From ef9c80928fdb40ca4c44af6e1001f04c83c78d57 Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Fri, 26 Jul 2024 09:08:16 +0100 Subject: [PATCH] Update Gateway API to v1.1 (#780) * Update gatewayapi to v1.1 Signed-off-by: Adam Cattermole * Use LocalPolicyTargetReference Signed-off-by: Adam Cattermole --------- Signed-off-by: Adam Cattermole --- api/v1alpha1/dnspolicy_types.go | 27 +- api/v1alpha1/tlspolicy_types.go | 23 +- api/v1alpha1/zz_generated.deepcopy.go | 4 +- api/v1beta2/authpolicy_types.go | 13 +- api/v1beta2/authpolicy_types_test.go | 69 +--- api/v1beta2/ratelimitpolicy_types.go | 12 +- api/v1beta2/ratelimitpolicy_types_test.go | 23 +- api/v1beta2/zz_generated.deepcopy.go | 4 +- ...adrant-operator.clusterserviceversion.yaml | 2 +- .../manifests/kuadrant.io_authpolicies.yaml | 22 +- bundle/manifests/kuadrant.io_dnspolicies.yaml | 12 +- bundle/manifests/kuadrant.io_kuadrants.yaml | 174 +++++++++- .../kuadrant.io_ratelimitpolicies.yaml | 10 - bundle/manifests/kuadrant.io_tlspolicies.yaml | 10 - .../crd/bases/kuadrant.io_authpolicies.yaml | 22 +- config/crd/bases/kuadrant.io_dnspolicies.yaml | 12 +- config/crd/bases/kuadrant.io_kuadrants.yaml | 174 +++++++++- .../bases/kuadrant.io_ratelimitpolicies.yaml | 10 - config/crd/bases/kuadrant.io_tlspolicies.yaml | 10 - .../gateway-api/kustomization.yaml | 2 +- controllers/authpolicy_controller.go | 4 - .../authpolicy_istio_authorizationpolicy.go | 2 +- controllers/dnspolicy_controller.go | 6 - .../httprouteparentrefs_eventmapper.go | 8 +- controllers/ratelimitpolicy_controller.go | 4 - controllers/target_status_controller.go | 2 +- controllers/tlspolicy_controller.go | 8 +- controllers/tlspolicy_status_test.go | 2 +- doc/reference/authpolicy.md | 2 +- doc/reference/dnspolicy.md | 2 +- doc/reference/ratelimitpolicy.md | 2 +- doc/reference/tlspolicy.md | 2 +- go.mod | 105 +++--- go.sum | 299 ++++++++---------- pkg/istio/mesh_config_test.go | 25 -- pkg/library/gatewayapi/helper_test.go | 27 +- pkg/library/gatewayapi/topology.go | 9 +- pkg/library/gatewayapi/types.go | 2 +- pkg/library/gatewayapi/types_test.go | 8 +- pkg/library/gatewayapi/utils.go | 4 +- .../apimachinery_status_conditions_test.go | 4 +- pkg/library/kuadrant/errors.go | 4 +- pkg/library/kuadrant/errors_test.go | 2 +- pkg/library/kuadrant/kuadrant.go | 4 +- pkg/library/kuadrant/kuadrant_test.go | 13 +- pkg/library/kuadrant/test_utils.go | 4 +- pkg/library/mappers/gateway_test.go | 4 +- pkg/library/mappers/httproute_test.go | 4 +- pkg/library/mappers/policy_to_gateway.go | 8 +- pkg/library/reconcilers/fetcher.go | 6 +- pkg/library/reconcilers/fetcher_test.go | 7 +- .../authpolicy/authpolicy_controller_test.go | 63 ++-- .../ratelimitpolicy_controller_test.go | 23 +- .../target_status_controller_test.go | 67 ++-- ...icy_controller_authorizationpolicy_test.go | 37 +-- ...dor_cluster_envoyfilter_controller_test.go | 2 +- ...miting_istio_wasmplugin_controller_test.go | 35 +- 57 files changed, 726 insertions(+), 719 deletions(-) diff --git a/api/v1alpha1/dnspolicy_types.go b/api/v1alpha1/dnspolicy_types.go index 4fe7f54d1..98b1ac02e 100644 --- a/api/v1alpha1/dnspolicy_types.go +++ b/api/v1alpha1/dnspolicy_types.go @@ -18,7 +18,6 @@ package v1alpha1 import ( "context" - "fmt" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" @@ -53,7 +52,7 @@ type DNSPolicySpec struct { // TargetRef identifies an API object to apply policy to. // +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'" // +kubebuilder:validation:XValidation:rule="self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'Gateway'" - TargetRef gatewayapiv1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef gatewayapiv1alpha2.LocalPolicyTargetReference `json:"targetRef"` // +optional HealthCheck *v1alpha1.HealthCheckSpec `json:"healthCheck,omitempty"` @@ -173,7 +172,7 @@ func (p *DNSPolicy) GetRulesHostnames() []string { return make([]string, 0) } -func (p *DNSPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { +func (p *DNSPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference { return p.Spec.TargetRef } @@ -214,16 +213,6 @@ func (p *DNSPolicy) DirectReferenceAnnotationName() string { return DNSPolicyDirectReferenceAnnotationName } -// Validate ensures the resource is valid. Compatible with the validating interface -// used by webhooks -func (p *DNSPolicy) Validate() error { - if p.Spec.TargetRef.Namespace != nil && string(*p.Spec.TargetRef.Namespace) != p.Namespace { - return fmt.Errorf("invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", *p.Spec.TargetRef.Namespace) - } - - return nil -} - //+kubebuilder:object:root=true // DNSPolicyList contains a list of DNSPolicy @@ -259,7 +248,7 @@ func NewDNSPolicy(name, ns string) *DNSPolicy { } } -func (p *DNSPolicy) WithTargetRef(targetRef gatewayapiv1alpha2.PolicyTargetReference) *DNSPolicy { +func (p *DNSPolicy) WithTargetRef(targetRef gatewayapiv1alpha2.LocalPolicyTargetReference) *DNSPolicy { p.Spec.TargetRef = targetRef return p } @@ -282,12 +271,10 @@ func (p *DNSPolicy) WithRoutingStrategy(strategy RoutingStrategy) *DNSPolicy { //TargetRef func (p *DNSPolicy) WithTargetGateway(gwName string) *DNSPolicy { - typedNamespace := gatewayapiv1.Namespace(p.GetNamespace()) - return p.WithTargetRef(gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), - Namespace: &typedNamespace, + return p.WithTargetRef(gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: gatewayapiv1.ObjectName(gwName), }) } diff --git a/api/v1alpha1/tlspolicy_types.go b/api/v1alpha1/tlspolicy_types.go index 90e4a4cef..d79d0c3d8 100644 --- a/api/v1alpha1/tlspolicy_types.go +++ b/api/v1alpha1/tlspolicy_types.go @@ -18,7 +18,6 @@ package v1alpha1 import ( "context" - "fmt" certmanv1 "github.com/cert-manager/cert-manager/pkg/apis/certmanager/v1" certmanmetav1 "github.com/cert-manager/cert-manager/pkg/apis/meta/v1" @@ -42,7 +41,7 @@ type TLSPolicySpec struct { // TargetRef identifies an API object to apply policy to. // +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'" // +kubebuilder:validation:XValidation:rule="self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'Gateway'" - TargetRef gatewayapiv1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef gatewayapiv1alpha2.LocalPolicyTargetReference `json:"targetRef"` CertificateSpec `json:",inline"` } @@ -179,7 +178,7 @@ func (p *TLSPolicy) GetRulesHostnames() []string { return make([]string, 0) } -func (p *TLSPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { +func (p *TLSPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference { return p.Spec.TargetRef } @@ -195,14 +194,6 @@ func (p *TLSPolicy) DirectReferenceAnnotationName() string { return TLSPolicyDirectReferenceAnnotationName } -func (p *TLSPolicy) Validate() error { - if p.Spec.TargetRef.Namespace != nil && string(*p.Spec.TargetRef.Namespace) != p.Namespace { - return fmt.Errorf("invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", *p.Spec.TargetRef.Namespace) - } - - return nil -} - //+kubebuilder:object:root=true // TLSPolicyList contains a list of TLSPolicy @@ -239,12 +230,10 @@ func NewTLSPolicy(policyName, ns string) *TLSPolicy { } func (p *TLSPolicy) WithTargetGateway(gwName string) *TLSPolicy { - typedNamespace := gatewayapiv1.Namespace(p.GetNamespace()) - p.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: gatewayapiv1.ObjectName(gwName), - Namespace: &typedNamespace, + p.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: gatewayapiv1.ObjectName(gwName), } return p } diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 4d26d5c5a..49c970a98 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -150,7 +150,7 @@ func (in *DNSPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DNSPolicySpec) DeepCopyInto(out *DNSPolicySpec) { *out = *in - in.TargetRef.DeepCopyInto(&out.TargetRef) + out.TargetRef = in.TargetRef if in.HealthCheck != nil { in, out := &in.HealthCheck, &out.HealthCheck *out = new(apiv1alpha1.HealthCheckSpec) @@ -338,7 +338,7 @@ func (in *TLSPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TLSPolicySpec) DeepCopyInto(out *TLSPolicySpec) { *out = *in - in.TargetRef.DeepCopyInto(&out.TargetRef) + out.TargetRef = in.TargetRef in.CertificateSpec.DeepCopyInto(&out.CertificateSpec) } diff --git a/api/v1beta2/authpolicy_types.go b/api/v1beta2/authpolicy_types.go index ee206041d..0ba0c8338 100644 --- a/api/v1beta2/authpolicy_types.go +++ b/api/v1beta2/authpolicy_types.go @@ -2,7 +2,6 @@ package v1beta2 import ( "context" - "fmt" "github.com/go-logr/logr" "github.com/google/go-cmp/cmp" @@ -163,7 +162,7 @@ type AuthPolicySpec struct { // TargetRef identifies an API object to apply policy to. // +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'" // +kubebuilder:validation:XValidation:rule="self.kind == 'HTTPRoute' || self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'HTTPRoute' and 'Gateway'" - TargetRef gatewayapiv1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef gatewayapiv1alpha2.LocalPolicyTargetReference `json:"targetRef"` // Defaults define explicit default values for this policy and for policies inheriting this policy. // Defaults are mutually exclusive with implicit defaults defined by AuthPolicyCommonSpec. @@ -273,15 +272,7 @@ func (ap *AuthPolicy) IsAtomicOverride() bool { return ap.Spec.Overrides != nil } -func (ap *AuthPolicy) Validate() error { - if ap.Spec.TargetRef.Namespace != nil && string(*ap.Spec.TargetRef.Namespace) != ap.Namespace { - return fmt.Errorf("invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", *ap.Spec.TargetRef.Namespace) - } - - return nil -} - -func (ap *AuthPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { +func (ap *AuthPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference { return ap.Spec.TargetRef } diff --git a/api/v1beta2/authpolicy_types_test.go b/api/v1beta2/authpolicy_types_test.go index 75e38ad1f..2bc108f51 100644 --- a/api/v1beta2/authpolicy_types_test.go +++ b/api/v1beta2/authpolicy_types_test.go @@ -6,7 +6,6 @@ import ( "reflect" "testing" - authorinoapi "github.com/kuadrant/authorino/api/v1beta2" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" @@ -71,7 +70,7 @@ func TestAuthPolicyGetRulesHostnames(t *testing.T) { Namespace: "my-namespace", }, Spec: AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-route", @@ -213,72 +212,6 @@ func TestAuthPolicyGetRulesHostnames(t *testing.T) { } } -func TestAuthPolicyValidate(t *testing.T) { - testCases := []struct { - name string - policy *AuthPolicy - valid bool - message string - }{ - { - name: "invalid targetRef namespace", - policy: &AuthPolicy{ - ObjectMeta: metav1.ObjectMeta{ - Name: "my-policy", - Namespace: "my-namespace", - }, - Spec: AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "HTTPRoute", - Name: "my-route", - Namespace: ptr.To(gatewayapiv1.Namespace("other-namespace")), - }, - AuthPolicyCommonSpec: AuthPolicyCommonSpec{ - AuthScheme: &AuthSchemeSpec{ - Authentication: map[string]AuthenticationSpec{ - "my-rule": { - AuthenticationSpec: authorinoapi.AuthenticationSpec{ - AuthenticationMethodSpec: authorinoapi.AuthenticationMethodSpec{ - AnonymousAccess: &authorinoapi.AnonymousAccessSpec{}, - }, - }, - CommonAuthRuleSpec: CommonAuthRuleSpec{ - RouteSelectors: []RouteSelector{ - { - Hostnames: []gatewayapiv1.Hostname{"*.foo.io"}, - Matches: []gatewayapiv1.HTTPRouteMatch{ - { - Path: &gatewayapiv1.HTTPPathMatch{ - Value: ptr.To("/foo"), - }, - }, - }, - }, - }, - }, - }, - }, - }, - }, - }, - }, - message: "invalid targetRef.Namespace other-namespace. Currently only supporting references to the same namespace", - }, - } - for _, tc := range testCases { - t.Run(tc.name, func(t *testing.T) { - result := tc.policy.Validate() - if tc.valid && result != nil { - t.Errorf("Expected policy to be valid, got %t", result) - } - if !tc.valid && result == nil { - t.Error("Expected policy to be invalid, got no validation error") - } - }) - } -} - func testBuildRouteSelector() RouteSelector { return RouteSelector{ Hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, diff --git a/api/v1beta2/ratelimitpolicy_types.go b/api/v1beta2/ratelimitpolicy_types.go index f49aa19e6..7443a78c2 100644 --- a/api/v1beta2/ratelimitpolicy_types.go +++ b/api/v1beta2/ratelimitpolicy_types.go @@ -132,7 +132,7 @@ type RateLimitPolicySpec struct { // TargetRef identifies an API object to apply policy to. // +kubebuilder:validation:XValidation:rule="self.group == 'gateway.networking.k8s.io'",message="Invalid targetRef.group. The only supported value is 'gateway.networking.k8s.io'" // +kubebuilder:validation:XValidation:rule="self.kind == 'HTTPRoute' || self.kind == 'Gateway'",message="Invalid targetRef.kind. The only supported values are 'HTTPRoute' and 'Gateway'" - TargetRef gatewayapiv1alpha2.PolicyTargetReference `json:"targetRef"` + TargetRef gatewayapiv1alpha2.LocalPolicyTargetReference `json:"targetRef"` // Defaults define explicit default values for this policy and for policies inheriting this policy. // Defaults are mutually exclusive with implicit defaults defined by RateLimitPolicyCommonSpec. @@ -226,14 +226,6 @@ type RateLimitPolicy struct { var _ kuadrantgatewayapi.Policy = &RateLimitPolicy{} -func (r *RateLimitPolicy) Validate() error { - if r.Spec.TargetRef.Namespace != nil && string(*r.Spec.TargetRef.Namespace) != r.Namespace { - return fmt.Errorf("invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", *r.Spec.TargetRef.Namespace) - } - - return nil -} - func (r *RateLimitPolicy) GetObservedGeneration() int64 { return r.Status.GetObservedGeneration() } func (r *RateLimitPolicy) SetObservedGeneration(o int64) { r.Status.SetObservedGeneration(o) } @@ -252,7 +244,7 @@ func (l *RateLimitPolicyList) GetItems() []kuadrant.Policy { }) } -func (r *RateLimitPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { +func (r *RateLimitPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference { return r.Spec.TargetRef } diff --git a/api/v1beta2/ratelimitpolicy_types_test.go b/api/v1beta2/ratelimitpolicy_types_test.go index 2dd512d7d..73605e161 100644 --- a/api/v1beta2/ratelimitpolicy_types_test.go +++ b/api/v1beta2/ratelimitpolicy_types_test.go @@ -3,7 +3,6 @@ package v1beta2 import ( - "strings" "testing" "gotest.tools/assert" @@ -25,7 +24,7 @@ func testBuildBasicRLP(name string, kind gatewayapiv1.Kind, mutateFn func(*RateL Namespace: "testNS", }, Spec: RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: kind, Name: "some-name", @@ -44,26 +43,6 @@ func testBuildBasicHTTPRouteRLP(name string, mutateFn func(*RateLimitPolicy)) *R return testBuildBasicRLP(name, "HTTPRoute", mutateFn) } -// TestRateLimitPolicyValidation calls rlp.Validate() -// for a valid return value. -func TestRateLimitPolicyValidation(t *testing.T) { - name := "httproute-a" - - t.Run("Invalid - Different namespace", func(subT *testing.T) { - rlp := testBuildBasicHTTPRouteRLP(name, func(policy *RateLimitPolicy) { - otherNS := gatewayapiv1.Namespace(policy.GetNamespace() + "other") - policy.Spec.TargetRef.Namespace = &otherNS - }) - err := rlp.Validate() - if err == nil { - subT.Fatal(`rlp.Validate() did not return error and should`) - } - if !strings.Contains(err.Error(), "invalid targetRef.Namespace") { - subT.Fatalf(`rlp.Validate() did not return expected error. Instead: %v`, err) - } - }) -} - func TestRateLimitPolicyListGetItems(t *testing.T) { list := &RateLimitPolicyList{} if len(list.GetItems()) != 0 { diff --git a/api/v1beta2/zz_generated.deepcopy.go b/api/v1beta2/zz_generated.deepcopy.go index 754c8b45a..3ca4e42ef 100644 --- a/api/v1beta2/zz_generated.deepcopy.go +++ b/api/v1beta2/zz_generated.deepcopy.go @@ -139,7 +139,7 @@ func (in *AuthPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AuthPolicySpec) DeepCopyInto(out *AuthPolicySpec) { *out = *in - in.TargetRef.DeepCopyInto(&out.TargetRef) + out.TargetRef = in.TargetRef if in.Defaults != nil { in, out := &in.Defaults, &out.Defaults *out = new(AuthPolicyCommonSpec) @@ -475,7 +475,7 @@ func (in *RateLimitPolicyList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RateLimitPolicySpec) DeepCopyInto(out *RateLimitPolicySpec) { *out = *in - in.TargetRef.DeepCopyInto(&out.TargetRef) + out.TargetRef = in.TargetRef if in.Defaults != nil { in, out := &in.Defaults, &out.Defaults *out = new(RateLimitPolicyCommonSpec) diff --git a/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml b/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml index 7ec101439..c4b8eae8d 100644 --- a/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml +++ b/bundle/manifests/kuadrant-operator.clusterserviceversion.yaml @@ -106,7 +106,7 @@ metadata: capabilities: Basic Install categories: Integration & Delivery containerImage: quay.io/kuadrant/kuadrant-operator:latest - createdAt: "2024-07-10T15:04:27Z" + createdAt: "2024-07-24T10:00:34Z" operators.operatorframework.io/builder: operator-sdk-v1.32.0 operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 repository: https://github.com/Kuadrant/kuadrant-operator diff --git a/bundle/manifests/kuadrant.io_authpolicies.yaml b/bundle/manifests/kuadrant.io_authpolicies.yaml index 8b449f832..c99d08338 100644 --- a/bundle/manifests/kuadrant.io_authpolicies.yaml +++ b/bundle/manifests/kuadrant.io_authpolicies.yaml @@ -456,11 +456,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1046,11 +1048,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -4758,11 +4762,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -5348,11 +5354,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -9052,11 +9060,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -9639,11 +9649,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -12917,16 +12929,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/bundle/manifests/kuadrant.io_dnspolicies.yaml b/bundle/manifests/kuadrant.io_dnspolicies.yaml index 920954751..e0551e322 100644 --- a/bundle/manifests/kuadrant.io_dnspolicies.yaml +++ b/bundle/manifests/kuadrant.io_dnspolicies.yaml @@ -156,11 +156,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -227,16 +229,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/bundle/manifests/kuadrant.io_kuadrants.yaml b/bundle/manifests/kuadrant.io_kuadrants.yaml index e5fae6bb4..5cb5fd370 100644 --- a/bundle/manifests/kuadrant.io_kuadrants.yaml +++ b/bundle/manifests/kuadrant.io_kuadrants.yaml @@ -106,11 +106,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -138,11 +140,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -155,6 +159,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -199,11 +204,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -231,14 +238,17 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -270,8 +280,9 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list @@ -300,11 +311,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -315,6 +328,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -350,11 +393,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -374,6 +419,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -396,6 +442,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -415,8 +462,9 @@ spec: a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -445,11 +493,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -460,6 +510,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -495,11 +575,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -519,6 +601,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -531,6 +614,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules @@ -558,8 +642,9 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list @@ -588,11 +673,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -603,6 +690,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -638,11 +755,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -662,6 +781,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -684,6 +804,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the anti-affinity requirements specified by this field are not met at @@ -703,8 +824,9 @@ spec: a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -733,11 +855,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -748,6 +872,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -783,11 +937,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -807,6 +963,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -819,6 +976,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object pdb: diff --git a/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml b/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml index 76884d89f..dfa90662a 100644 --- a/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml +++ b/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml @@ -1260,16 +1260,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/bundle/manifests/kuadrant.io_tlspolicies.yaml b/bundle/manifests/kuadrant.io_tlspolicies.yaml index 6121cf16c..7635d670a 100644 --- a/bundle/manifests/kuadrant.io_tlspolicies.yaml +++ b/bundle/manifests/kuadrant.io_tlspolicies.yaml @@ -195,16 +195,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/config/crd/bases/kuadrant.io_authpolicies.yaml b/config/crd/bases/kuadrant.io_authpolicies.yaml index fc4dd9104..bec979ade 100644 --- a/config/crd/bases/kuadrant.io_authpolicies.yaml +++ b/config/crd/bases/kuadrant.io_authpolicies.yaml @@ -455,11 +455,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1045,11 +1047,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -4757,11 +4761,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -5347,11 +5353,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -9051,11 +9059,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -9638,11 +9648,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -12916,16 +12928,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/config/crd/bases/kuadrant.io_dnspolicies.yaml b/config/crd/bases/kuadrant.io_dnspolicies.yaml index d1b90a10f..5da7009e2 100644 --- a/config/crd/bases/kuadrant.io_dnspolicies.yaml +++ b/config/crd/bases/kuadrant.io_dnspolicies.yaml @@ -155,11 +155,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -226,16 +228,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/config/crd/bases/kuadrant.io_kuadrants.yaml b/config/crd/bases/kuadrant.io_kuadrants.yaml index 44c899c15..3a8aa044b 100644 --- a/config/crd/bases/kuadrant.io_kuadrants.yaml +++ b/config/crd/bases/kuadrant.io_kuadrants.yaml @@ -104,11 +104,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -136,11 +138,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -153,6 +157,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -197,11 +202,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: description: A list of node selector requirements by node's fields. @@ -229,14 +236,17 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -268,8 +278,9 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list @@ -298,11 +309,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -313,6 +326,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -348,11 +391,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -372,6 +417,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -394,6 +440,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the affinity requirements specified by this field are not met at @@ -413,8 +460,9 @@ spec: a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -443,11 +491,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -458,6 +508,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -493,11 +573,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -517,6 +599,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -529,6 +612,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules @@ -556,8 +640,9 @@ spec: with the corresponding weight. properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list @@ -586,11 +671,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -601,6 +688,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -636,11 +753,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -660,6 +779,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -682,6 +802,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: description: |- If the anti-affinity requirements specified by this field are not met at @@ -701,8 +822,9 @@ spec: a pod of the set of pods is running properties: labelSelector: - description: A label query over a set of resources, - in this case pods. + description: |- + A label query over a set of resources, in this case pods. + If it's null, this PodAffinityTerm matches with no Pods. properties: matchExpressions: description: matchExpressions is a list of label @@ -731,11 +853,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -746,6 +870,36 @@ spec: type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + description: |- + MatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both matchLabelKeys and labelSelector. + Also, matchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: |- + MismatchLabelKeys is a set of pod label keys to select which pods will + be taken into consideration. The keys are used to lookup values from the + incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + to select the group of existing pods which pods will be taken into consideration + for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + pod labels will be ignored. The default value is empty. + The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: description: |- A label query over the set of namespaces that the term applies to. @@ -781,11 +935,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -805,6 +961,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: description: |- This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching @@ -817,6 +974,7 @@ spec: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object pdb: diff --git a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml index 95cebf811..35a23e824 100644 --- a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml +++ b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml @@ -1259,16 +1259,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/config/crd/bases/kuadrant.io_tlspolicies.yaml b/config/crd/bases/kuadrant.io_tlspolicies.yaml index f49c41b8e..a26086554 100644 --- a/config/crd/bases/kuadrant.io_tlspolicies.yaml +++ b/config/crd/bases/kuadrant.io_tlspolicies.yaml @@ -194,16 +194,6 @@ spec: maxLength: 253 minLength: 1 type: string - namespace: - description: |- - Namespace is the namespace of the referent. When unspecified, the local - namespace is inferred. Even when policy targets a resource in a different - namespace, it MUST only apply to traffic originating from the same - namespace as the policy. - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - type: string required: - group - kind diff --git a/config/dependencies/gateway-api/kustomization.yaml b/config/dependencies/gateway-api/kustomization.yaml index 2ebe6d402..2204a3b03 100644 --- a/config/dependencies/gateway-api/kustomization.yaml +++ b/config/dependencies/gateway-api/kustomization.yaml @@ -1,3 +1,3 @@ --- resources: -- github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.0.0 +- github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.1.0 diff --git a/controllers/authpolicy_controller.go b/controllers/authpolicy_controller.go index f1f48b4f7..98947593e 100644 --- a/controllers/authpolicy_controller.go +++ b/controllers/authpolicy_controller.go @@ -139,10 +139,6 @@ func (r *AuthPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl.Requ // validate performs validation before proceeding with the reconcile loop, returning a common.ErrInvalid on any failing validation func (r *AuthPolicyReconciler) validate(ap *api.AuthPolicy, targetNetworkObject client.Object) error { - if err := ap.Validate(); err != nil { - return kuadrant.NewErrInvalid(ap.Kind(), err) - } - if err := kuadrant.ValidateHierarchicalRules(ap, targetNetworkObject); err != nil { return kuadrant.NewErrInvalid(ap.Kind(), err) } diff --git a/controllers/authpolicy_istio_authorizationpolicy.go b/controllers/authpolicy_istio_authorizationpolicy.go index 5cc52ccea..14ff12b16 100644 --- a/controllers/authpolicy_istio_authorizationpolicy.go +++ b/controllers/authpolicy_istio_authorizationpolicy.go @@ -170,7 +170,7 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap } // IstioAuthorizationPolicyName generates the name of an AuthorizationPolicy. -func IstioAuthorizationPolicyName(gwName string, targetRef gatewayapiv1alpha2.PolicyTargetReference) string { +func IstioAuthorizationPolicyName(gwName string, targetRef gatewayapiv1alpha2.LocalPolicyTargetReference) string { switch targetRef.Kind { case "Gateway": return fmt.Sprintf("on-%s", gwName) // Without this, IAP will be named: on--using-; diff --git a/controllers/dnspolicy_controller.go b/controllers/dnspolicy_controller.go index d4712c335..5f07f96fb 100644 --- a/controllers/dnspolicy_controller.go +++ b/controllers/dnspolicy_controller.go @@ -129,12 +129,6 @@ func (r *DNSPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( } func (r *DNSPolicyReconciler) reconcileResources(ctx context.Context, dnsPolicy *v1alpha1.DNSPolicy, targetNetworkObject client.Object) error { - // validate - err := dnsPolicy.Validate() - if err != nil { - return err - } - // reconcile based on gateway diffs gatewayDiffObj, err := reconcilers.ComputeGatewayDiffs(ctx, r.Client(), dnsPolicy, targetNetworkObject) if err != nil { diff --git a/controllers/httprouteparentrefs_eventmapper.go b/controllers/httprouteparentrefs_eventmapper.go index d533ea6ce..410b43882 100644 --- a/controllers/httprouteparentrefs_eventmapper.go +++ b/controllers/httprouteparentrefs_eventmapper.go @@ -5,6 +5,7 @@ import ( "fmt" "github.com/go-logr/logr" + "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" @@ -69,11 +70,8 @@ func (m *HTTPRouteParentRefsEventMapper) mapToPolicyRequest(obj client.Object, p if !kuadrantgatewayapi.IsTargetRefGateway(targetRef) { continue } - targetRefNamespace := targetRef.Namespace - if targetRefNamespace == nil { - ns := gatewayapiv1.Namespace(policy.GetNamespace()) - targetRefNamespace = &ns - } + targetRefNamespace := ptr.To(policy.GetWrappedNamespace()) + if *parentRefNamespace == *targetRefNamespace && parentRef.Name == targetRef.Name { obj, _ := policy.(client.Object) requests = append(requests, reconcile.Request{NamespacedName: client.ObjectKeyFromObject(obj)}) diff --git a/controllers/ratelimitpolicy_controller.go b/controllers/ratelimitpolicy_controller.go index 1cbd2efea..44dd477c6 100644 --- a/controllers/ratelimitpolicy_controller.go +++ b/controllers/ratelimitpolicy_controller.go @@ -154,10 +154,6 @@ func (r *RateLimitPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl // validate performs validation before proceeding with the reconcile loop, returning a common.ErrInvalid on failing validation func (r *RateLimitPolicyReconciler) validate(rlp *kuadrantv1beta2.RateLimitPolicy, targetNetworkObject client.Object) error { - if err := rlp.Validate(); err != nil { - return kuadrant.NewErrInvalid(rlp.Kind(), err) - } - if err := kuadrant.ValidateHierarchicalRules(rlp, targetNetworkObject); err != nil { return kuadrant.NewErrInvalid(rlp.Kind(), err) } diff --git a/controllers/target_status_controller.go b/controllers/target_status_controller.go index 03ffbb44d..4e65693c9 100644 --- a/controllers/target_status_controller.go +++ b/controllers/target_status_controller.go @@ -427,5 +427,5 @@ func PolicyAffectedConditionType(policyKind string) string { func targetRefKey(policy kuadrantgatewayapi.Policy) string { targetRef := policy.GetTargetRef() - return fmt.Sprintf("%s.%s/%s/%s", targetRef.Group, targetRef.Kind, ptr.Deref(targetRef.Namespace, gatewayapiv1.Namespace(policy.GetNamespace())), targetRef.Name) + return fmt.Sprintf("%s.%s/%s/%s", targetRef.Group, targetRef.Kind, gatewayapiv1.Namespace(policy.GetNamespace()), targetRef.Name) } diff --git a/controllers/tlspolicy_controller.go b/controllers/tlspolicy_controller.go index d310e7252..d43328b01 100644 --- a/controllers/tlspolicy_controller.go +++ b/controllers/tlspolicy_controller.go @@ -135,13 +135,7 @@ func (r *TLSPolicyReconciler) Reconcile(ctx context.Context, req ctrl.Request) ( } func (r *TLSPolicyReconciler) reconcileResources(ctx context.Context, tlsPolicy *v1alpha1.TLSPolicy, targetNetworkObject client.Object) error { - // validate - err := tlsPolicy.Validate() - if err != nil { - return err - } - - err = validateIssuer(ctx, r.Client(), tlsPolicy) + err := validateIssuer(ctx, r.Client(), tlsPolicy) if err != nil { return err } diff --git a/controllers/tlspolicy_status_test.go b/controllers/tlspolicy_status_test.go index e0fb8cc74..3e11ea699 100644 --- a/controllers/tlspolicy_status_test.go +++ b/controllers/tlspolicy_status_test.go @@ -55,7 +55,7 @@ func TestTLSPolicyReconciler_enforcedCondition(t *testing.T) { Name: issuerName, }, }, - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Name: gwName, }, }, diff --git a/doc/reference/authpolicy.md b/doc/reference/authpolicy.md index 473b09980..4006617a2 100644 --- a/doc/reference/authpolicy.md +++ b/doc/reference/authpolicy.md @@ -27,7 +27,7 @@ | **Field** | **Type** | **Required** | **Description** | |------------------|---------------------------------------------------------------------------------------------------------------------------------------------|--------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `targetRef` | [PolicyTargetReference](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.PolicyTargetReference) | Yes | Reference to a Kuberentes resource that the policy attaches to | +| `targetRef` | [LocalPolicyTargetReference](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReference) | Yes | Reference to a Kubernetes resource that the policy attaches to | | `rules` | [AuthScheme](#authscheme) | No | Implicit default authentication/authorization rules | | `routeSelectors` | [][RouteSelector](route-selectors.md#routeselector) | No | List of implicit default selectors of HTTPRouteRules whose matching rules activate the policy. At least one HTTPRouteRule must be selected to activate the policy. If omitted, all HTTPRouteRules of the targeted HTTPRoute activate the policy. Do not use it in policies targeting a Gateway. | | `patterns` | Map | No | Implicit default named patterns of lists of `selector`, `operator` and `value` tuples, to be reused in `when` conditions and pattern-matching authorization rules. | diff --git a/doc/reference/dnspolicy.md b/doc/reference/dnspolicy.md index 3813b4641..f778bd28f 100644 --- a/doc/reference/dnspolicy.md +++ b/doc/reference/dnspolicy.md @@ -21,7 +21,7 @@ | **Field** | **Type** | **Required** | **Description** | |-------------------|-----------------------------------------------------------------------------------------------------------------------------------|:----------------------:|---------------------------------------------------------------------------| -| `targetRef` | [Gateway API PolicyTargetReference](https://gateway-api.sigs.k8s.io/geps/gep-713/?h=policytargetreference#policy-targetref-api) | Yes | Reference to a Kubernetes resource that the policy attaches to | +| `targetRef` | [Gateway API LocalPolicyTargetReference](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReference) | Yes | Reference to a Kubernetes resource that the policy attaches to | | `healthCheck` | [HealthCheckSpec](#healthcheckspec) | No | HealthCheck spec | | `loadBalancing` | [LoadBalancingSpec](#loadbalancingspec) | Yes(loadbalanced only) | LoadBalancing Spec, required when routingStrategy is "loadbalanced" | | `routingStrategy` | String (immutable) | Yes | **Immutable!** Routing Strategy to use, one of "simple" or "loadbalanced" | diff --git a/doc/reference/ratelimitpolicy.md b/doc/reference/ratelimitpolicy.md index 72403cb1c..6a6c98744 100644 --- a/doc/reference/ratelimitpolicy.md +++ b/doc/reference/ratelimitpolicy.md @@ -20,7 +20,7 @@ | **Field** | **Type** | **Required** | **Description** | |-------------|---------------------------------------------------------------------------------------------------------------------------------------------|--------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `targetRef` | [PolicyTargetReference](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1alpha2.PolicyTargetReference) | Yes | Reference to a Kubernetes resource that the policy attaches to | +| `targetRef` | [LocalPolicyTargetReference](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReference) | Yes | Reference to a Kubernetes resource that the policy attaches to | | `defaults` | [RateLimitPolicyCommonSpec](#rateLimitPolicyCommonSpec) | No | Default limit definitions. This field is mutually exclusive with the `limits` field | | `overrides` | [RateLimitPolicyCommonSpec](#rateLimitPolicyCommonSpec) | No | Overrides limit definitions. This field is mutually exclusive with the `limits` field and `defaults` field. This field is only allowed for policies targeting `Gateway` in `targetRef.kind` | | `limits` | Map | No | Limit definitions. This field is mutually exclusive with the [`defaults`](#rateLimitPolicyCommonSpec) field | diff --git a/doc/reference/tlspolicy.md b/doc/reference/tlspolicy.md index f2ce44162..6541a00e3 100644 --- a/doc/reference/tlspolicy.md +++ b/doc/reference/tlspolicy.md @@ -15,7 +15,7 @@ | **Field** | **Type** | **Required** | **Description** | |------------------------|----------------------------------------------------------------------------------------------------------------------------------------------|:------------:|--------------------------------------------------------------------------------------------------------------------------------------------------| -| `targetRef` | [Gateway API PolicyTargetReference](https://gateway-api.sigs.k8s.io/geps/gep-713/?h=policytargetreference#policy-targetref-api) | Yes | Reference to a Kuberentes resource that the policy attaches to | +| `targetRef` | [Gateway API LocalPolicyTargetReference](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReference) | Yes | Reference to a Kuberentes resource that the policy attaches to | | `issuerRef` | [CertManager meta/v1.ObjectReference](https://cert-manager.io/v1.13-docs/reference/api-docs/#meta.cert-manager.io/v1.ObjectReference) | Yes | IssuerRef is a reference to the issuer for the created certificate | | `commonName` | String | No | CommonName is a common name to be used on the created certificate | | `duration` | [Kubernetes meta/v1.Duration](https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration) | No | The requested 'duration' (i.e. lifetime) of the created certificate. | diff --git a/go.mod b/go.mod index 90927fc1e..8c1d301e7 100644 --- a/go.mod +++ b/go.mod @@ -1,39 +1,39 @@ module github.com/kuadrant/kuadrant-operator -go 1.22 +go 1.22.0 require ( github.com/cert-manager/cert-manager v1.12.1 github.com/elliotchance/orderedmap/v2 v2.2.0 - github.com/go-logr/logr v1.3.0 + github.com/go-logr/logr v1.4.1 github.com/google/go-cmp v0.6.0 - github.com/google/uuid v1.4.0 + github.com/google/uuid v1.6.0 github.com/kuadrant/authorino v0.17.2 github.com/kuadrant/authorino-operator v0.11.1 github.com/kuadrant/dns-operator v0.0.0-20240628144227-b2b1f9409766 github.com/kuadrant/limitador-operator v0.9.0 github.com/martinlindhe/base36 v1.1.1 - github.com/onsi/ginkgo/v2 v2.13.2 - github.com/onsi/gomega v1.30.0 + github.com/onsi/ginkgo/v2 v2.17.1 + github.com/onsi/gomega v1.32.0 github.com/prometheus/client_golang v1.19.1 github.com/samber/lo v1.39.0 go.uber.org/zap v1.26.0 - golang.org/x/net v0.23.0 + golang.org/x/net v0.24.0 google.golang.org/protobuf v1.33.0 gotest.tools v2.2.0+incompatible istio.io/api v1.20.0 istio.io/client-go v1.20.0 - istio.io/istio v0.0.0-20231214021131-8c74063ea7ab - k8s.io/api v0.28.4 - k8s.io/apiextensions-apiserver v0.28.4 - k8s.io/apimachinery v0.28.4 - k8s.io/client-go v0.28.4 - k8s.io/klog/v2 v2.110.1 - k8s.io/utils v0.0.0-20240310230437-4693a0247e57 - maistra.io/istio-operator v0.0.0-20231214211859-76e404c8df41 - sigs.k8s.io/controller-runtime v0.16.3 + istio.io/istio v0.0.0-20240208010324-ffed2074bd92 + k8s.io/api v0.30.0 + k8s.io/apiextensions-apiserver v0.30.0 + k8s.io/apimachinery v0.30.0 + k8s.io/client-go v0.30.0 + k8s.io/klog/v2 v2.120.1 + k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 + maistra.io/istio-operator v0.0.0-20240217080932-98753cb28cd7 + sigs.k8s.io/controller-runtime v0.18.0 sigs.k8s.io/external-dns v0.14.0 - sigs.k8s.io/gateway-api v1.0.1-0.20231204134048-c7da42e6eafc + sigs.k8s.io/gateway-api v1.1.0 ) require ( @@ -55,16 +55,16 @@ require ( github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/distribution/reference v0.5.0 // indirect - github.com/docker/cli v24.0.7+incompatible // indirect + github.com/docker/cli v25.0.1+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/docker v24.0.9+incompatible // indirect - github.com/docker/docker-credential-helpers v0.8.0 // indirect + github.com/docker/docker-credential-helpers v0.8.1 // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/go-units v0.5.0 // indirect - github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v5.7.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.7.0 // indirect + github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/evanphx/json-patch v5.9.0+incompatible // indirect + github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect github.com/fatih/color v1.16.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect @@ -72,21 +72,22 @@ require ( github.com/go-errors/errors v1.5.1 // indirect github.com/go-gorp/gorp/v3 v3.1.0 // indirect github.com/go-logr/stdr v1.2.2 // indirect - github.com/go-logr/zapr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.20.0 // indirect - github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.4 // indirect + github.com/go-logr/zapr v1.3.0 // indirect + github.com/go-openapi/jsonpointer v0.21.0 // indirect + github.com/go-openapi/jsonreference v0.21.0 // indirect + github.com/go-openapi/swag v0.23.0 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect - github.com/golang/protobuf v1.5.3 // indirect + github.com/golang/protobuf v1.5.4 // indirect github.com/google/btree v1.1.2 // indirect github.com/google/gnostic-models v0.6.8 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20231205033806-a5a03c77bf08 // indirect + github.com/google/pprof v0.0.0-20240125082051-42cd04596328 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/gorilla/mux v1.8.1 // indirect + github.com/gorilla/websocket v1.5.1 // indirect github.com/gosuri/uitable v0.0.4 // indirect github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect @@ -117,6 +118,7 @@ require ( github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect github.com/morikuni/aec v1.0.0 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc5 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect @@ -124,7 +126,7 @@ require ( github.com/prometheus/client_model v0.5.0 // indirect github.com/prometheus/common v0.48.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect - github.com/rivo/uniseg v0.4.4 // indirect + github.com/rivo/uniseg v0.4.6 // indirect github.com/rubenv/sql-migrate v1.5.2 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/shopspring/decimal v1.3.1 // indirect @@ -139,45 +141,44 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xlab/treeprint v1.2.0 // indirect - go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 // indirect - go.opentelemetry.io/otel v1.21.0 // indirect - go.opentelemetry.io/otel/metric v1.21.0 // indirect - go.opentelemetry.io/otel/trace v1.21.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 // indirect + go.opentelemetry.io/otel v1.22.0 // indirect + go.opentelemetry.io/otel/metric v1.22.0 // indirect + go.opentelemetry.io/otel/trace v1.22.0 // indirect go.starlark.net v0.0.0-20231121155337-90ade8b19d09 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/crypto v0.21.0 // indirect - golang.org/x/exp v0.0.0-20231127185646-65229373498e // indirect - golang.org/x/oauth2 v0.16.0 // indirect - golang.org/x/sync v0.5.0 // indirect - golang.org/x/sys v0.18.0 // indirect - golang.org/x/term v0.18.0 // indirect + golang.org/x/crypto v0.22.0 // indirect + golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect + golang.org/x/oauth2 v0.19.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.19.0 // indirect + golang.org/x/term v0.19.0 // indirect golang.org/x/text v0.14.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.16.0 // indirect + golang.org/x/tools v0.20.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/appengine v1.6.8 // indirect - google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 // indirect - google.golang.org/grpc v1.59.0 // indirect + google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de // indirect + google.golang.org/grpc v1.63.2 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - helm.sh/helm/v3 v3.13.2 // indirect - k8s.io/apiserver v0.28.4 // indirect - k8s.io/cli-runtime v0.28.4 // indirect - k8s.io/component-base v0.28.4 // indirect - k8s.io/kube-openapi v0.0.0-20231129212854-f0671cc7e66a // indirect - k8s.io/kubectl v0.28.4 // indirect + helm.sh/helm/v3 v3.14.0 // indirect + k8s.io/apiserver v0.30.0 // indirect + k8s.io/cli-runtime v0.29.1 // indirect + k8s.io/component-base v0.30.0 // indirect + k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 // indirect + k8s.io/kubectl v0.29.1 // indirect oras.land/oras-go v1.2.4 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect - sigs.k8s.io/kustomize/kyaml v0.15.0 // indirect + sigs.k8s.io/kustomize/kyaml v0.16.0 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) -replace maistra.io/istio-operator => github.com/maistra/istio-operator v0.0.0-20231214211859-76e404c8df41 +replace maistra.io/istio-operator => github.com/maistra/istio-operator v0.0.0-20240217080932-98753cb28cd7 replace github.com/imdario/mergo => dario.cat/mergo v0.3.5 diff --git a/go.sum b/go.sum index a21e6b856..9e0ae33a3 100644 --- a/go.sum +++ b/go.sum @@ -34,7 +34,6 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= @@ -66,7 +65,6 @@ github.com/containerd/continuity v0.4.2/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I= github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= @@ -81,14 +79,14 @@ github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aB github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI= github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0= github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg= -github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v25.0.1+incompatible h1:mFpqnrS6Hsm3v1k7Wa/BO23oz0k121MTbTO1lpcGSkU= +github.com/docker/cli v25.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v24.0.9+incompatible h1:HPGzNmwfLZWdxHqK9/II92pyi1EpYKsAqcl4G0Of9v0= github.com/docker/docker v24.0.9+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= -github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8= -github.com/docker/docker-credential-helpers v0.8.0/go.mod h1:UGFXcuoQ5TxPiB54nHOZ32AWRqQdECoh/Mg0AlEYb40= +github.com/docker/docker-credential-helpers v0.8.1 h1:j/eKUktUltBtMzKqmfLB0PAgqYyMHOp5vfsD1807oKo= +github.com/docker/docker-credential-helpers v0.8.1/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c h1:+pKlWGMw7gf6bQ+oDZB4KHQFypsfjYlq/C4rfL7D3g8= @@ -101,16 +99,16 @@ github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 h1:ZClxb8laGDf5arX github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= github.com/elliotchance/orderedmap/v2 v2.2.0 h1:7/2iwO98kYT4XkOjA9mBEIwvi4KpGB4cyHeOFOnj4Vk= github.com/elliotchance/orderedmap/v2 v2.2.0/go.mod h1:85lZyVbpGaGvHvnKa7Qhx7zncAdBIBq6u56Hb1PRU5Q= -github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= -github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/envoyproxy/go-control-plane v0.11.2-0.20231209013151-42a65e415d60 h1:H1n/2fVp1CJchlmq2+ETQL7hD8JTnNgfwGY06i3rNn4= -github.com/envoyproxy/go-control-plane v0.11.2-0.20231209013151-42a65e415d60/go.mod h1:RcMvamiwQuntyVOp5brrKC4qK2pylAw/v4BQEdo4FU4= -github.com/envoyproxy/protoc-gen-validate v1.0.2 h1:QkIBuU5k+x7/QXPvPPnWXWlCdaBFApVqftFV6k087DA= -github.com/envoyproxy/protoc-gen-validate v1.0.2/go.mod h1:GpiZQP3dDbg4JouG/NNS7QWXpgx6x8QiMKdmN72jogE= -github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= -github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= -github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= +github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/envoyproxy/go-control-plane v0.12.1-0.20240202001849-656bed747258 h1:PL88OYv87Y9v9e9snibPx72PYcyWy0fyARABSJ5+5FQ= +github.com/envoyproxy/go-control-plane v0.12.1-0.20240202001849-656bed747258/go.mod h1:lFu6itz1hckLR2A3aJ+ZKf3lu8HpjTsJSsqvVF6GL6g= +github.com/envoyproxy/protoc-gen-validate v1.0.4 h1:gVPz/FMfvh57HdSJQyvBtF00j8JU4zdyUgIUNhlgg0A= +github.com/envoyproxy/protoc-gen-validate v1.0.4/go.mod h1:qys6tmnRsYrQqIhm2bvKZH4Blx/1gTIZ2UKVY1M+Yew= +github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= +github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= +github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= @@ -131,21 +129,18 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= -github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= -github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= -github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= -github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= -github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= -github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= -github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= -github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= +github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= +github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= +github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY= +github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF2+tg1TRrwQ= +github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= +github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= +github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -169,38 +164,37 @@ github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4er github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= -github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= +github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/gomodule/redigo v1.8.2 h1:H5XSIre1MB5NbPYFp+i1NBbb5qN1W8Y8YAQoAYbkm8k= github.com/gomodule/redigo v1.8.2/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0= github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= -github.com/google/cel-go v0.16.1 h1:3hZfSNiAU3KOiNtxuFXVp5WFy4hf/Ly3Sa4/7F8SXNo= -github.com/google/cel-go v0.16.1/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= +github.com/google/cel-go v0.17.8 h1:j9m730pMZt1Fc4oKhCLUHfjj6527LuhYcYw0Rl8gqto= +github.com/google/cel-go v0.17.8/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20231205033806-a5a03c77bf08 h1:PxlBVtIFHR/mtWk2i0gTEdCz+jBnqiuHNSki0epDbVs= -github.com/google/pprof v0.0.0-20231205033806-a5a03c77bf08/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20240125082051-42cd04596328 h1:oI+lCI2DY1BsRrdzMJBhIMxBBdlZJl31YNQC11EiyvA= +github.com/google/pprof v0.0.0-20240125082051-42cd04596328/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= -github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/handlers v1.5.1 h1:9lRY6j8DEeeBT10CvO9hGW0gmky0BprnvDI5vfhUHH4= github.com/gorilla/handlers v1.5.1/go.mod h1:t8XrUpc4KVXb7HGyJ4/cEnwQiaxrX/hz1Zv/4g96P1Q= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= +github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/gosuri/uitable v0.0.4 h1:IG2xLKRvErL3uhY6e1BylFzG+aJiwQviDDTfOKeKTpY= github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= github.com/grafana/regexp v0.0.0-20221122212121-6b5c0a4cb7fd h1:PpuIBO5P3e9hpqBD0O/HjhShYuM6XE0i/lbE6J94kww= @@ -238,12 +232,8 @@ github.com/klauspost/compress v1.17.4 h1:Ej5ixsIri7BrIjBkRZLTo6ghwrEtHFk7ijlczPW github.com/klauspost/compress v1.17.4/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kuadrant/authorino v0.17.2 h1:UgWH4NY/n36IhoaU+ELUkoujaly1/9sx5mHY5vUrPOc= @@ -268,8 +258,8 @@ github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZ github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx v1.2.27 h1:cvnTnda/YzdyFuWdEAMkI6BsLtItSrASEVCI3C/IUEQ= -github.com/lestrrat-go/jwx v1.2.27/go.mod h1:Stob9LjSqR3lOmNdxF0/TvZo60V3hUGv8Fr7Bwzla3k= +github.com/lestrrat-go/jwx v1.2.28 h1:uadI6o0WpOVrBSf498tRXZIwPpEtLnR9CvqPFXeI5sA= +github.com/lestrrat-go/jwx v1.2.28/go.mod h1:nF+91HEMh/MYFVwKPl5HHsBGMPscqbQb+8IDQdIazP8= github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= @@ -279,8 +269,8 @@ github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhn github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/maistra/istio-operator v0.0.0-20231214211859-76e404c8df41 h1:ihBNQRjbQxzSzSKVIJivoME371XMbrxYTk/Zq7tYohs= -github.com/maistra/istio-operator v0.0.0-20231214211859-76e404c8df41/go.mod h1:647w84PGqHJZFBvik6DtvFSf7MjGG8U2U/+GGc30D8A= +github.com/maistra/istio-operator v0.0.0-20240217080932-98753cb28cd7 h1:hb04aN5i9DRUXBQ1SuU+p006IGgaqqDQY1/8vzAUvY4= +github.com/maistra/istio-operator v0.0.0-20240217080932-98753cb28cd7/go.mod h1:E/Qq7Lq+C43qZ8G3XSEDgDc2qMjZdKx8Er0jdAK1fKE= github.com/markbates/errx v1.1.0 h1:QDFeR+UP95dO12JgW+tgi2UVfo0V8YBHiUIOaeBPiEI= github.com/markbates/errx v1.1.0/go.mod h1:PLa46Oex9KNbVDZhKel8v1OT7hD5JZ2eI7AHhA0wswc= github.com/markbates/oncer v1.0.0 h1:E83IaVAHygyndzPimgUYJjbshhDTALZyXxvk9FOlQRY= @@ -300,8 +290,8 @@ github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOjvxI= github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM= -github.com/miekg/dns v1.1.57/go.mod h1:uqRjCRUuEAA6qsOiJvDd+CFo/vW+y5WR6SNmHE55hZk= +github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= +github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= @@ -334,10 +324,12 @@ github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7P github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= -github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= +github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= +github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= +github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= +github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk= +github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc5 h1:Ygwkfw9bpDvs+c9E34SdgGOj41dX/cbdlwvlWt0pnFI= @@ -347,9 +339,10 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI= github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/planetscale/vtprotobuf v0.6.0 h1:nBeETjudeJ5ZgBHUz1fVHvbqUKnYOXNhsIEabROxmNA= +github.com/planetscale/vtprotobuf v0.6.0/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -373,13 +366,13 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= -github.com/prometheus/prometheus v0.48.0 h1:yrBloImGQ7je4h8M10ujGh4R6oxYQJQKlMuETwNskGk= -github.com/prometheus/prometheus v0.48.0/go.mod h1:SRw624aMAxTfryAcP8rOjg4S/sHHaetx2lyJJ2nM83g= +github.com/prometheus/prometheus v0.49.1 h1:90mDvjrFnca2m+0qPSIDr3y7iHPTAagOAElz7j+HtGk= +github.com/prometheus/prometheus v0.49.1/go.mod h1:aDogiyqmv3aBIWDb5z5Sdcxuuf2BOfiJwOIm9JGpMnI= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= -github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= -github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= -github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= -github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA= +github.com/rivo/uniseg v0.4.6 h1:Sovz9sDSwbOz9tgUy8JpT+KgCkPYJEN/oYzlJiYTNLg= +github.com/rivo/uniseg v0.4.6/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= +github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= +github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/rubenv/sql-migrate v1.5.2 h1:bMDqOnrJVV/6JQgQ/MxOpU+AdO8uzYYA/TxFUBzFtS0= github.com/rubenv/sql-migrate v1.5.2/go.mod h1:H38GW8Vqf8F0Su5XignRyaRcbXbJunSWxs+kmzlg0Is= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= @@ -405,19 +398,15 @@ github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AV github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.1 h1:4VhoImhV/Bm0ToFkXFi8hXNXwpDRZ/ynw3amt82mzq0= +github.com/stretchr/objx v0.5.1/go.mod h1:/iHQpkQwBD6DLUmQ4pE+s1TXdob1mORJ4/UFdrifcy0= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= -github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/tidwall/gjson v1.14.0 h1:6aeJ0bzojgWLa82gDQHcx3S0Lr/O51I9bJ5nv6JFx5w= github.com/tidwall/gjson v1.14.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= @@ -435,7 +424,6 @@ github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 h1:+lm10QQTNSBd8DVTNGHx7o/IKu9HYDvLMffDhbyLccI= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= @@ -445,34 +433,30 @@ github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f h1 github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1 h1:aFJWCqJMNjENlcleuuOkGAPH82y0yULBScfXcIEdS24= -go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.46.1/go.mod h1:sEGXWArGqc3tVa+ekntsN65DmVbVeW+7lTKTjZF3/Fo= -go.opentelemetry.io/otel v1.21.0 h1:hzLeKBZEL7Okw2mGzZ0cc4k/A7Fta0uoPgaJCr8fsFc= -go.opentelemetry.io/otel v1.21.0/go.mod h1:QZzNPQPm1zLX4gZK4cMi+71eaorMSGT3A4znnUvNNEo= -go.opentelemetry.io/otel/exporters/prometheus v0.44.0 h1:08qeJgaPC0YEBu2PQMbqU3rogTlyzpjhCI2b58Yn00w= -go.opentelemetry.io/otel/exporters/prometheus v0.44.0/go.mod h1:ERL2uIeBtg4TxZdojHUwzZfIFlUIjZtxubT5p4h1Gjg= -go.opentelemetry.io/otel/metric v1.21.0 h1:tlYWfeo+Bocx5kLEloTjbcDwBuELRrIFxwdQ36PlJu4= -go.opentelemetry.io/otel/metric v1.21.0/go.mod h1:o1p3CA8nNHW8j5yuQLdc1eeqEaPfzug24uvsyIEJRWM= -go.opentelemetry.io/otel/sdk v1.21.0 h1:FTt8qirL1EysG6sTQRZ5TokkU8d0ugCj8htOgThZXQ8= -go.opentelemetry.io/otel/sdk v1.21.0/go.mod h1:Nna6Yv7PWTdgJHVRD9hIYywQBRx7pbox6nwBnZIxl/E= -go.opentelemetry.io/otel/sdk/metric v1.21.0 h1:smhI5oD714d6jHE6Tie36fPx4WDFIg+Y6RfAY4ICcR0= -go.opentelemetry.io/otel/sdk/metric v1.21.0/go.mod h1:FJ8RAsoPGv/wYMgBdUJXOm+6pzFY3YdljnXtv1SBE8Q= -go.opentelemetry.io/otel/trace v1.21.0 h1:WD9i5gzvoUPuXIXH24ZNBudiarZDKuekPqi/E8fpfLc= -go.opentelemetry.io/otel/trace v1.21.0/go.mod h1:LGbsEB0f9LGjN+OZaQQ26sohbOmiMR+BaslueVtS/qQ= -go.opentelemetry.io/proto/otlp v1.0.0 h1:T0TX0tmXU8a3CbNXzEKGeU5mIVOdf0oykP+u2lIVU/I= -go.opentelemetry.io/proto/otlp v1.0.0/go.mod h1:Sy6pihPLfYHkr3NkUbEhGHFhINUSI/v80hjKIs5JXpM= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 h1:sv9kVfal0MK0wBMCOGr+HeJm9v803BkJxGrk2au7j08= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0/go.mod h1:SK2UL73Zy1quvRPonmOmRDiWk1KBV3LyIeeIxcEApWw= +go.opentelemetry.io/otel v1.22.0 h1:xS7Ku+7yTFvDfDraDIJVpw7XPyuHlB9MCiqqX5mcJ6Y= +go.opentelemetry.io/otel v1.22.0/go.mod h1:eoV4iAi3Ea8LkAEI9+GFT44O6T/D0GWAVFyZVCC6pMI= +go.opentelemetry.io/otel/exporters/prometheus v0.45.0 h1:BeIK2KGho0oCWa7LxEGSqfDZbs7Fpv/Viz+FS4P8CXE= +go.opentelemetry.io/otel/exporters/prometheus v0.45.0/go.mod h1:UVJZPLnfDSvHj+eJuZE+E1GjIBD267mEMfAAHJdghWg= +go.opentelemetry.io/otel/metric v1.22.0 h1:lypMQnGyJYeuYPhOM/bgjbFM6WE44W1/T45er4d8Hhg= +go.opentelemetry.io/otel/metric v1.22.0/go.mod h1:evJGjVpZv0mQ5QBRJoBF64yMuOf4xCWdXjK8pzFvliY= +go.opentelemetry.io/otel/sdk v1.22.0 h1:6coWHw9xw7EfClIC/+O31R8IY3/+EiRFHevmHafB2Gw= +go.opentelemetry.io/otel/sdk v1.22.0/go.mod h1:iu7luyVGYovrRpe2fmj3CVKouQNdTOkxtLzPvPz1DOc= +go.opentelemetry.io/otel/sdk/metric v1.22.0 h1:ARrRetm1HCVxq0cbnaZQlfwODYJHo3gFL8Z3tSmHBcI= +go.opentelemetry.io/otel/sdk/metric v1.22.0/go.mod h1:KjQGeMIDlBNEOo6HvjhxIec1p/69/kULDcp4gr0oLQQ= +go.opentelemetry.io/otel/trace v1.22.0 h1:Hg6pPujv0XG9QaVbGOBVHunyuLcCC3jN7WEhPx83XD0= +go.opentelemetry.io/otel/trace v1.22.0/go.mod h1:RbbHXVqKES9QhzZq/fE5UnOSILqRt40a21sPw2He1xo= +go.opentelemetry.io/proto/otlp v1.1.0 h1:2Di21piLrCqJ3U3eXGCTPHE9R8Nh+0uglSnOyxikMeI= +go.opentelemetry.io/proto/otlp v1.1.0/go.mod h1:GpBHCBWiqvVLDqmHZsoMM3C5ySeKTC7ej/RNTae6MdY= go.starlark.net v0.0.0-20231121155337-90ade8b19d09 h1:hzy3LFnSN8kuQK8h9tHl4ndF6UruMj47OqwqsS+/Ai4= go.starlark.net v0.0.0-20231121155337-90ade8b19d09/go.mod h1:LcLNIzVOMp4oV+uusnpk+VU+SzXaJakUuBjoCSWH5dM= -go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= -go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= -go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= +go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= +go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= @@ -481,41 +465,36 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= -golang.org/x/exp v0.0.0-20231127185646-65229373498e h1:Gvh4YaCaXNs6dKTlfgismwWZKyjVZXwOPfIyUaqU3No= -golang.org/x/exp v0.0.0-20231127185646-65229373498e/go.mod h1:iRJReGqOEeBhDZGkGbynYwcHlctCvnjTYIamk7uXpHI= -golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY= +golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.16.0 h1:aDkGMBSYxElaoP81NpoUoz2oo2R2wHdZpGToUxfyQrQ= -golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= +golang.org/x/oauth2 v0.19.0 h1:9+E/EZBCbTLNrbN35fHv/a/d/mOBatymz1zbtQrXpIg= +golang.org/x/oauth2 v0.19.0/go.mod h1:vYi7skDa1x015PmRRYZ7+s1cWyPgrPiSYRe4rnsexc8= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= -golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -523,8 +502,6 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -533,54 +510,46 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.16.0 h1:GO788SKMRunPIBCXiQyo2AaexLstOrVhuAL5YwsckQM= -golang.org/x/tools v0.16.0/go.mod h1:kYVVN6I1mBNoB1OX+noeBjbRk4IUEPa7JJ+TJMEooJ0= +golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= +golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= -google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4 h1:W12Pwm4urIbRdGhMEg2NM9O3TWKjNcxQhs46V0ypf/k= -google.golang.org/genproto v0.0.0-20231127180814-3a041ad873d4/go.mod h1:5RBcpGRxr25RbDzY5w+dmaqpSEvl8Gwl1x2CICf60ic= -google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4 h1:ZcOkrmX74HbKFYnpPY8Qsw93fC29TbJXspYKaBkSXDQ= -google.golang.org/genproto/googleapis/api v0.0.0-20231127180814-3a041ad873d4/go.mod h1:k2dtGpRrbsSyKcNPKKI5sstZkrNCZwpU/ns96JoHbGg= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4 h1:DC7wcm+i+P1rN3Ff07vL+OndGg5OhNddHyTA+ocPqYE= -google.golang.org/genproto/googleapis/rpc v0.0.0-20231127180814-3a041ad873d4/go.mod h1:eJVxU6o+4G1PSczBr85xmyvSNYAKvAYgkub40YGomFM= -google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk= -google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de h1:F6qOa9AZTYJXOUEr4jDysRDLrm4PHePlge4v4TGAlxY= +google.golang.org/genproto v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:VUhTRKeHn9wwcdrk73nvdC9gF178Tzhmt/qyaFcPLSo= +google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de h1:jFNzHPIeuzhdRwVhbZdiym9q0ory/xY3sA+v2wPg8I0= +google.golang.org/genproto/googleapis/api v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:5iCWqnniDlqZHrd3neWVTOwvh/v6s3232omMecelax8= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de h1:cZGRis4/ot9uVm639a+rHCUaG0JJHEsdyzSQTMX+suY= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240227224415-6ceb2ff114de/go.mod h1:H4O17MA/PE9BsGx3w+a+W2VOLLD1Qf7oJneAoU6WktY= +google.golang.org/grpc v1.63.2 h1:MUeiw1B2maTVZthpU5xvASfTh3LDbxHd6IJ6QQVU+xM= +google.golang.org/grpc v1.63.2/go.mod h1:WAX/8DgncnokcFUldAxq7GeB5DXHDbMF+lLvDomNkRA= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= @@ -599,50 +568,50 @@ gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.5.1 h1:EENdUnS3pdur5nybKYIh2Vfgc8IUNBjxDPSjtiJcOzU= gotest.tools/v3 v3.5.1/go.mod h1:isy3WKz7GK6uNw/sbHzfKBLvlvXwUyV06n6brMxxopU= -helm.sh/helm/v3 v3.13.2 h1:IcO9NgmmpetJODLZhR3f3q+6zzyXVKlRizKFwbi7K8w= -helm.sh/helm/v3 v3.13.2/go.mod h1:GIHDwZggaTGbedevTlrQ6DB++LBN6yuQdeGj0HNaDx0= +helm.sh/helm/v3 v3.14.0 h1:TaZIH6uOchn7L27ptwnnuHJiFrT/BsD4dFdp/HLT2nM= +helm.sh/helm/v3 v3.14.0/go.mod h1:2itvvDv2WSZXTllknfQo6j7u3VVgMAvm8POCDgYH424= istio.io/api v1.20.0 h1:heE1eQoMsuZlwWOf7Xm8TKqKLNKVs11G/zMe5QyR1u4= istio.io/api v1.20.0/go.mod h1:hm1PE/mGdIAsjCDkTIAplP53H7TjO5LUQCiVvF26SVg= istio.io/client-go v1.20.0 h1:TSSv6A4sYvuBtoKOwyuRmBmPwSb4s++lWlh7RB7+7gY= istio.io/client-go v1.20.0/go.mod h1:6D76gZsdjz8JtVeIarUYdOn3WA8Zh+j8fIv2+2K3M+Q= -istio.io/istio v0.0.0-20231214021131-8c74063ea7ab h1:Z9WZx+5y+8V1IyvvQxBYblhXfFaw+HK03fS50GV6RJk= -istio.io/istio v0.0.0-20231214021131-8c74063ea7ab/go.mod h1:7OXYL0JyDpuvnGc3zHALWLuZQo2JDelieECjMpXrXvY= -k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= -k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0= -k8s.io/apiextensions-apiserver v0.28.4 h1:AZpKY/7wQ8n+ZYDtNHbAJBb+N4AXXJvyZx6ww6yAJvU= -k8s.io/apiextensions-apiserver v0.28.4/go.mod h1:pgQIZ1U8eJSMQcENew/0ShUTlePcSGFq6dxSxf2mwPM= -k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8= -k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg= -k8s.io/apiserver v0.28.4 h1:BJXlaQbAU/RXYX2lRz+E1oPe3G3TKlozMMCZWu5GMgg= -k8s.io/apiserver v0.28.4/go.mod h1:Idq71oXugKZoVGUUL2wgBCTHbUR+FYTWa4rq9j4n23w= -k8s.io/cli-runtime v0.28.4 h1:IW3aqSNFXiGDllJF4KVYM90YX4cXPGxuCxCVqCD8X+Q= -k8s.io/cli-runtime v0.28.4/go.mod h1:MLGRB7LWTIYyYR3d/DOgtUC8ihsAPA3P8K8FDNIqJ0k= -k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= -k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= -k8s.io/component-base v0.28.4 h1:c/iQLWPdUgI90O+T9TeECg8o7N3YJTiuz2sKxILYcYo= -k8s.io/component-base v0.28.4/go.mod h1:m9hR0uvqXDybiGL2nf/3Lf0MerAfQXzkfWhUY58JUbU= -k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= -k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kube-openapi v0.0.0-20231129212854-f0671cc7e66a h1:ZeIPbyHHqahGIbeyLJJjAUhnxCKqXaDY+n89Ms8szyA= -k8s.io/kube-openapi v0.0.0-20231129212854-f0671cc7e66a/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/kubectl v0.28.4 h1:gWpUXW/T7aFne+rchYeHkyB8eVDl5UZce8G4X//kjUQ= -k8s.io/kubectl v0.28.4/go.mod h1:CKOccVx3l+3MmDbkXtIUtibq93nN2hkDR99XDCn7c/c= -k8s.io/utils v0.0.0-20240310230437-4693a0247e57 h1:gbqbevonBh57eILzModw6mrkbwM0gQBEuevE/AaBsHY= -k8s.io/utils v0.0.0-20240310230437-4693a0247e57/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +istio.io/istio v0.0.0-20240208010324-ffed2074bd92 h1:YxhEu2lLwuBomTsEZZuLrQgYgmSYTfTl05QHdhEi0fI= +istio.io/istio v0.0.0-20240208010324-ffed2074bd92/go.mod h1:c/EJafelMaRruaRomQm9cffS3TX0AbD60itcC6Z//Fs= +k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA= +k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE= +k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs= +k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y= +k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA= +k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc= +k8s.io/apiserver v0.30.0 h1:QCec+U72tMQ+9tR6A0sMBB5Vh6ImCEkoKkTDRABWq6M= +k8s.io/apiserver v0.30.0/go.mod h1:smOIBq8t0MbKZi7O7SyIpjPsiKJ8qa+llcFCluKyqiY= +k8s.io/cli-runtime v0.29.1 h1:By3WVOlEWYfyxhGko0f/IuAOLQcbBSMzwSaDren2JUs= +k8s.io/cli-runtime v0.29.1/go.mod h1:vjEY9slFp8j8UoMhV5AlO8uulX9xk6ogfIesHobyBDU= +k8s.io/client-go v0.30.0 h1:sB1AGGlhY/o7KCyCEQ0bPWzYDL0pwOZO4vAtTSh/gJQ= +k8s.io/client-go v0.30.0/go.mod h1:g7li5O5256qe6TYdAMyX/otJqMhIiGgTapdLchhmOaY= +k8s.io/component-base v0.30.0 h1:cj6bp38g0ainlfYtaOQuRELh5KSYjhKxM+io7AUIk4o= +k8s.io/component-base v0.30.0/go.mod h1:V9x/0ePFNaKeKYA3bOvIbrNoluTSG+fSJKjLdjOoeXQ= +k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw= +k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= +k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108 h1:Q8Z7VlGhcJgBHJHYugJ/K/7iB8a2eSxCyxdVjJp+lLY= +k8s.io/kube-openapi v0.0.0-20240423202451-8948a665c108/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98= +k8s.io/kubectl v0.29.1 h1:rWnW3hi/rEUvvg7jp4iYB68qW5un/urKbv7fu3Vj0/s= +k8s.io/kubectl v0.29.1/go.mod h1:SZzvLqtuOJYSvZzPZR9weSuP0wDQ+N37CENJf0FhDF4= +k8s.io/utils v0.0.0-20240423183400-0849a56e8f22 h1:ao5hUqGhsqdm+bYbjH/pRkCs0unBGe9UyDahzs9zQzQ= +k8s.io/utils v0.0.0-20240423183400-0849a56e8f22/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= oras.land/oras-go v1.2.4 h1:djpBY2/2Cs1PV87GSJlxv4voajVOMZxqqtq9AB8YNvY= oras.land/oras-go v1.2.4/go.mod h1:DYcGfb3YF1nKjcezfX2SNlDAeQFKSXmf+qrFmrh4324= -sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= -sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= +sigs.k8s.io/controller-runtime v0.18.0 h1:Z7jKuX784TQSUL1TIyeuF7j8KXZ4RtSX0YgtjKcSTME= +sigs.k8s.io/controller-runtime v0.18.0/go.mod h1:tuAt1+wbVsXIT8lPtk5RURxqAnq7xkpv2Mhttslg7Hw= sigs.k8s.io/external-dns v0.14.0 h1:pgY3DdyoBei+ej1nyZUzRt9ECm9RRwb9s6/CPWe51tc= sigs.k8s.io/external-dns v0.14.0/go.mod h1:d4Knr/BFz8U1Lc6yLhCzTRP6nJOz6fqR/MnqqJPcIlU= -sigs.k8s.io/gateway-api v1.0.1-0.20231204134048-c7da42e6eafc h1:Ls/BrmdKJVBi4LVYhK4a4xA+5TO0mt66f6UpgTHk2Lc= -sigs.k8s.io/gateway-api v1.0.1-0.20231204134048-c7da42e6eafc/go.mod h1:i4fiyKUGk0zC7PIaoykdwjfOePLpLIGGX9iab7uhl0o= +sigs.k8s.io/gateway-api v1.1.0 h1:DsLDXCi6jR+Xz8/xd0Z1PYl2Pn0TyaFMOPPZIj4inDM= +sigs.k8s.io/gateway-api v1.1.0/go.mod h1:ZH4lHrL2sDi0FHZ9jjneb8kKnGzFWyrTya35sWUTrRs= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 h1:XX3Ajgzov2RKUdc5jW3t5jwY7Bo7dcRm+tFxT+NfgY0= sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3/go.mod h1:9n16EZKMhXBNSiUC5kSdFQJkdH3zbxS/JoO619G1VAY= -sigs.k8s.io/kustomize/kyaml v0.15.0 h1:ynlLMAxDhrY9otSg5GYE2TcIz31XkGZ2Pkj7SdolD84= -sigs.k8s.io/kustomize/kyaml v0.15.0/go.mod h1:+uMkBahdU1KNOj78Uta4rrXH+iH7wvg+nW7+GULvREA= +sigs.k8s.io/kustomize/kyaml v0.16.0 h1:6J33uKSoATlKZH16unr2XOhDI+otoe2sR3M8PDzW3K0= +sigs.k8s.io/kustomize/kyaml v0.16.0/go.mod h1:xOK/7i+vmE14N2FdFyugIshB8eF6ALpy7jI87Q2nRh4= sigs.k8s.io/mcs-api v0.1.0 h1:edDbg0oRGfXw8TmZjKYep06LcJLv/qcYLidejnUp0PM= sigs.k8s.io/mcs-api v0.1.0/go.mod h1:gGiAryeFNB4GBsq2LBmVqSgKoobLxt+p7ii/WG5QYYw= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= diff --git a/pkg/istio/mesh_config_test.go b/pkg/istio/mesh_config_test.go index bdb8370e3..ed1a6c8a1 100644 --- a/pkg/istio/mesh_config_test.go +++ b/pkg/istio/mesh_config_test.go @@ -149,14 +149,6 @@ func getStubbedMeshConfigStruct() *structpb.Struct { } } -func getInvalidStubbedMeshConfigStruct() *structpb.Struct { - return &structpb.Struct{ - Fields: map[string]*structpb.Value{ - "invalid-field": {}, - }, - } -} - func TestOperatorWrapper_GetConfigObject(t *testing.T) { config := &iopv1alpha1.IstioOperator{} wrapper := NewOperatorWrapper(config) @@ -303,23 +295,6 @@ func TestSailWrapper_GetMeshConfig(t *testing.T) { assert.Equal(t, meshConfig.ExtensionProviders[0].GetEnvoyExtAuthzGrpc().GetPort(), uint32(50051)) } -func TestSailWrapper_GetMeshConfigInvalid(t *testing.T) { - structConfig := getInvalidStubbedMeshConfigStruct() - values := helm.HelmValues{} - if err := values.Set("meshConfig", structConfig.AsMap()); err != nil { - assert.NilError(t, err) - } - config := &istiov1alpha1.Istio{} - if err := config.Spec.SetValues(values); err != nil { - assert.NilError(t, err) - } - wrapper := NewSailWrapper(config) - - meshConfig, err := wrapper.GetMeshConfig() - assert.Check(t, err != nil) - assert.Check(t, meshConfig == nil) -} - func TestSailWrapper_SetMeshConfig(t *testing.T) { config := &istiov1alpha1.Istio{} wrapper := NewSailWrapper(config) diff --git a/pkg/library/gatewayapi/helper_test.go b/pkg/library/gatewayapi/helper_test.go index 534466b4b..fdde24b1f 100644 --- a/pkg/library/gatewayapi/helper_test.go +++ b/pkg/library/gatewayapi/helper_test.go @@ -95,11 +95,10 @@ func testBasicGatewayPolicy(name, namespace string, gateway *gatewayapiv1.Gatewa Namespace: namespace, Name: name, }, - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.Group(gatewayapiv1.GroupName), - Kind: gatewayapiv1.Kind("Gateway"), - Namespace: ptr.To(gatewayapiv1.Namespace(gateway.Namespace)), - Name: gatewayapiv1.ObjectName(gateway.Name), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.Group(gatewayapiv1.GroupName), + Kind: gatewayapiv1.Kind("Gateway"), + Name: gatewayapiv1.ObjectName(gateway.Name), }, } } @@ -114,11 +113,10 @@ func testBasicRoutePolicy(name, namespace string, route *gatewayapiv1.HTTPRoute) Namespace: namespace, Name: name, }, - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.Group(gatewayapiv1.GroupName), - Kind: gatewayapiv1.Kind("HTTPRoute"), - Namespace: ptr.To(gatewayapiv1.Namespace(route.Namespace)), - Name: gatewayapiv1.ObjectName(route.Name), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.Group(gatewayapiv1.GroupName), + Kind: gatewayapiv1.Kind("HTTPRoute"), + Name: gatewayapiv1.ObjectName(route.Name), }, } } @@ -133,11 +131,10 @@ func testStandalonePolicy(name, namespace string) Policy { Namespace: namespace, Name: name, }, - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.Group(gatewayapiv1.GroupName), - Kind: gatewayapiv1.Kind("Gateway"), - Namespace: ptr.To(gatewayapiv1.Namespace("unknown")), - Name: gatewayapiv1.ObjectName("unknown"), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.Group(gatewayapiv1.GroupName), + Kind: gatewayapiv1.Kind("Gateway"), + Name: gatewayapiv1.ObjectName("unknown"), }, } } diff --git a/pkg/library/gatewayapi/topology.go b/pkg/library/gatewayapi/topology.go index 4cd46b605..29422d87d 100644 --- a/pkg/library/gatewayapi/topology.go +++ b/pkg/library/gatewayapi/topology.go @@ -6,7 +6,6 @@ import ( "github.com/go-logr/logr" "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" @@ -347,12 +346,12 @@ func buildDAGEdges(opts *topologyOptions, gateways []gatewayDAGNode, routes []ht group := p.GetTargetRef().Group kind := p.GetTargetRef().Kind name := p.GetTargetRef().Name - namespace := ptr.Deref(p.GetTargetRef().Namespace, gatewayapiv1.Namespace(p.GetNamespace())) + namespace := p.GetNamespace() return group == gatewayapiv1.GroupName && kind == "HTTPRoute" && name == gatewayapiv1.ObjectName(route.Name) && - namespace == gatewayapiv1.Namespace(route.Namespace) + namespace == route.Namespace }) for _, attachedPolicy := range attachedPolicies { @@ -366,12 +365,12 @@ func buildDAGEdges(opts *topologyOptions, gateways []gatewayDAGNode, routes []ht group := p.GetTargetRef().Group kind := p.GetTargetRef().Kind name := p.GetTargetRef().Name - namespace := ptr.Deref(p.GetTargetRef().Namespace, gatewayapiv1.Namespace(p.GetNamespace())) + namespace := p.GetNamespace() return group == gatewayapiv1.GroupName && kind == "Gateway" && name == gatewayapiv1.ObjectName(g.Name) && - namespace == gatewayapiv1.Namespace(g.Namespace) + namespace == g.Namespace }) for _, attachedPolicy := range attachedPolicies { diff --git a/pkg/library/gatewayapi/types.go b/pkg/library/gatewayapi/types.go index 3088ab68f..dd4137692 100644 --- a/pkg/library/gatewayapi/types.go +++ b/pkg/library/gatewayapi/types.go @@ -20,7 +20,7 @@ const ( type Policy interface { client.Object PolicyClass() PolicyClass - GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference + GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference GetStatus() PolicyStatus List(context.Context, client.Client, string) []Policy Kind() string diff --git a/pkg/library/gatewayapi/types_test.go b/pkg/library/gatewayapi/types_test.go index 758125dd6..162c67ec1 100644 --- a/pkg/library/gatewayapi/types_test.go +++ b/pkg/library/gatewayapi/types_test.go @@ -28,8 +28,8 @@ type TestPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - TargetRef gatewayapiv1alpha2.PolicyTargetReference `json:"targetRef"` - Status FakePolicyStatus `json:"status"` + TargetRef gatewayapiv1alpha2.LocalPolicyTargetReference `json:"targetRef"` + Status FakePolicyStatus `json:"status"` } func (p *TestPolicy) Kind() string { @@ -52,7 +52,7 @@ func (p *TestPolicy) PolicyClass() PolicyClass { return DirectPolicy } -func (p *TestPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { +func (p *TestPolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference { return p.TargetRef } @@ -291,7 +291,7 @@ func createTestPolicy(name string, creationTime time.Time, mutateFn ...func(p *T func withTargetRefKind(targetRefKind string) func(p *TestPolicy) { return func(p *TestPolicy) { - p.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{Kind: gatewayapiv1.Kind(targetRefKind)} + p.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{Kind: gatewayapiv1.Kind(targetRefKind)} } } diff --git a/pkg/library/gatewayapi/utils.go b/pkg/library/gatewayapi/utils.go index 94e7b7b66..c1fa51c62 100644 --- a/pkg/library/gatewayapi/utils.go +++ b/pkg/library/gatewayapi/utils.go @@ -20,11 +20,11 @@ import ( "github.com/kuadrant/kuadrant-operator/pkg/library/utils" ) -func IsTargetRefHTTPRoute(targetRef gatewayapiv1alpha2.PolicyTargetReference) bool { +func IsTargetRefHTTPRoute(targetRef gatewayapiv1alpha2.LocalPolicyTargetReference) bool { return targetRef.Group == (gatewayapiv1.GroupName) && targetRef.Kind == ("HTTPRoute") } -func IsTargetRefGateway(targetRef gatewayapiv1alpha2.PolicyTargetReference) bool { +func IsTargetRefGateway(targetRef gatewayapiv1alpha2.LocalPolicyTargetReference) bool { return targetRef.Group == (gatewayapiv1.GroupName) && targetRef.Kind == ("Gateway") } diff --git a/pkg/library/kuadrant/apimachinery_status_conditions_test.go b/pkg/library/kuadrant/apimachinery_status_conditions_test.go index 5d5b27362..52fa41204 100644 --- a/pkg/library/kuadrant/apimachinery_status_conditions_test.go +++ b/pkg/library/kuadrant/apimachinery_status_conditions_test.go @@ -147,7 +147,7 @@ func TestAcceptedCondition(t *testing.T) { name: "target not found reason", args: args{ policy: &FakePolicy{}, - err: NewErrTargetNotFound("FakePolicy", gatewayapiv1alpha2.PolicyTargetReference{ + err: NewErrTargetNotFound("FakePolicy", gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-target-ref", @@ -164,7 +164,7 @@ func TestAcceptedCondition(t *testing.T) { name: "target not found reason with err", args: args{ policy: &FakePolicy{}, - err: NewErrTargetNotFound("FakePolicy", gatewayapiv1alpha2.PolicyTargetReference{ + err: NewErrTargetNotFound("FakePolicy", gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-target-ref", diff --git a/pkg/library/kuadrant/errors.go b/pkg/library/kuadrant/errors.go index 48bde13ab..e3602f8a8 100644 --- a/pkg/library/kuadrant/errors.go +++ b/pkg/library/kuadrant/errors.go @@ -18,7 +18,7 @@ var _ PolicyError = ErrTargetNotFound{} type ErrTargetNotFound struct { Kind string - TargetRef gatewayapiv1alpha2.PolicyTargetReference + TargetRef gatewayapiv1alpha2.LocalPolicyTargetReference Err error } @@ -34,7 +34,7 @@ func (e ErrTargetNotFound) Reason() gatewayapiv1alpha2.PolicyConditionReason { return gatewayapiv1alpha2.PolicyReasonTargetNotFound } -func NewErrTargetNotFound(kind string, targetRef gatewayapiv1alpha2.PolicyTargetReference, err error) ErrTargetNotFound { +func NewErrTargetNotFound(kind string, targetRef gatewayapiv1alpha2.LocalPolicyTargetReference, err error) ErrTargetNotFound { return ErrTargetNotFound{ Kind: kind, TargetRef: targetRef, diff --git a/pkg/library/kuadrant/errors_test.go b/pkg/library/kuadrant/errors_test.go index 400382212..88d019ac2 100644 --- a/pkg/library/kuadrant/errors_test.go +++ b/pkg/library/kuadrant/errors_test.go @@ -17,7 +17,7 @@ func TestIsTargetNotFound(t *testing.T) { }{ { name: "err is NewErrTargetNotFound", - err: NewErrTargetNotFound("foo", gatewayapiv1alpha2.PolicyTargetReference{}, errors.New("bar")), + err: NewErrTargetNotFound("foo", gatewayapiv1alpha2.LocalPolicyTargetReference{}, errors.New("bar")), want: true, }, { diff --git a/pkg/library/kuadrant/kuadrant.go b/pkg/library/kuadrant/kuadrant.go index 5518ea94c..6d42c86ba 100644 --- a/pkg/library/kuadrant/kuadrant.go +++ b/pkg/library/kuadrant/kuadrant.go @@ -45,12 +45,12 @@ func IsKuadrantManaged(obj client.Object) bool { func GetKuadrantNamespaceFromPolicyTargetRef(ctx context.Context, cli client.Client, policy Policy) (string, error) { targetRef := policy.GetTargetRef() - gwNamespacedName := types.NamespacedName{Namespace: string(ptr.Deref(targetRef.Namespace, policy.GetWrappedNamespace())), Name: string(targetRef.Name)} + gwNamespacedName := types.NamespacedName{Namespace: policy.GetNamespace(), Name: string(targetRef.Name)} if kuadrantgatewayapi.IsTargetRefHTTPRoute(targetRef) { route := &gatewayapiv1.HTTPRoute{} if err := cli.Get( ctx, - types.NamespacedName{Namespace: string(ptr.Deref(targetRef.Namespace, policy.GetWrappedNamespace())), Name: string(targetRef.Name)}, + types.NamespacedName{Namespace: policy.GetNamespace(), Name: string(targetRef.Name)}, route, ); err != nil { return "", err diff --git a/pkg/library/kuadrant/kuadrant_test.go b/pkg/library/kuadrant/kuadrant_test.go index 6c63f05d2..2cea354b2 100644 --- a/pkg/library/kuadrant/kuadrant_test.go +++ b/pkg/library/kuadrant/kuadrant_test.go @@ -725,11 +725,10 @@ func TestGetKuadrantNamespaceFromPolicyTargetRef(t *testing.T) { Namespace: "my-ns", }, }, - targetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "HTTPRoute", - Name: "my-httproute", - Namespace: ptr.To[gatewayapiv1.Namespace](gatewayapiv1.Namespace("my-ns")), + targetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "HTTPRoute", + Name: "my-httproute", }, }, "my-ns", @@ -768,7 +767,7 @@ func TestGetKuadrantNamespaceFromPolicyTargetRef(t *testing.T) { Namespace: "my-ns", }, }, - targetRef: gatewayapiv1alpha2.PolicyTargetReference{ + targetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-httproute", @@ -809,7 +808,7 @@ func TestGetKuadrantNamespaceFromPolicyTargetRef(t *testing.T) { Namespace: "my-ns", }, }, - targetRef: gatewayapiv1alpha2.PolicyTargetReference{ + targetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-httproute", diff --git a/pkg/library/kuadrant/test_utils.go b/pkg/library/kuadrant/test_utils.go index 95dd09e2a..2b185a541 100644 --- a/pkg/library/kuadrant/test_utils.go +++ b/pkg/library/kuadrant/test_utils.go @@ -36,10 +36,10 @@ const ( type FakePolicy struct { client.Object Hosts []string - targetRef gatewayapiv1alpha2.PolicyTargetReference + targetRef gatewayapiv1alpha2.LocalPolicyTargetReference } -func (p *FakePolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { +func (p *FakePolicy) GetTargetRef() gatewayapiv1alpha2.LocalPolicyTargetReference { return p.targetRef } diff --git a/pkg/library/mappers/gateway_test.go b/pkg/library/mappers/gateway_test.go index b628ec98f..ef564a9b3 100644 --- a/pkg/library/mappers/gateway_test.go +++ b/pkg/library/mappers/gateway_test.go @@ -39,7 +39,7 @@ func TestNewGatewayEventMapper(t *testing.T) { } spec := kuadrantv1beta2.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: "gateway.networking.k8s.io", Kind: "Gateway", Name: "test-gw", @@ -81,7 +81,7 @@ func TestNewGatewayEventMapper(t *testing.T) { t.Run("gateway related event - requests", func(subT *testing.T) { gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{Name: "test-gw", Namespace: "app-ns"}, - Status: gatewayapiv1alpha2.GatewayStatus{ + Status: gatewayapiv1.GatewayStatus{ Conditions: []metav1.Condition{ { Type: "Programmed", diff --git a/pkg/library/mappers/httproute_test.go b/pkg/library/mappers/httproute_test.go index 1abe2aac0..0a38ac3ba 100644 --- a/pkg/library/mappers/httproute_test.go +++ b/pkg/library/mappers/httproute_test.go @@ -41,7 +41,7 @@ func TestNewHTTPRouteEventMapper(t *testing.T) { } spec := kuadrantv1beta2.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: "test-route", @@ -59,7 +59,7 @@ func TestNewHTTPRouteEventMapper(t *testing.T) { }} gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{Name: "test-gw", Namespace: "app-ns"}, - Status: gatewayapiv1alpha2.GatewayStatus{ + Status: gatewayapiv1.GatewayStatus{ Conditions: []metav1.Condition{ { Type: "Programmed", diff --git a/pkg/library/mappers/policy_to_gateway.go b/pkg/library/mappers/policy_to_gateway.go index ba98adaa8..7814848f8 100644 --- a/pkg/library/mappers/policy_to_gateway.go +++ b/pkg/library/mappers/policy_to_gateway.go @@ -6,7 +6,6 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/types" - "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" @@ -35,17 +34,14 @@ func (k *PolicyToParentGatewaysEventMapper) Map(ctx context.Context, obj client. } if kuadrantgatewayapi.IsTargetRefGateway(policy.GetTargetRef()) { - namespace := string(ptr.Deref(policy.GetTargetRef().Namespace, gatewayapiv1.Namespace(policy.GetNamespace()))) - - nn := types.NamespacedName{Name: string(policy.GetTargetRef().Name), Namespace: namespace} + nn := types.NamespacedName{Name: string(policy.GetTargetRef().Name), Namespace: policy.GetNamespace()} logger.V(1).Info("map", " gateway", nn) return []reconcile.Request{{NamespacedName: nn}} } if kuadrantgatewayapi.IsTargetRefHTTPRoute(policy.GetTargetRef()) { - namespace := string(ptr.Deref(policy.GetTargetRef().Namespace, gatewayapiv1.Namespace(policy.GetNamespace()))) - routeKey := client.ObjectKey{Name: string(policy.GetTargetRef().Name), Namespace: namespace} + routeKey := client.ObjectKey{Name: string(policy.GetTargetRef().Name), Namespace: policy.GetNamespace()} route := &gatewayapiv1.HTTPRoute{} if err := k.opts.Client.Get(ctx, routeKey, route); err != nil { if apierrors.IsNotFound(err) { diff --git a/pkg/library/reconcilers/fetcher.go b/pkg/library/reconcilers/fetcher.go index 3c66c251b..dbf00c73b 100644 --- a/pkg/library/reconcilers/fetcher.go +++ b/pkg/library/reconcilers/fetcher.go @@ -13,12 +13,8 @@ import ( ) // FetchTargetRefObject fetches the target reference object and checks the status is valid -func FetchTargetRefObject(ctx context.Context, k8sClient client.Reader, targetRef gatewayapiv1alpha2.PolicyTargetReference, defaultNs string, fetchOnlyProgrammedGateways bool) (client.Object, error) { +func FetchTargetRefObject(ctx context.Context, k8sClient client.Reader, targetRef gatewayapiv1alpha2.LocalPolicyTargetReference, defaultNs string, fetchOnlyProgrammedGateways bool) (client.Object, error) { ns := defaultNs - if targetRef.Namespace != nil { - ns = string(*targetRef.Namespace) - } - objKey := client.ObjectKey{Name: string(targetRef.Name), Namespace: ns} switch targetRef.Kind { diff --git a/pkg/library/reconcilers/fetcher_test.go b/pkg/library/reconcilers/fetcher_test.go index 690d6924b..5a741ab65 100644 --- a/pkg/library/reconcilers/fetcher_test.go +++ b/pkg/library/reconcilers/fetcher_test.go @@ -41,13 +41,13 @@ func TestFetchTargetRefObject(t *testing.T) { t.Fatal(err) } - routeTargetRef := gatewayapiv1alpha2.PolicyTargetReference{ + routeTargetRef := gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), } - gatewayTargetRef := gatewayapiv1alpha2.PolicyTargetReference{ + gatewayTargetRef := gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(gatewayName), @@ -176,8 +176,7 @@ func TestFetchTargetRefObject(t *testing.T) { }) t.Run("unknown network resource", func(subT *testing.T) { - ns := gatewayapiv1.Namespace(namespace) - targetRef := gatewayapiv1alpha2.PolicyTargetReference{Kind: "Service", Name: "my-sv", Namespace: &ns} + targetRef := gatewayapiv1alpha2.LocalPolicyTargetReference{Kind: "Service", Name: "my-sv"} clientAPIReader := clientFactory() res, err := FetchTargetRefObject(ctx, clientAPIReader, targetRef, namespace, true) assert.Error(subT, err, fmt.Sprintf("FetchValidTargetRef: targetRef (%v) to unknown network resource", targetRef)) diff --git a/tests/common/authpolicy/authpolicy_controller_test.go b/tests/common/authpolicy/authpolicy_controller_test.go index fadd0ae92..5bbffea07 100644 --- a/tests/common/authpolicy/authpolicy_controller_test.go +++ b/tests/common/authpolicy/authpolicy_controller_test.go @@ -93,11 +93,10 @@ var _ = Describe("AuthPolicy controller (Serial)", Serial, func() { Namespace: testNamespace, }, Spec: api.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "HTTPRoute", - Name: TestHTTPRouteName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "HTTPRoute", + Name: TestHTTPRouteName, }, Defaults: &api.AuthPolicyCommonSpec{ AuthScheme: testBasicAuthScheme(), @@ -175,11 +174,10 @@ var _ = Describe("AuthPolicy controller", func() { Namespace: testNamespace, }, Spec: api.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "HTTPRoute", - Name: TestHTTPRouteName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "HTTPRoute", + Name: TestHTTPRouteName, }, Defaults: &api.AuthPolicyCommonSpec{ AuthScheme: testBasicAuthScheme(), @@ -380,9 +378,9 @@ var _ = Describe("AuthPolicy controller", func() { policy := policyFactory(func(policy *api.AuthPolicy) { policy.Spec.CommonSpec().RouteSelectors = []api.RouteSelector{ { // does not select any HTTPRouteRule - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1alpha2.HTTPMethod("DELETE")), + Method: ptr.To(gatewayapiv1.HTTPMethod("DELETE")), }, }, }, @@ -417,9 +415,9 @@ var _ = Describe("AuthPolicy controller", func() { config := policy.Spec.CommonSpec().AuthScheme.Authentication["apiKey"] config.RouteSelectors = []api.RouteSelector{ { // does not select any HTTPRouteRule - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1alpha2.HTTPMethod("DELETE")), + Method: ptr.To(gatewayapiv1.HTTPMethod("DELETE")), }, }, }, @@ -779,10 +777,10 @@ var _ = Describe("AuthPolicy controller", func() { policy := policyFactory(func(policy *api.AuthPolicy) { policy.Spec.CommonSpec().RouteSelectors = []api.RouteSelector{ { // Selects: POST|DELETE *.admin.toystore.com/admin* - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1alpha2.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1alpha2.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/admin"), }, }, @@ -790,10 +788,10 @@ var _ = Describe("AuthPolicy controller", func() { Hostnames: []gatewayapiv1.Hostname{gatewayapiv1.Hostname(host2)}, }, { // Selects: GET /private* - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1alpha2.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1alpha2.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/private"), }, }, @@ -856,10 +854,10 @@ var _ = Describe("AuthPolicy controller", func() { config := policy.Spec.CommonSpec().AuthScheme.Authentication["apiKey"] config.RouteSelectors = []api.RouteSelector{ { // Selects: POST|DELETE *.admin.toystore.com/admin* - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1alpha2.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1alpha2.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/admin"), }, }, @@ -1084,21 +1082,6 @@ var _ = Describe("AuthPolicy controller", func() { fmt.Sprintf("AuthPolicy is conflicted by %[1]v/toystore: the gateway.networking.k8s.io/v1, Kind=HTTPRoute target %[1]v/toystore-route is already referenced by policy %[1]v/toystore", testNamespace), )).WithContext(ctx).Should(BeTrue()) }, testTimeOut) - - It("Invalid reason", func(ctx SpecContext) { - otherNamespace := tests.CreateNamespace(ctx, testClient()) - defer tests.DeleteNamespaceCallback(ctx, testClient(), otherNamespace)() - - policy := policyFactory(func(policy *api.AuthPolicy) { - policy.Namespace = otherNamespace // create the policy in a different namespace than the target - policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(TestGatewayName) - policy.Spec.TargetRef.Namespace = ptr.To(gatewayapiv1.Namespace(testNamespace)) - }) - Expect(k8sClient.Create(ctx, policy)).To(Succeed()) - - Eventually(assertAcceptedCondFalseAndEnforcedCondNil(ctx, policy, string(gatewayapiv1alpha2.PolicyReasonInvalid), fmt.Sprintf("AuthPolicy target is invalid: invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", testNamespace))).WithContext(ctx).Should(BeTrue()) - }, testTimeOut) }) Context("AuthPolicy enforced condition reasons", func() { @@ -1423,7 +1406,7 @@ var _ = Describe("AuthPolicy CEL Validations", func() { Namespace: testNamespace, }, Spec: api.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-target", @@ -1582,7 +1565,7 @@ var _ = Describe("AuthPolicy CEL Validations", func() { Namespace: testNamespace, }, Spec: api.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: "my-gw", diff --git a/tests/common/ratelimitpolicy/ratelimitpolicy_controller_test.go b/tests/common/ratelimitpolicy/ratelimitpolicy_controller_test.go index 516eeb60b..904514b87 100644 --- a/tests/common/ratelimitpolicy/ratelimitpolicy_controller_test.go +++ b/tests/common/ratelimitpolicy/ratelimitpolicy_controller_test.go @@ -51,7 +51,7 @@ var _ = Describe("RateLimitPolicy controller (Serial)", Serial, func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -171,7 +171,7 @@ var _ = Describe("RateLimitPolicy controller", func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -313,7 +313,7 @@ var _ = Describe("RateLimitPolicy controller", func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -846,21 +846,6 @@ var _ = Describe("RateLimitPolicy controller", func() { fmt.Sprintf("RateLimitPolicy is conflicted by %[1]v/toystore-rlp: the gateway.networking.k8s.io/v1, Kind=HTTPRoute target %[1]v/toystore-route is already referenced by policy %[1]v/toystore-rlp", testNamespace)), ).WithContext(ctx).Should(Succeed()) }, testTimeOut) - - It("Invalid reason", func(ctx SpecContext) { - otherNamespace := tests.CreateNamespace(ctx, testClient()) - defer tests.DeleteNamespaceCallback(ctx, testClient(), otherNamespace)() - - policy := policyFactory(func(policy *kuadrantv1beta2.RateLimitPolicy) { - policy.Namespace = otherNamespace // create the policy in a different namespace than the target - policy.Spec.TargetRef.Kind = "Gateway" - policy.Spec.TargetRef.Name = gatewayapiv1.ObjectName(gateway.Name) - policy.Spec.TargetRef.Namespace = ptr.To(gatewayapiv1.Namespace(testNamespace)) - }) - Expect(k8sClient.Create(ctx, policy)).To(Succeed()) - - Eventually(assertAcceptedConditionFalse(ctx, policy, string(gatewayapiv1alpha2.PolicyReasonInvalid), fmt.Sprintf("RateLimitPolicy target is invalid: invalid targetRef.Namespace %s. Currently only supporting references to the same namespace", testNamespace))).WithContext(ctx).Should(Succeed()) - }, testTimeOut) }) Context("When RLP switches target from one HTTPRoute to another HTTPRoute", func() { @@ -1446,7 +1431,7 @@ var _ = Describe("RateLimitPolicy CEL Validations", func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: "my-target", diff --git a/tests/common/targetstatus/target_status_controller_test.go b/tests/common/targetstatus/target_status_controller_test.go index acdc9d735..90aa83804 100644 --- a/tests/common/targetstatus/target_status_controller_test.go +++ b/tests/common/targetstatus/target_status_controller_test.go @@ -115,7 +115,7 @@ var _ = Describe("Target status reconciler", func() { return condition.Status == metav1.ConditionFalse && strings.Contains(condition.Message, policyKey.String()) } - targetsAffected := func(ctx context.Context, policyKey client.ObjectKey, conditionType string, targetRef gatewayapiv1alpha2.PolicyTargetReference, routeNames ...string) bool { + targetsAffected := func(ctx context.Context, policyKey client.ObjectKey, conditionType string, targetRef gatewayapiv1alpha2.LocalPolicyTargetReference, routeNames ...string) bool { switch string(targetRef.Kind) { case "Gateway": if !gatewayAffected(ctx, string(targetRef.Name), conditionType, policyKey) { @@ -149,11 +149,10 @@ var _ = Describe("Target status reconciler", func() { Namespace: testNamespace, }, Spec: v1beta2.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "HTTPRoute", - Name: TestHTTPRouteName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "HTTPRoute", + Name: TestHTTPRouteName, }, Defaults: &v1beta2.AuthPolicyCommonSpec{ AuthScheme: &v1beta2.AuthSchemeSpec{ @@ -255,11 +254,10 @@ var _ = Describe("Target status reconciler", func() { It("adds PolicyAffected status condition to the targeted gateway and routes", func(ctx SpecContext) { policy := policyFactory(func(policy *v1beta2.AuthPolicy) { policy.Name = "gateway-auth" - policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: TestGatewayName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + policy.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: TestGatewayName, } }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) @@ -269,11 +267,10 @@ var _ = Describe("Target status reconciler", func() { It("removes PolicyAffected status condition from the targeted gateway and routes when the policy is deleted", func(ctx SpecContext) { policy := policyFactory(func(policy *v1beta2.AuthPolicy) { policy.Name = "gateway-auth" - policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: TestGatewayName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + policy.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: TestGatewayName, } }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) @@ -309,11 +306,10 @@ var _ = Describe("Target status reconciler", func() { gatewayPolicy := policyFactory(func(policy *v1beta2.AuthPolicy) { policy.Name = "gateway-auth" - policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: TestGatewayName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + policy.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: TestGatewayName, } }) Expect(k8sClient.Create(ctx, gatewayPolicy)).To(Succeed()) @@ -345,7 +341,7 @@ var _ = Describe("Target status reconciler", func() { Namespace: testNamespace, }, Spec: v1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(TestHTTPRouteName), @@ -408,11 +404,10 @@ var _ = Describe("Target status reconciler", func() { It("adds PolicyAffected status condition to the targeted gateway and routes", func(ctx SpecContext) { policy := policyFactory(func(policy *v1beta2.RateLimitPolicy) { policy.Name = "gateway-rlp" - policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: TestGatewayName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + policy.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: TestGatewayName, } }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) @@ -422,11 +417,10 @@ var _ = Describe("Target status reconciler", func() { It("removes PolicyAffected status condition from the targeted gateway and routes when the policy is deleted", func(ctx SpecContext) { policy := policyFactory(func(policy *v1beta2.RateLimitPolicy) { policy.Name = "gateway-rlp" - policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: TestGatewayName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + policy.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: TestGatewayName, } }) Expect(k8sClient.Create(ctx, policy)).To(Succeed()) @@ -462,11 +456,10 @@ var _ = Describe("Target status reconciler", func() { gatewayPolicy := policyFactory(func(policy *v1beta2.RateLimitPolicy) { policy.Name = "gateway-rlp" - policy.Spec.TargetRef = gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "Gateway", - Name: TestGatewayName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + policy.Spec.TargetRef = gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "Gateway", + Name: TestGatewayName, } }) Expect(k8sClient.Create(ctx, gatewayPolicy)).To(Succeed()) diff --git a/tests/istio/authpolicy_controller_authorizationpolicy_test.go b/tests/istio/authpolicy_controller_authorizationpolicy_test.go index e922d0af7..d903fb13b 100644 --- a/tests/istio/authpolicy_controller_authorizationpolicy_test.go +++ b/tests/istio/authpolicy_controller_authorizationpolicy_test.go @@ -65,11 +65,10 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.AuthPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1.GroupName, - Kind: "HTTPRoute", - Name: TestHTTPRouteName, - Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ + Group: gatewayapiv1.GroupName, + Kind: "HTTPRoute", + Name: TestHTTPRouteName, }, Defaults: &kuadrantv1beta2.AuthPolicyCommonSpec{ AuthScheme: testBasicAuthScheme(), @@ -125,6 +124,7 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { }).WithContext(ctx).Should(BeTrue()) // has the correct target ref + Expect(iap.Spec.TargetRef).To(Not(BeNil())) Expect(iap.Spec.TargetRef.Group).To(Equal("gateway.networking.k8s.io")) Expect(iap.Spec.TargetRef.Kind).To(Equal("Gateway")) Expect(iap.Spec.TargetRef.Name).To(Equal(TestGatewayName)) @@ -174,6 +174,7 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { }).WithContext(ctx).Should(BeTrue()) // has the correct target ref + Expect(iap.Spec.TargetRef).To(Not(BeNil())) Expect(iap.Spec.TargetRef.Group).To(Equal("gateway.networking.k8s.io")) Expect(iap.Spec.TargetRef.Kind).To(Equal("Gateway")) Expect(iap.Spec.TargetRef.Name).To(Equal(TestGatewayName)) @@ -298,9 +299,9 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { policy.Spec.TargetRef.Name = TestHTTPRouteName policy.Spec.CommonSpec().RouteSelectors = []kuadrantv1beta2.RouteSelector{ { // does not select any HTTPRouteRule - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1alpha2.HTTPMethod("DELETE")), + Method: ptr.To(gatewayapiv1.HTTPMethod("DELETE")), }, }, }, @@ -355,9 +356,9 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { config := policy.Spec.CommonSpec().AuthScheme.Authentication["apiKey"] config.RouteSelectors = []kuadrantv1beta2.RouteSelector{ { // does not select any HTTPRouteRule - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1alpha2.HTTPMethod("DELETE")), + Method: ptr.To(gatewayapiv1.HTTPMethod("DELETE")), }, }, }, @@ -452,10 +453,10 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { policy := policyFactory(func(policy *kuadrantv1beta2.AuthPolicy) { policy.Spec.CommonSpec().RouteSelectors = []kuadrantv1beta2.RouteSelector{ { // Selects: POST|DELETE *.admin.toystore.com/admin* - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1alpha2.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1alpha2.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/admin"), }, }, @@ -463,10 +464,10 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { Hostnames: []gatewayapiv1.Hostname{gatewayapiv1.Hostname(routeHost2)}, }, { // Selects: GET /private* - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1alpha2.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1alpha2.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/private"), }, }, @@ -515,10 +516,10 @@ var _ = Describe("AuthPolicy controller managing authorization policy", func() { config := policy.Spec.CommonSpec().AuthScheme.Authentication["apiKey"] config.RouteSelectors = []kuadrantv1beta2.RouteSelector{ { // Selects: POST|DELETE *.admin.toystore.com/admin* - Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1alpha2.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1alpha2.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/admin"), }, }, diff --git a/tests/istio/limitador_cluster_envoyfilter_controller_test.go b/tests/istio/limitador_cluster_envoyfilter_controller_test.go index 9f96dfccb..3de996083 100644 --- a/tests/istio/limitador_cluster_envoyfilter_controller_test.go +++ b/tests/istio/limitador_cluster_envoyfilter_controller_test.go @@ -89,7 +89,7 @@ var _ = Describe("Limitador Cluster EnvoyFilter controller", func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), diff --git a/tests/istio/rate_limiting_istio_wasmplugin_controller_test.go b/tests/istio/rate_limiting_istio_wasmplugin_controller_test.go index 86877f0b9..482d39d70 100644 --- a/tests/istio/rate_limiting_istio_wasmplugin_controller_test.go +++ b/tests/istio/rate_limiting_istio_wasmplugin_controller_test.go @@ -88,7 +88,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -121,6 +121,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { // must exist Expect(err).ToNot(HaveOccurred()) // has the correct target ref + Expect(existingWasmPlugin.Spec.TargetRef).To(Not(BeNil())) Expect(existingWasmPlugin.Spec.TargetRef.Group).To(Equal("gateway.networking.k8s.io")) Expect(existingWasmPlugin.Spec.TargetRef.Kind).To(Equal("Gateway")) Expect(existingWasmPlugin.Spec.TargetRef.Name).To(Equal(gateway.Name)) @@ -215,7 +216,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { Namespace: testNamespace, }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -395,7 +396,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -495,7 +496,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -563,7 +564,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -637,7 +638,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpAName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -689,7 +690,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpBName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeCName), @@ -835,7 +836,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -1044,7 +1045,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -1341,7 +1342,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeAName), @@ -1576,7 +1577,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlp1Name, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -1680,7 +1681,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlp2Name, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeAName), @@ -1839,7 +1840,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlp1Name, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -1870,7 +1871,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlp2Name, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeAName), @@ -2127,7 +2128,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: rlpName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName), @@ -2284,7 +2285,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: gwRLPName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "Gateway", Name: gatewayapiv1.ObjectName(TestGatewayName), @@ -2325,7 +2326,7 @@ var _ = Describe("Rate Limiting WasmPlugin controller", func() { }, ObjectMeta: metav1.ObjectMeta{Name: routeRLPName, Namespace: testNamespace}, Spec: kuadrantv1beta2.RateLimitPolicySpec{ - TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ + TargetRef: gatewayapiv1alpha2.LocalPolicyTargetReference{ Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", Name: gatewayapiv1.ObjectName(routeName),