diff --git a/.github/test_dependencies.yaml b/.github/test_dependencies.yaml index c5fe773aa6..1e6e495c2f 100644 --- a/.github/test_dependencies.yaml +++ b/.github/test_dependencies.yaml @@ -1,15 +1,15 @@ e2e: kind: # renovate: datasource=docker depName=kindest/node versioning=docker - - 'v1.30.3' + - 'v1.31.0' # renovate: datasource=docker depName=kindest/node@only-patch packageName=kindest/node versioning=docker - - 'v1.28.9' + - 'v1.30.4' # renovate: datasource=docker depName=kindest/node@only-patch packageName=kindest/node versioning=docker - - 'v1.27.13' + - 'v1.29.8' # renovate: datasource=docker depName=kindest/node@only-patch packageName=kindest/node versioning=docker - - 'v1.26.15' + - 'v1.28.13' # renovate: datasource=docker depName=kindest/node@only-patch packageName=kindest/node versioning=docker - - 'v1.25.16' + - 'v1.27.16' gke: # renovate: datasource=custom.gke-rapid depName=gke versioning=semver - '1.30.3' @@ -18,7 +18,7 @@ e2e: # used directly in the test matrix `include` section. istio: - # renovate: datasource=docker depName=kindest/node versioning=docker - kind: 'v1.30.3' + kind: 'v1.31.0' # renovate: datasource=docker depName=istio/istioctl versioning=docker istio: '1.23.0' - # renovate: datasource=docker depName=kindest/node@only-patch versioning=docker @@ -30,11 +30,11 @@ e2e: # renovate: datasource=docker depName=istio/istioctl@only-patch versioning=docker istio: '1.21.2' - # renovate: datasource=docker depName=kindest/node@only-patch versioning=docker - kind: 'v1.29.4' + kind: 'v1.29.8' # renovate: datasource=docker depName=istio/istioctl@only-patch versioning=docker istio: '1.20.7' - # renovate: datasource=docker depName=kindest/node@only-patch packageName=kindest/node versioning=docker - kind: 'v1.28.9' + kind: 'v1.28.13' # renovate: datasource=docker depName=istio/istioctl@only-patch packageName=istio/istioctl versioning=docker istio: '1.19.10' @@ -46,7 +46,7 @@ integration: # renovate: datasource=helm depName=kong registryUrl=https://charts.konghq.com versioning=helm kong: '2.40.0' # renovate: datasource=docker depName=kindest/node versioning=docker - kind: 'v1.30.3' + kind: 'v1.31.0' # renovate: datasource=docker depName=kong versioning=docker kong-oss: '3.7.1' # renovate: datasource=docker depName=kong/kong-gateway versioning=docker diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index 5856e36d13..cd63775f61 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -33,7 +33,7 @@ jobs: - name: Check if PR is up to date, if it is skip workflows for this ref id: 'up-to-date' if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/') - uses: Kong/public-shared-actions/pr-previews/up-to-date@v2.3.0 + uses: Kong/public-shared-actions/pr-previews/up-to-date@v2.4.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.tools_versions.yaml b/.tools_versions.yaml index 994dfa4dee..93573c2ae3 100644 --- a/.tools_versions.yaml +++ b/.tools_versions.yaml @@ -1,7 +1,7 @@ # renovate: datasource=github-tags depName=kubernetes/code-generator kube-code-generator: "0.30.3" # renovate: datasource=github-releases depName=kubernetes-sigs/controller-tools -controller-tools: "0.15.0" +controller-tools: "0.16.1" # renovate: datasource=github-releases depName=kubernetes-sigs/kustomize kustomize: "5.3.0" # renovate: datasource=github-releases depName=golangci/golangci-lint @@ -9,7 +9,7 @@ golangci-lint: "1.60.1" # renovate: datasource=github-releases depName=GoogleContainerTools/skaffold skaffold: "2.13.1" # renovate: datasource=github-releases depName=kubernetes-sigs/controller-runtime -setup-envtest: "0.18.5" +setup-envtest: "0.19.0" # renovate: datasource=github-releases depName=elastic/crd-ref-docs crd-ref-docs: "0.1.0" # renovate: datasource=github-releases depName=mikefarah/yq @@ -19,4 +19,4 @@ gojunit-report: "2.1.0" # renovate: datasource=github-releases depName=gotestyourself/gotestsum gotestsum: "1.12.0" # renovate: datasource=github-releases depName=dominikh/go-tools -staticcheck: "0.4.7" +staticcheck: "2024.1.1" diff --git a/Dockerfile b/Dockerfile index bcc69ca956..6b521d39f2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ ### Standard binary # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.22.6 AS builder +FROM --platform=$BUILDPLATFORM golang:1.23.0 AS builder ARG GOPATH ARG GOCACHE diff --git a/Dockerfile.debug b/Dockerfile.debug index fc7488199a..abed3b9d53 100644 --- a/Dockerfile.debug +++ b/Dockerfile.debug @@ -1,5 +1,5 @@ # Build a manager binary with debug symbols and download Delve -FROM --platform=$BUILDPLATFORM golang:1.22.6 AS builder +FROM --platform=$BUILDPLATFORM golang:1.23.0 AS builder ARG GOPATH ARG GOCACHE @@ -46,7 +46,7 @@ RUN --mount=type=cache,target=$GOPATH/pkg/mod \ ### Debug # Create an image that runs a debug build with Delve installed -FROM golang:1.22.6 AS debug +FROM golang:1.23.0 AS debug RUN go install github.com/go-delve/delve/cmd/dlv@latest # We want all source so Delve file location operations work COPY --from=builder /workspace/bin/manager-debug / diff --git a/Makefile b/Makefile index c8461770bb..83816ef903 100644 --- a/Makefile +++ b/Makefile @@ -149,8 +149,7 @@ STATICCHECK_VERSION = $(shell yq -ojson -r '.staticcheck' < $(TOOLS_VERSIONS_FIL STATICCHECK = $(PROJECT_DIR)/bin/installs/staticcheck/$(STATICCHECK_VERSION)/bin/staticcheck .PHONY: staticcheck.download staticcheck.download: ## Download staticcheck locally if necessary. -# TODO: Use staticcheck plugin without alias aftrer https://github.com/pbr0ck3r/asdf-staticcheck/pull/6 is merged. - @$(MAKE) mise-plugin-install DEP=staticcheck URL=https://github.com/pmalek/asdf-staticcheck.git + @$(MAKE) mise-plugin-install DEP=staticcheck URL=https://github.com/pbr0ck3r/asdf-staticcheck.git @$(MISE) install staticcheck@$(STATICCHECK_VERSION) GOJUNIT_REPORT_VERSION = $(shell yq -ojson -r '.gojunit-report' < $(TOOLS_VERSIONS_FILE)) diff --git a/config/crd/bases/configuration.konghq.com_ingressclassparameterses.yaml b/config/crd/bases/configuration.konghq.com_ingressclassparameterses.yaml index 861d9f420d..087af4edf5 100644 --- a/config/crd/bases/configuration.konghq.com_ingressclassparameterses.yaml +++ b/config/crd/bases/configuration.konghq.com_ingressclassparameterses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com diff --git a/config/crd/bases/configuration.konghq.com_kongclusterplugins.yaml b/config/crd/bases/configuration.konghq.com_kongclusterplugins.yaml index 56e922cffc..35557be3f5 100644 --- a/config/crd/bases/configuration.konghq.com_kongclusterplugins.yaml +++ b/config/crd/bases/configuration.konghq.com_kongclusterplugins.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -227,22 +227,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -283,12 +273,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_kongconsumergroups.yaml b/config/crd/bases/configuration.konghq.com_kongconsumergroups.yaml index 1b335d523e..b7dc6f808d 100644 --- a/config/crd/bases/configuration.konghq.com_kongconsumergroups.yaml +++ b/config/crd/bases/configuration.konghq.com_kongconsumergroups.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -62,22 +62,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -118,12 +108,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_kongconsumers.yaml b/config/crd/bases/configuration.konghq.com_kongconsumers.yaml index f40494fc38..5c9e61f207 100644 --- a/config/crd/bases/configuration.konghq.com_kongconsumers.yaml +++ b/config/crd/bases/configuration.konghq.com_kongconsumers.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -87,22 +87,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -143,12 +133,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_kongcustomentities.yaml b/config/crd/bases/configuration.konghq.com_kongcustomentities.yaml index 91c6da9b5c..144cab7352 100644 --- a/config/crd/bases/configuration.konghq.com_kongcustomentities.yaml +++ b/config/crd/bases/configuration.konghq.com_kongcustomentities.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -103,22 +103,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -159,12 +149,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_kongingresses.yaml b/config/crd/bases/configuration.konghq.com_kongingresses.yaml index 5427c46f19..fdb0944936 100644 --- a/config/crd/bases/configuration.konghq.com_kongingresses.yaml +++ b/config/crd/bases/configuration.konghq.com_kongingresses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com diff --git a/config/crd/bases/configuration.konghq.com_konglicenses.yaml b/config/crd/bases/configuration.konghq.com_konglicenses.yaml index 00c9d58a5f..d3d22a2322 100644 --- a/config/crd/bases/configuration.konghq.com_konglicenses.yaml +++ b/config/crd/bases/configuration.konghq.com_konglicenses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -80,18 +80,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -133,12 +123,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_kongplugins.yaml b/config/crd/bases/configuration.konghq.com_kongplugins.yaml index d9bd6345f6..6def4d76bb 100644 --- a/config/crd/bases/configuration.konghq.com_kongplugins.yaml +++ b/config/crd/bases/configuration.konghq.com_kongplugins.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -221,22 +221,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -277,12 +267,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_kongupstreampolicies.yaml b/config/crd/bases/configuration.konghq.com_kongupstreampolicies.yaml index fa99b31394..3fa153002f 100644 --- a/config/crd/bases/configuration.konghq.com_kongupstreampolicies.yaml +++ b/config/crd/bases/configuration.konghq.com_kongupstreampolicies.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -27,23 +27,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -356,27 +351,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -388,7 +378,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -397,28 +386,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -435,7 +419,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -445,14 +428,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -462,7 +442,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -472,20 +451,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -493,7 +469,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -504,7 +479,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -513,19 +487,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -534,7 +505,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -545,7 +515,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -553,12 +522,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -568,7 +535,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -581,18 +547,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -634,12 +590,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -662,15 +613,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. diff --git a/config/crd/bases/configuration.konghq.com_kongvaults.yaml b/config/crd/bases/configuration.konghq.com_kongvaults.yaml index 2dbdfd8339..fff8a7c338 100644 --- a/config/crd/bases/configuration.konghq.com_kongvaults.yaml +++ b/config/crd/bases/configuration.konghq.com_kongvaults.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -105,22 +105,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -161,12 +151,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/configuration.konghq.com_tcpingresses.yaml b/config/crd/bases/configuration.konghq.com_tcpingresses.yaml index ab693720fa..3a4f604ff9 100644 --- a/config/crd/bases/configuration.konghq.com_tcpingresses.yaml +++ b/config/crd/bases/configuration.konghq.com_tcpingresses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -175,8 +175,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -186,12 +184,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object diff --git a/config/crd/bases/configuration.konghq.com_udpingresses.yaml b/config/crd/bases/configuration.konghq.com_udpingresses.yaml index d0d38c2381..b688b08b67 100644 --- a/config/crd/bases/configuration.konghq.com_udpingresses.yaml +++ b/config/crd/bases/configuration.konghq.com_udpingresses.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -139,8 +139,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -150,12 +148,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object diff --git a/config/crd/incubator/incubator.ingress-controller.konghq.com_kongservicefacades.yaml b/config/crd/incubator/incubator.ingress-controller.konghq.com_kongservicefacades.yaml index 3db31e6e0e..99232c6b78 100644 --- a/config/crd/incubator/incubator.ingress-controller.konghq.com_kongservicefacades.yaml +++ b/config/crd/incubator/incubator.ingress-controller.konghq.com_kongservicefacades.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -26,7 +26,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -82,22 +81,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -138,12 +127,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/rbac/gateway/role.yaml b/config/rbac/gateway/role.yaml index b8f735524c..98df909338 100644 --- a/config/rbac/gateway/role.yaml +++ b/config/rbac/gateway/role.yaml @@ -16,6 +16,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -24,6 +30,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -36,21 +47,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -59,77 +55,9 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 817f3a53a9..b3694a33bf 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -15,20 +15,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -36,6 +22,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -53,173 +40,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -228,6 +58,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -269,13 +109,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get diff --git a/test/e2e/manifests/all-in-one-dbless-k4k8s-enterprise.yaml b/test/e2e/manifests/all-in-one-dbless-k4k8s-enterprise.yaml index fd35c118fc..e083b6fc77 100644 --- a/test/e2e/manifests/all-in-one-dbless-k4k8s-enterprise.yaml +++ b/test/e2e/manifests/all-in-one-dbless-k4k8s-enterprise.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/test/e2e/manifests/all-in-one-dbless-konnect-enterprise.yaml b/test/e2e/manifests/all-in-one-dbless-konnect-enterprise.yaml index ade75fe974..35d65a5742 100644 --- a/test/e2e/manifests/all-in-one-dbless-konnect-enterprise.yaml +++ b/test/e2e/manifests/all-in-one-dbless-konnect-enterprise.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/test/e2e/manifests/all-in-one-dbless-konnect.yaml b/test/e2e/manifests/all-in-one-dbless-konnect.yaml index d17531b25b..68c39cd469 100644 --- a/test/e2e/manifests/all-in-one-dbless-konnect.yaml +++ b/test/e2e/manifests/all-in-one-dbless-konnect.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/test/e2e/manifests/all-in-one-dbless.yaml b/test/e2e/manifests/all-in-one-dbless.yaml index 380cc0bd1c..c63f2f361c 100644 --- a/test/e2e/manifests/all-in-one-dbless.yaml +++ b/test/e2e/manifests/all-in-one-dbless.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/test/e2e/manifests/all-in-one-postgres-enterprise.yaml b/test/e2e/manifests/all-in-one-postgres-enterprise.yaml index 8c678a8eb9..3f50433fcb 100644 --- a/test/e2e/manifests/all-in-one-postgres-enterprise.yaml +++ b/test/e2e/manifests/all-in-one-postgres-enterprise.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/test/e2e/manifests/all-in-one-postgres-multiple-gateways.yaml b/test/e2e/manifests/all-in-one-postgres-multiple-gateways.yaml index 371b2aad18..15fa06c7de 100644 --- a/test/e2e/manifests/all-in-one-postgres-multiple-gateways.yaml +++ b/test/e2e/manifests/all-in-one-postgres-multiple-gateways.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding diff --git a/test/e2e/manifests/all-in-one-postgres.yaml b/test/e2e/manifests/all-in-one-postgres.yaml index 5c00076f7d..a8739d17f7 100644 --- a/test/e2e/manifests/all-in-one-postgres.yaml +++ b/test/e2e/manifests/all-in-one-postgres.yaml @@ -9,7 +9,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -66,7 +66,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -290,22 +290,12 @@ spec: description: |- Conditions describe the current conditions of the KongClusterPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -346,12 +336,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -387,7 +372,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -446,22 +431,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumerGroup. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -502,12 +477,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -534,7 +504,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -618,22 +588,12 @@ spec: description: |- Conditions describe the current conditions of the KongConsumer. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -674,12 +634,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -712,7 +667,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongcustomentities.configuration.konghq.com spec: group: configuration.konghq.com @@ -812,22 +767,12 @@ spec: description: |- Conditions describe the current conditions of the KongCustomEntityStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -868,12 +813,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -909,7 +849,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1300,7 +1240,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: konglicenses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1377,18 +1317,8 @@ spec: description: Conditions describe the current conditions of the KongLicense on the controller. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -1430,12 +1360,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1513,7 +1438,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1731,22 +1656,12 @@ spec: description: |- Conditions describe the current conditions of the KongPluginStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1787,12 +1702,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1828,7 +1738,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongservicefacades.incubator.ingress-controller.konghq.com spec: group: incubator.ingress-controller.konghq.com @@ -1851,7 +1761,6 @@ spec: to the same Kubernetes Service, but will have different configuration (e.g. different set of plugins, different load balancing algorithm, etc.). - KongServiceFacade requires `kubernetes.io/ingress.class` annotation with a value matching the ingressClass of the Kong Ingress Controller (`kong` by default) to be reconciled. properties: @@ -1907,22 +1816,12 @@ spec: description: |- Conditions describe the current conditions of the KongServiceFacade. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -1963,12 +1862,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1997,7 +1891,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -2021,23 +1915,18 @@ spec: KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. - Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), and it is applied to Kong Upstream objects created by the controller. - It can be attached to Services. To attach it to a Service, it has to be annotated with `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy object in the same namespace as the Service. - When attached to a Service, it will affect all Kong Upstreams created for the Service. - When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. - Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. @@ -2350,27 +2239,22 @@ spec: the controller first sees the policy and SHOULD update the entry as appropriate when the relevant ancestor is modified. - Note that choosing the relevant ancestor is left to the Policy designers; an important part of Policy design is designing the right object level at which to namespace this status. - Note also that implementations MUST ONLY populate ancestor status for the Ancestor resources they are responsible for. Implementations MUST use the ControllerName field to uniquely identify the entries in this list that they are responsible for. - Note that to achieve this, the list of PolicyAncestorStatus structs MUST be treated as a map with a composite key, made up of the AncestorRef and ControllerName fields combined. - A maximum of 16 ancestors will be represented in this list. An empty list means the Policy is not relevant for any ancestors. - If this slice is full, implementations MUST NOT add further entries. Instead they MUST consider the policy unimplementable and signal that on any related resources such as the ancestor that would be referenced @@ -2382,7 +2266,6 @@ spec: PolicyAncestorStatus describes the status of a route with respect to an associated Ancestor. - Ancestors refer to objects that are either the Target of a policy or above it in terms of object hierarchy. For example, if a policy targets a Service, the Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and @@ -2391,28 +2274,23 @@ spec: SHOULD use Gateway as the PolicyAncestorStatus object unless the designers have a _very_ good reason otherwise. - In the context of policy attachment, the Ancestor is used to distinguish which resource results in a distinct application of this policy. For example, if a policy targets a Service, it may have a distinct result per attached Gateway. - Policies targeting the same resource may have different effects depending on the ancestors of those resources. For example, different Gateways targeting the same Service may have different capabilities, especially if they have different underlying implementations. - For example, in BackendTLSPolicy, the Policy attaches to a Service that is used as a backend in a HTTPRoute that is itself attached to a Gateway. In this case, the relevant object for status is the Gateway, and that is the ancestor object referred to in this status. - Note that a parent is also an ancestor, so for objects where the parent is the relevant object for status, this struct SHOULD still be used. - This struct is intended to be used in a slice that's effectively a map, with a composite key made up of the AncestorRef and the ControllerName. properties: @@ -2429,7 +2307,6 @@ spec: To set the core API group (such as for a "Service" kind referent), Group must be explicitly set to "" (empty string). - Support: Core maxLength: 253 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ @@ -2439,14 +2316,11 @@ spec: description: |- Kind is kind of the referent. - There are two kinds of parent resources with "Core" support: - * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, ClusterIP Services only) - Support for other resources is Implementation-Specific. maxLength: 63 minLength: 1 @@ -2456,7 +2330,6 @@ spec: description: |- Name is the name of the referent. - Support: Core maxLength: 253 minLength: 1 @@ -2466,20 +2339,17 @@ spec: Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. - Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. - ParentRefs from a Route to a Service in the same namespace are "producer" routes, which apply default routing rules to inbound connections from any namespace to the Service. - ParentRefs from a Route to a Service in a different namespace are "consumer" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which @@ -2487,7 +2357,6 @@ spec: ParentRef of the Route. - Support: Core maxLength: 63 minLength: 1 @@ -2498,7 +2367,6 @@ spec: Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. - When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the @@ -2507,19 +2375,16 @@ spec: and SectionName are specified, the name and port of the selected listener must match both specified values. - When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. - Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. - For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, @@ -2528,7 +2393,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Extended format: int32 maximum: 65535 @@ -2539,7 +2403,6 @@ spec: SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: - * Gateway: Listener name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. @@ -2547,12 +2410,10 @@ spec: are specified, the name and port of the selected listener must match both specified values. - Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. - When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway @@ -2562,7 +2423,6 @@ spec: attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. - Support: Core maxLength: 253 minLength: 1 @@ -2575,18 +2435,8 @@ spec: description: Conditions describes the status of the Policy with respect to the given Ancestor. items: - description: "Condition contains details for one aspect of - the current state of this API Resource.\n---\nThis struct - is intended for direct use as an array at the field path - .status.conditions. For example,\n\n\n\ttype FooStatus - struct{\n\t // Represents the observations of a foo's - current state.\n\t // Known .status.conditions.type are: - \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // - +listType=map\n\t // +listMapKey=type\n\t Conditions - []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" - patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of + the current state of this API Resource. properties: lastTransitionTime: description: |- @@ -2628,12 +2478,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2656,15 +2501,12 @@ spec: controller that wrote this status. This corresponds with the controllerName field on GatewayClass. - Example: "example.net/gateway-controller". - The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are valid Kubernetes names (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). - Controllers MUST populate this field when writing status. Controllers should ensure that entries to status populated with their ControllerName are cleaned up when they are no longer necessary. @@ -2735,7 +2577,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: kongvaults.configuration.konghq.com spec: group: configuration.konghq.com @@ -2837,22 +2679,12 @@ spec: description: |- Conditions describe the current conditions of the KongVaultStatus. - Known condition types are: - * "Programmed" items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -2893,12 +2725,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -2932,7 +2759,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3104,8 +2931,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3115,12 +2940,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3141,7 +2966,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -3277,8 +3102,6 @@ spec: CamelCase names - cloud provider specific error values must have names that comply with the format foo.example.com/CamelCase. - --- - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -3288,12 +3111,12 @@ spec: format: int32 type: integer protocol: - default: TCP description: |- Protocol is the protocol of the service port of which status is recorded here The supported values are: "TCP", "UDP", "SCTP" type: string required: + - error - port - protocol type: object @@ -3370,20 +3193,6 @@ rules: - "" resources: - nodes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - secrets verbs: - list @@ -3391,6 +3200,7 @@ rules: - apiGroups: - "" resources: + - pods - services verbs: - get @@ -3408,173 +3218,16 @@ rules: - configuration.konghq.com resources: - ingressclassparameterses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - kongclusterplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongclusterplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumergroups - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumergroups/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongconsumers - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongconsumers/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongcustomentities - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongcustomentities/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - konglicenses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - konglicenses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongplugins - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongplugins/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongupstreampolicies - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongupstreampolicies/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - kongvaults - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - kongvaults/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - tcpingresses - verbs: - - get - - list - - watch -- apiGroups: - - configuration.konghq.com - resources: - - tcpingresses/status - verbs: - - get - - patch - - update -- apiGroups: - - configuration.konghq.com - resources: - udpingresses verbs: - get @@ -3583,6 +3236,16 @@ rules: - apiGroups: - configuration.konghq.com resources: + - kongclusterplugins/status + - kongconsumergroups/status + - kongconsumers/status + - kongcustomentities/status + - kongingresses/status + - konglicenses/status + - kongplugins/status + - kongupstreampolicies/status + - kongvaults/status + - tcpingresses/status - udpingresses/status verbs: - get @@ -3624,13 +3287,6 @@ rules: - networking.k8s.io resources: - ingressclasses - verbs: - - get - - list - - watch -- apiGroups: - - networking.k8s.io - resources: - ingresses verbs: - get @@ -3675,6 +3331,12 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses + - grpcroutes + - httproutes + - referencegrants + - tcproutes + - tlsroutes + - udproutes verbs: - get - list @@ -3683,6 +3345,11 @@ rules: - gateway.networking.k8s.io resources: - gatewayclasses/status + - gateways/status + - httproutes/status + - tcproutes/status + - tlsroutes/status + - udproutes/status verbs: - get - update @@ -3695,21 +3362,6 @@ rules: - list - update - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - gateways/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - grpcroutes - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3718,80 +3370,12 @@ rules: - get - patch - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - httproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - referencegrants - verbs: - - get - - list - - watch - apiGroups: - gateway.networking.k8s.io resources: - referencegrants/status verbs: - get -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tcproutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - tlsroutes/status - verbs: - - get - - update -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes - verbs: - - get - - list - - watch -- apiGroups: - - gateway.networking.k8s.io - resources: - - udproutes/status - verbs: - - get - - update --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding