum value accepted is determined by the target dns provider, please refer to the appropriate docs below.
	//
	// Route53: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-weighted.html
	// Google: https://cloud.google.com/dns/docs/overview/
	// Azure: https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-routing-methods#weighted-traffic-routing-method
	// +kubebuilder:default=120
	Weight int `json:"weight"`

	// geo value to apply to geo endpoints.
	//
	// The values accepted are determined by the target dns provider, please refer to the appropriate docs below.
	//
	// Route53: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-geo.html
	// Google: https://cloud.google.com/compute/docs/regions-zones
	// Azure: https://learn.microsoft.com/en-us/azure/traffic-manager/traffic-manager-geographic-regions
	// +kubebuilder:validation:MinLength=2
	Geo string `json:"geo"`

	// defaultGeo specifies if this is the default geo for providers that support setting a default catch all geo endpoint such as Route53.
	DefaultGeo bool `json:"defaultGeo"`
}

func (*LoadBalancingSpec) DeepCopy 

func (in *LoadBalancingSpec) DeepCopy() *LoadBalancingSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancingSpec.

func (*LoadBalancingSpec) DeepCopyInto 

func (in *LoadBalancingSpec) DeepCopyInto(out *LoadBalancingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MergeableAuthPolicySpec 

type MergeableAuthPolicySpec struct {
	// Strategy defines the merge strategy to apply when merging this policy with other policies.
	// +kubebuilder:validation:Enum=atomic;merge
	// +kubebuilder:default=atomic
	Strategy string `json:"strategy,omitempty"`

	AuthPolicySpecProper `json:""`
}

func (*MergeableAuthPolicySpec) DeepCopy 

func (in *MergeableAuthPolicySpec) DeepCopy() *MergeableAuthPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableAuthPolicySpec.

func (*MergeableAuthPolicySpec) DeepCopyInto 

func (in *MergeableAuthPolicySpec) DeepCopyInto(out *MergeableAuthPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MergeableAuthenticationSpec 

type MergeableAuthenticationSpec struct {
	authorinov1beta3.AuthenticationSpec `json:",inline"`
	Source                              string `json:"-"`
}

func (*MergeableAuthenticationSpec) DeepCopy 

func (in *MergeableAuthenticationSpec) DeepCopy() *MergeableAuthenticationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableAuthenticationSpec.

func (*MergeableAuthenticationSpec) DeepCopyInto 

func (in *MergeableAuthenticationSpec) DeepCopyInto(out *MergeableAuthenticationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableAuthenticationSpec) GetSource 

func (r *MergeableAuthenticationSpec) GetSource() string

func (*MergeableAuthenticationSpec) GetSpec 

func (r *MergeableAuthenticationSpec) GetSpec() any

func (*MergeableAuthenticationSpec) WithSource 

func (r *MergeableAuthenticationSpec) WithSource(source string) MergeableRule

type MergeableAuthorizationSpec 

type MergeableAuthorizationSpec struct {
	authorinov1beta3.AuthorizationSpec `json:",inline"`
	Source                             string `json:"-"`
}

func (*MergeableAuthorizationSpec) DeepCopy 

func (in *MergeableAuthorizationSpec) DeepCopy() *MergeableAuthorizationSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableAuthorizationSpec.

func (*MergeableAuthorizationSpec) DeepCopyInto 

func (in *MergeableAuthorizationSpec) DeepCopyInto(out *MergeableAuthorizationSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableAuthorizationSpec) GetSource 

func (r *MergeableAuthorizationSpec) GetSource() string

func (*MergeableAuthorizationSpec) GetSpec 

func (r *MergeableAuthorizationSpec) GetSpec() any

func (*MergeableAuthorizationSpec) WithSource 

func (r *MergeableAuthorizationSpec) WithSource(source string) MergeableRule

type MergeableCallbackSpec 

type MergeableCallbackSpec struct {
	authorinov1beta3.CallbackSpec `json:",inline"`
	Source                        string `json:"-"`
}

func (*MergeableCallbackSpec) DeepCopy 

func (in *MergeableCallbackSpec) DeepCopy() *MergeableCallbackSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableCallbackSpec.

func (*MergeableCallbackSpec) DeepCopyInto 

func (in *MergeableCallbackSpec) DeepCopyInto(out *MergeableCallbackSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableCallbackSpec) GetSource 

func (r *MergeableCallbackSpec) GetSource() string

func (*MergeableCallbackSpec) GetSpec 

func (r *MergeableCallbackSpec) GetSpec() any

func (*MergeableCallbackSpec) WithSource 

func (r *MergeableCallbackSpec) WithSource(source string) MergeableRule

type MergeableDenyWithSpec 

type MergeableDenyWithSpec struct {
	authorinov1beta3.DenyWithSpec `json:",inline"`
	Source                        string `json:"-"`
}

func (*MergeableDenyWithSpec) DeepCopy 

func (in *MergeableDenyWithSpec) DeepCopy() *MergeableDenyWithSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableDenyWithSpec.

func (*MergeableDenyWithSpec) DeepCopyInto 

func (in *MergeableDenyWithSpec) DeepCopyInto(out *MergeableDenyWithSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableDenyWithSpec) GetSource 

func (r *MergeableDenyWithSpec) GetSource() string

func (*MergeableDenyWithSpec) GetSpec 

func (r *MergeableDenyWithSpec) GetSpec() any

func (*MergeableDenyWithSpec) WithSource 

func (r *MergeableDenyWithSpec) WithSource(source string) MergeableRule

type MergeableHeaderSuccessResponseSpec 

type MergeableHeaderSuccessResponseSpec struct {
	authorinov1beta3.HeaderSuccessResponseSpec `json:",inline"`
	Source                                     string `json:"-"`
}

func (*MergeableHeaderSuccessResponseSpec) DeepCopy 

func (in *MergeableHeaderSuccessResponseSpec) DeepCopy() *MergeableHeaderSuccessResponseSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableHeaderSuccessResponseSpec.

func (*MergeableHeaderSuccessResponseSpec) DeepCopyInto 

func (in *MergeableHeaderSuccessResponseSpec) DeepCopyInto(out *MergeableHeaderSuccessResponseSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableHeaderSuccessResponseSpec) GetSource 

func (r *MergeableHeaderSuccessResponseSpec) GetSource() string

func (*MergeableHeaderSuccessResponseSpec) GetSpec 

func (r *MergeableHeaderSuccessResponseSpec) GetSpec() any

func (*MergeableHeaderSuccessResponseSpec) WithSource 

func (r *MergeableHeaderSuccessResponseSpec) WithSource(source string) MergeableRule

type MergeableMetadataSpec 

type MergeableMetadataSpec struct {
	authorinov1beta3.MetadataSpec `json:",inline"`
	Source                        string `json:"-"`
}

func (*MergeableMetadataSpec) DeepCopy 

func (in *MergeableMetadataSpec) DeepCopy() *MergeableMetadataSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableMetadataSpec.

func (*MergeableMetadataSpec) DeepCopyInto 

func (in *MergeableMetadataSpec) DeepCopyInto(out *MergeableMetadataSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableMetadataSpec) GetSource 

func (r *MergeableMetadataSpec) GetSource() string

func (*MergeableMetadataSpec) GetSpec 

func (r *MergeableMetadataSpec) GetSpec() any

func (*MergeableMetadataSpec) WithSource 

func (r *MergeableMetadataSpec) WithSource(source string) MergeableRule

type MergeablePatternExpressions 

type MergeablePatternExpressions struct {
	authorinov1beta3.PatternExpressions `json:"allOf"`
	Source                              string `json:"-"`
}

func (*MergeablePatternExpressions) DeepCopy 

func (in *MergeablePatternExpressions) DeepCopy() *MergeablePatternExpressions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeablePatternExpressions.

func (*MergeablePatternExpressions) DeepCopyInto 

func (in *MergeablePatternExpressions) DeepCopyInto(out *MergeablePatternExpressions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeablePatternExpressions) GetSource 

func (r *MergeablePatternExpressions) GetSource() string

func (*MergeablePatternExpressions) GetSpec 

func (r *MergeablePatternExpressions) GetSpec() any

func (*MergeablePatternExpressions) WithSource 

func (r *MergeablePatternExpressions) WithSource(source string) MergeableRule

type MergeablePolicy 

type MergeablePolicy interface {
	machinery.Policy

	Rules() map[string]MergeableRule
	SetRules(map[string]MergeableRule)
	Empty() bool

	DeepCopyObject() runtime.Object
}

+kubebuilder:object:generate=false

type MergeableRateLimitPolicySpec 

type MergeableRateLimitPolicySpec struct {
	// Strategy defines the merge strategy to apply when merging this policy with other policies.
	// +kubebuilder:validation:Enum=atomic;merge
	// +kubebuilder:default=atomic
	Strategy string `json:"strategy,omitempty"`

	RateLimitPolicySpecProper `json:""`
}

func (*MergeableRateLimitPolicySpec) DeepCopy 

func (in *MergeableRateLimitPolicySpec) DeepCopy() *MergeableRateLimitPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableRateLimitPolicySpec.

func (*MergeableRateLimitPolicySpec) DeepCopyInto 

func (in *MergeableRateLimitPolicySpec) DeepCopyInto(out *MergeableRateLimitPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MergeableResponseSpec 

type MergeableResponseSpec struct {
	// Customizations on the denial status attributes when the request is unauthenticated.
	// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config.
	// Default: 401 Unauthorized
	// +optional
	Unauthenticated *MergeableDenyWithSpec `json:"unauthenticated,omitempty"`

	// Customizations on the denial status attributes when the request is unauthorized.
	// For integration of Authorino via proxy, the proxy must honour the response status attributes specified in this config.
	// Default: 403 Forbidden
	// +optional
	Unauthorized *MergeableDenyWithSpec `json:"unauthorized,omitempty"`

	// Response items to be included in the auth response when the request is authenticated and authorized.
	// For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata and/or inject data in the request.
	// +optional
	Success MergeableWrappedSuccessResponseSpec `json:"success,omitempty"`
}

Settings of the custom auth response.

func (*MergeableResponseSpec) DeepCopy 

func (in *MergeableResponseSpec) DeepCopy() *MergeableResponseSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableResponseSpec.

func (*MergeableResponseSpec) DeepCopyInto 

func (in *MergeableResponseSpec) DeepCopyInto(out *MergeableResponseSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MergeableRule 

type MergeableRule interface {
	GetSpec() any
	GetSource() string
	WithSource(string) MergeableRule
}

MergeableRule is a policy rule that contains a spec which can be traced back to its source, i.e. to the policy where the rule spec was defined. +kubebuilder:object:generate=false

func NewMergeableRule 

func NewMergeableRule(rule MergeableRule, defaultSource string) MergeableRule

NewMergeableRule creates a new MergeableRule with a default source if the rule does not have one.

type MergeableSuccessResponseSpec 

type MergeableSuccessResponseSpec struct {
	authorinov1beta3.SuccessResponseSpec `json:",inline"`
	Source                               string `json:"-"`
}

func (*MergeableSuccessResponseSpec) DeepCopy 

func (in *MergeableSuccessResponseSpec) DeepCopy() *MergeableSuccessResponseSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableSuccessResponseSpec.

func (*MergeableSuccessResponseSpec) DeepCopyInto 

func (in *MergeableSuccessResponseSpec) DeepCopyInto(out *MergeableSuccessResponseSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableSuccessResponseSpec) GetSource 

func (r *MergeableSuccessResponseSpec) GetSource() string

func (*MergeableSuccessResponseSpec) GetSpec 

func (r *MergeableSuccessResponseSpec) GetSpec() any

func (*MergeableSuccessResponseSpec) WithSource 

func (r *MergeableSuccessResponseSpec) WithSource(source string) MergeableRule

type MergeableWhenPredicates 

type MergeableWhenPredicates struct {
	// Overall conditions for the policy to be enforced.
	// If omitted, the policy will be enforced at all requests to the protected routes.
	// If present, all conditions must match for the policy to be enforced.
	// +optional
	Predicates WhenPredicates `json:"when,omitempty"`

	// Source stores the locator of the policy where the limit is orignaly defined (internal use)
	Source string `json:"-"`
}

func (*MergeableWhenPredicates) DeepCopy 

func (in *MergeableWhenPredicates) DeepCopy() *MergeableWhenPredicates

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableWhenPredicates.

func (*MergeableWhenPredicates) DeepCopyInto 

func (in *MergeableWhenPredicates) DeepCopyInto(out *MergeableWhenPredicates)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*MergeableWhenPredicates) GetSource 

func (p *MergeableWhenPredicates) GetSource() string

func (*MergeableWhenPredicates) GetSpec 

func (p *MergeableWhenPredicates) GetSpec() any

func (*MergeableWhenPredicates) WithSource 

func (p *MergeableWhenPredicates) WithSource(source string) MergeableRule

type MergeableWrappedSuccessResponseSpec 

type MergeableWrappedSuccessResponseSpec struct {
	// Custom headers to inject in the request.
	Headers map[string]MergeableHeaderSuccessResponseSpec `json:"headers,omitempty"`

	// Custom data made available to other filters managed by Kuadrant (i.e. Rate Limit)
	DynamicMetadata map[string]MergeableSuccessResponseSpec `json:"filters,omitempty"`
}

func (*MergeableWrappedSuccessResponseSpec) DeepCopy 

func (in *MergeableWrappedSuccessResponseSpec) DeepCopy() *MergeableWrappedSuccessResponseSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MergeableWrappedSuccessResponseSpec.

func (*MergeableWrappedSuccessResponseSpec) DeepCopyInto 

func (in *MergeableWrappedSuccessResponseSpec) DeepCopyInto(out *MergeableWrappedSuccessResponseSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Predicate 

type Predicate struct {
	// +kubebuilder:validation:MinLength=1
	Predicate string `json:"predicate"`
}

Predicate defines one CEL expression that must be evaluated to bool

func NewPredicate 

func NewPredicate(predicate string) Predicate

func (*Predicate) DeepCopy 

func (in *Predicate) DeepCopy() *Predicate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Predicate.

func (*Predicate) DeepCopyInto 

func (in *Predicate) DeepCopyInto(out *Predicate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Rate 

type Rate struct {
	// Limit defines the max value allowed for a given period of time
	Limit int `json:"limit"`

	// Window defines the time period for which the Limit specified above applies.
	Window Duration `json:"window"`
}

Rate defines the actual rate limit that will be used when there is a match

func (*Rate) DeepCopy 

func (in *Rate) DeepCopy() *Rate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rate.

func (*Rate) DeepCopyInto 

func (in *Rate) DeepCopyInto(out *Rate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Rate) ToSeconds 

func (r Rate) ToSeconds() (maxValue, seconds int)

ToSeconds converts the rate to to Limitador's Limit format (maxValue, seconds)

type RateLimitPolicy 

type RateLimitPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   RateLimitPolicySpec   `json:"spec,omitempty"`
	Status RateLimitPolicyStatus `json:"status,omitempty"`
}

RateLimitPolicy enables rate limiting for service workloads in a Gateway API network

func (*RateLimitPolicy) DeepCopy 

func (in *RateLimitPolicy) DeepCopy() *RateLimitPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicy.

func (*RateLimitPolicy) DeepCopyInto 

func (in *RateLimitPolicy) DeepCopyInto(out *RateLimitPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RateLimitPolicy) DeepCopyObject 

func (in *RateLimitPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*RateLimitPolicy) Empty 

func (p *RateLimitPolicy) Empty() bool

func (*RateLimitPolicy) GetLocator 

func (p *RateLimitPolicy) GetLocator() string

func (*RateLimitPolicy) GetMergeStrategy 

func (p *RateLimitPolicy) GetMergeStrategy() machinery.MergeStrategy

func (*RateLimitPolicy) GetName 

func (p *RateLimitPolicy) GetName() string

func (*RateLimitPolicy) GetNamespace 

func (p *RateLimitPolicy) GetNamespace() string

func (*RateLimitPolicy) GetStatus 

func (p *RateLimitPolicy) GetStatus() kuadrantgatewayapi.PolicyStatus

func (*RateLimitPolicy) GetTargetRef deprecated 

func (p *RateLimitPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference

Deprecated: Use GetTargetRefs instead

func (*RateLimitPolicy) GetTargetRefs 

func (p *RateLimitPolicy) GetTargetRefs() []machinery.PolicyTargetReference

func (*RateLimitPolicy) Kind 

func (p *RateLimitPolicy) Kind() string

func (*RateLimitPolicy) Merge 

func (p *RateLimitPolicy) Merge(other machinery.Policy) machinery.Policy

func (*RateLimitPolicy) Rules 

func (p *RateLimitPolicy) Rules() map[string]MergeableRule

func (*RateLimitPolicy) SetRules 

func (p *RateLimitPolicy) SetRules(rules map[string]MergeableRule)

type RateLimitPolicyList 

type RateLimitPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []RateLimitPolicy `json:"items"`
}

RateLimitPolicyList contains a list of RateLimitPolicy

func (*RateLimitPolicyList) DeepCopy 

func (in *RateLimitPolicyList) DeepCopy() *RateLimitPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicyList.

func (*RateLimitPolicyList) DeepCopyInto 

func (in *RateLimitPolicyList) DeepCopyInto(out *RateLimitPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RateLimitPolicyList) DeepCopyObject 

func (in *RateLimitPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RateLimitPolicySpec 

type RateLimitPolicySpec struct {
	// Reference to the object to which this policy applies.
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'"
	// +kubebuilder:validation:XValidation:rule="self.kind == 'HTTPRoute' || self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'HTTPRoute' and 'Gateway'"
	TargetRef gatewayapiv1alpha2.LocalPolicyTargetReferenceWithSectionName `json:"targetRef"`

	// Rules to apply as defaults. Can be overridden by more specific policiy rules lower in the hierarchy and by less specific policy overrides.
	// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults).
	// +optional
	Defaults *MergeableRateLimitPolicySpec `json:"defaults,omitempty"`

	// Rules to apply as overrides. Override all policy rules lower in the hierarchy. Can be overridden by less specific policy overrides.
	// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults).
	// +optional
	Overrides *MergeableRateLimitPolicySpec `json:"overrides,omitempty"`

	// Bare set of policy rules (implicit defaults).
	// Use one of: defaults, overrides, or bare set of policy rules (implicit defaults).
	RateLimitPolicySpecProper `json:""`
}

+kubebuilder:validation:XValidation:rule="!(has(self.defaults) && has(self.limits))",message="Implicit and explicit defaults are mutually exclusive" +kubebuilder:validation:XValidation:rule="!(has(self.defaults) && has(self.overrides))",message="Overrides and explicit defaults are mutually exclusive" +kubebuilder:validation:XValidation:rule="!(has(self.overrides) && has(self.limits))",message="Overrides and implicit defaults are mutually exclusive" +kubebuilder:validation:XValidation:rule="!(has(self.overrides) || has(self.defaults)) ? has(self.limits) && size(self.limits) > 0 : true",message="At least one spec.limits must be defined" +kubebuilder:validation:XValidation:rule="has(self.overrides) ? has(self.overrides.limits) && size(self.overrides.limits) > 0 : true",message="At least one spec.overrides.limits must be defined" +kubebuilder:validation:XValidation:rule="has(self.defaults) ? has(self.defaults.limits) && size(self.defaults.limits) > 0 : true",message="At least one spec.defaults.limits must be defined"

func (*RateLimitPolicySpec) DeepCopy 

func (in *RateLimitPolicySpec) DeepCopy() *RateLimitPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicySpec.

func (*RateLimitPolicySpec) DeepCopyInto 

func (in *RateLimitPolicySpec) DeepCopyInto(out *RateLimitPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RateLimitPolicySpec) Proper 

func (s *RateLimitPolicySpec) Proper() *RateLimitPolicySpecProper

type RateLimitPolicySpecProper 

type RateLimitPolicySpecProper struct {
	// When holds a list of "top-level" `Predicate`s
	// +optional
	MergeableWhenPredicates `json:""`

	// Limits holds the struct of limits indexed by a unique name
	// +optional
	Limits map[string]Limit `json:"limits,omitempty"`
}

RateLimitPolicySpecProper contains common shared fields for defaults and overrides

func (*RateLimitPolicySpecProper) DeepCopy 

func (in *RateLimitPolicySpecProper) DeepCopy() *RateLimitPolicySpecProper

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicySpecProper.

func (*RateLimitPolicySpecProper) DeepCopyInto 

func (in *RateLimitPolicySpecProper) DeepCopyInto(out *RateLimitPolicySpecProper)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RateLimitPolicyStatus 

type RateLimitPolicyStatus struct {
	// ObservedGeneration reflects the generation of the most recently observed spec.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`

	// Represents the observations of a foo's current state.
	// Known .status.conditions.type are: "Available"
	// +patchMergeKey=type
	// +patchStrategy=merge
	// +listType=map
	// +listMapKey=type
	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
}

func (*RateLimitPolicyStatus) DeepCopy 

func (in *RateLimitPolicyStatus) DeepCopy() *RateLimitPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RateLimitPolicyStatus.

func (*RateLimitPolicyStatus) DeepCopyInto 

func (in *RateLimitPolicyStatus) DeepCopyInto(out *RateLimitPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RateLimitPolicyStatus) GetConditions 

func (s *RateLimitPolicyStatus) GetConditions() []metav1.Condition

type TLSPolicy 

type TLSPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   TLSPolicySpec   `json:"spec,omitempty"`
	Status TLSPolicyStatus `json:"status,omitempty"`
}

TLSPolicy is the Schema for the tlspolicies API

func NewTLSPolicy 

func NewTLSPolicy(policyName, ns string) *TLSPolicy

func (*TLSPolicy) DeepCopy 

func (in *TLSPolicy) DeepCopy() *TLSPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicy.

func (*TLSPolicy) DeepCopyInto 

func (in *TLSPolicy) DeepCopyInto(out *TLSPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TLSPolicy) DeepCopyObject 

func (in *TLSPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*TLSPolicy) GetLocator 

func (p *TLSPolicy) GetLocator() string

func (*TLSPolicy) GetMergeStrategy 

func (p *TLSPolicy) GetMergeStrategy() machinery.MergeStrategy

func (*TLSPolicy) GetStatus 

func (p *TLSPolicy) GetStatus() kuadrantgatewayapi.PolicyStatus

func (*TLSPolicy) GetTargetRef deprecated 

func (p *TLSPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference

Deprecated: Use GetTargetRefs instead

func (*TLSPolicy) GetTargetRefs 

func (p *TLSPolicy) GetTargetRefs() []machinery.PolicyTargetReference

func (*TLSPolicy) Kind deprecated 

func (p *TLSPolicy) Kind() string

Deprecated: kuadrant.Policy.

func (*TLSPolicy) Merge 

func (p *TLSPolicy) Merge(other machinery.Policy) machinery.Policy

func (*TLSPolicy) WithIssuerRef 

func (p *TLSPolicy) WithIssuerRef(issuerRef certmanmetav1.ObjectReference) *TLSPolicy

func (*TLSPolicy) WithTargetGateway 

func (p *TLSPolicy) WithTargetGateway(gwName string) *TLSPolicy

func (*TLSPolicy) WithTargetGatewaySection 

func (p *TLSPolicy) WithTargetGatewaySection(gwName string, sectionName string) *TLSPolicy

type TLSPolicyList 

type TLSPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []TLSPolicy `json:"items"`
}

TLSPolicyList contains a list of TLSPolicy

func (*TLSPolicyList) DeepCopy 

func (in *TLSPolicyList) DeepCopy() *TLSPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicyList.

func (*TLSPolicyList) DeepCopyInto 

func (in *TLSPolicyList) DeepCopyInto(out *TLSPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TLSPolicyList) DeepCopyObject 

func (in *TLSPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TLSPolicySpec 

type TLSPolicySpec struct {
	// TargetRef identifies an API object to apply policy to.
	// +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'"
	// +kubebuilder:validation:XValidation:rule="self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'Gateway'"
	TargetRef gatewayapiv1alpha2.LocalPolicyTargetReferenceWithSectionName `json:"targetRef"`

	CertificateSpec `json:",inline"`
}

TLSPolicySpec defines the desired state of TLSPolicy

func (*TLSPolicySpec) DeepCopy 

func (in *TLSPolicySpec) DeepCopy() *TLSPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicySpec.

func (*TLSPolicySpec) DeepCopyInto 

func (in *TLSPolicySpec) DeepCopyInto(out *TLSPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TLSPolicyStatus 

type TLSPolicyStatus struct {
	// conditions are any conditions associated with the policy
	//
	// If configuring the policy fails, the "Failed" condition will be set with a
	// reason and message describing the cause of the failure.
	Conditions []metav1.Condition `json:"conditions,omitempty"`

	// observedGeneration is the most recently observed generation of the
	// TLSPolicy.  When the TLSPolicy is updated, the controller updates the
	// corresponding configuration. If an update fails, that failure is
	// recorded in the status condition
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
}

TLSPolicyStatus defines the observed state of TLSPolicy

func (*TLSPolicyStatus) DeepCopy 

func (in *TLSPolicyStatus) DeepCopy() *TLSPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSPolicyStatus.

func (*TLSPolicyStatus) DeepCopyInto 

func (in *TLSPolicyStatus) DeepCopyInto(out *TLSPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TLSPolicyStatus) GetConditions 

func (s *TLSPolicyStatus) GetConditions() []metav1.Condition

type WhenPredicates 

type WhenPredicates []Predicate

func NewWhenPredicates 

func NewWhenPredicates(predicates ...string) WhenPredicates

func (WhenPredicates) DeepCopy 

func (in WhenPredicates) DeepCopy() WhenPredicates

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WhenPredicates.

func (WhenPredicates) DeepCopyInto 

func (in WhenPredicates) DeepCopyInto(out *WhenPredicates)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (WhenPredicates) Extend 

func (w WhenPredicates) Extend(other WhenPredicates) WhenPredicates

func (WhenPredicates) Into 

func (w WhenPredicates) Into() []string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.