diff --git a/apis/compute/v1beta1/generate.sh b/apis/compute/v1beta1/generate.sh index 8ac55a9727a..f1640630146 100755 --- a/apis/compute/v1beta1/generate.sh +++ b/apis/compute/v1beta1/generate.sh @@ -30,7 +30,8 @@ go run . generate-types \ --resource ComputeForwardingRule:ForwardingRule \ --resource ComputeSecurityPolicy:SecurityPolicy \ --resource ComputeSubnetwork:Subnetwork \ - --resource ComputeTargetTcpProxy:TargetTcpProxy + --resource ComputeTargetTcpProxy:TargetTcpProxy \ + --resource ComputeURLMap:UrlMap go run . generate-mapper \ --multiversion \ diff --git a/apis/compute/v1beta1/types.generated.go b/apis/compute/v1beta1/types.generated.go index dd63440a954..93e9a15fd74 100644 --- a/apis/compute/v1beta1/types.generated.go +++ b/apis/compute/v1beta1/types.generated.go @@ -22,9 +22,82 @@ // resource: ComputeSecurityPolicy:SecurityPolicy // resource: ComputeSubnetwork:Subnetwork // resource: ComputeTargetTcpProxy:TargetTcpProxy +// resource: ComputeURLMap:UrlMap package v1beta1 +// +kcc:proto=google.cloud.compute.v1.CorsPolicy +type CorsPolicy struct { + // In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. Default is false. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.allow_credentials + AllowCredentials *bool `json:"allowCredentials,omitempty"` + + // Specifies the content for the Access-Control-Allow-Headers header. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.allow_headers + AllowHeaders []string `json:"allowHeaders,omitempty"` + + // Specifies the content for the Access-Control-Allow-Methods header. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.allow_methods + AllowMethods []string `json:"allowMethods,omitempty"` + + // Specifies a regular expression that matches allowed origins. For more information, see regular expression syntax . An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.allow_origin_regexes + AllowOriginRegexes []string `json:"allowOriginRegexes,omitempty"` + + // Specifies the list of origins that is allowed to do CORS requests. An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.allow_origins + AllowOrigins []string `json:"allowOrigins,omitempty"` + + // If true, disables the CORS policy. The default value is false, which indicates that the CORS policy is in effect. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.disabled + Disabled *bool `json:"disabled,omitempty"` + + // Specifies the content for the Access-Control-Expose-Headers header. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.expose_headers + ExposeHeaders []string `json:"exposeHeaders,omitempty"` + + // Specifies how long results of a preflight request can be cached in seconds. This field translates to the Access-Control-Max-Age header. + // +kcc:proto:field=google.cloud.compute.v1.CorsPolicy.max_age + MaxAge *int32 `json:"maxAge,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.CustomErrorResponsePolicy +type CustomErrorResponsePolicy struct { + // Specifies rules for returning error responses. In a given policy, if you specify rules for both a range of error codes as well as rules for specific error codes then rules with specific error codes have a higher priority. For example, assume that you configure a rule for 401 (Un-authorized) code, and another for all 4 series error codes (4XX). If the backend service returns a 401, then the rule for 401 will be applied. However if the backend service returns a 403, the rule for 4xx takes effect. + // +kcc:proto:field=google.cloud.compute.v1.CustomErrorResponsePolicy.error_response_rules + ErrorResponseRules []CustomErrorResponsePolicyCustomErrorResponseRule `json:"errorResponseRules,omitempty"` + + // The full or partial URL to the BackendBucket resource that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket - compute/v1/projects/project/global/backendBuckets/myBackendBucket - global/backendBuckets/myBackendBucket If errorService is not specified at lower levels like pathMatcher, pathRule and routeRule, an errorService specified at a higher level in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy contains one or more errorResponseRules[], it must specify errorService. If load balancer cannot reach the backendBucket, a simple Not Found Error will be returned, with the original response code (or overrideResponseCode if configured). errorService is not supported for internal or regional HTTP/HTTPS load balancers. + // +kcc:proto:field=google.cloud.compute.v1.CustomErrorResponsePolicy.error_service + ErrorService *string `json:"errorService,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.CustomErrorResponsePolicyCustomErrorResponseRule +type CustomErrorResponsePolicyCustomErrorResponseRule struct { + // Valid values include: - A number between 400 and 599: For example 401 or 503, in which case the load balancer applies the policy if the error code exactly matches this value. - 5xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 500 to 599. - 4xx: Load Balancer will apply the policy if the backend service responds with any response code in the range of 400 to 499. Values must be unique within matchResponseCodes and across all errorResponseRules of CustomErrorResponsePolicy. + // +kcc:proto:field=google.cloud.compute.v1.CustomErrorResponsePolicyCustomErrorResponseRule.match_response_codes + MatchResponseCodes []string `json:"matchResponseCodes,omitempty"` + + // The HTTP status code returned with the response containing the custom error content. If overrideResponseCode is not supplied, the same response code returned by the original backend bucket or backend service is returned to the client. + // +kcc:proto:field=google.cloud.compute.v1.CustomErrorResponsePolicyCustomErrorResponseRule.override_response_code + OverrideResponseCode *int32 `json:"overrideResponseCode,omitempty"` + + // The full path to a file within backendBucket . For example: /errors/defaultError.html path must start with a leading slash. path cannot have trailing slashes. If the file is not available in backendBucket or the load balancer cannot reach the BackendBucket, a simple Not Found Error is returned to the client. The value must be from 1 to 1024 characters + // +kcc:proto:field=google.cloud.compute.v1.CustomErrorResponsePolicyCustomErrorResponseRule.path + Path *string `json:"path,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.Duration +type Duration struct { + // Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. + // +kcc:proto:field=google.cloud.compute.v1.Duration.nanos + Nanos *int32 `json:"nanos,omitempty"` + + // Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years + // +kcc:proto:field=google.cloud.compute.v1.Duration.seconds + Seconds *int64 `json:"seconds,omitempty"` +} + // +kcc:proto=google.cloud.compute.v1.Expr type Expr struct { // Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. @@ -56,6 +129,370 @@ type FirewallPolicyRuleSecureTag struct { State *string `json:"state,omitempty"` } +// +kcc:proto=google.cloud.compute.v1.HostRule +type HostRule struct { + // An optional description of this resource. Provide this property when you create the resource. + // +kcc:proto:field=google.cloud.compute.v1.HostRule.description + Description *string `json:"description,omitempty"` + + // The list of host patterns to match. They must be valid hostnames with optional port numbers in the format host:port. * matches any string of ([a-z0-9-.]*). In that case, * must be the first character, and if followed by anything, the immediate following character must be either - or .. * based matching is not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HostRule.hosts + Hosts []string `json:"hosts,omitempty"` + + // The name of the PathMatcher to use to match the path portion of the URL if the hostRule matches the URL's host portion. + // +kcc:proto:field=google.cloud.compute.v1.HostRule.path_matcher + PathMatcher *string `json:"pathMatcher,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpFaultAbort +type HTTPFaultAbort struct { + // The HTTP status code used to abort the request. The value must be from 200 to 599 inclusive. For gRPC protocol, the gRPC status code is mapped to HTTP status code according to this mapping table. HTTP status 200 is mapped to gRPC status UNKNOWN. Injecting an OK status is currently not supported by Traffic Director. + // +kcc:proto:field=google.cloud.compute.v1.HttpFaultAbort.http_status + HTTPStatus *uint32 `json:"httpStatus,omitempty"` + + // The percentage of traffic for connections, operations, or requests that is aborted as part of fault injection. The value must be from 0.0 to 100.0 inclusive. + // +kcc:proto:field=google.cloud.compute.v1.HttpFaultAbort.percentage + Percentage *float64 `json:"percentage,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpFaultDelay +type HTTPFaultDelay struct { + // Specifies the value of the fixed delay interval. + // +kcc:proto:field=google.cloud.compute.v1.HttpFaultDelay.fixed_delay + FixedDelay *Duration `json:"fixedDelay,omitempty"` + + // The percentage of traffic for connections, operations, or requests for which a delay is introduced as part of fault injection. The value must be from 0.0 to 100.0 inclusive. + // +kcc:proto:field=google.cloud.compute.v1.HttpFaultDelay.percentage + Percentage *float64 `json:"percentage,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpFaultInjection +type HTTPFaultInjection struct { + // The specification for how client requests are aborted as part of fault injection. + // +kcc:proto:field=google.cloud.compute.v1.HttpFaultInjection.abort + Abort *HTTPFaultAbort `json:"abort,omitempty"` + + // The specification for how client requests are delayed as part of fault injection, before being sent to a backend service. + // +kcc:proto:field=google.cloud.compute.v1.HttpFaultInjection.delay + Delay *HTTPFaultDelay `json:"delay,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpHeaderAction +type HTTPHeaderAction struct { + // Headers to add to a matching request before forwarding the request to the backendService. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderAction.request_headers_to_add + RequestHeadersToAdd []HTTPHeaderOption `json:"requestHeadersToAdd,omitempty"` + + // A list of header names for headers that need to be removed from the request before forwarding the request to the backendService. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderAction.request_headers_to_remove + RequestHeadersToRemove []string `json:"requestHeadersToRemove,omitempty"` + + // Headers to add the response before sending the response back to the client. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderAction.response_headers_to_add + ResponseHeadersToAdd []HTTPHeaderOption `json:"responseHeadersToAdd,omitempty"` + + // A list of header names for headers that need to be removed from the response before sending the response back to the client. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderAction.response_headers_to_remove + ResponseHeadersToRemove []string `json:"responseHeadersToRemove,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpHeaderMatch +type HTTPHeaderMatch struct { + // The value should exactly match contents of exactMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.exact_match + ExactMatch *string `json:"exactMatch,omitempty"` + + // The name of the HTTP header to match. For matching against the HTTP request's authority, use a headerMatch with the header name ":authority". For matching a request's method, use the headerName ":method". When the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true, only non-binary user-specified custom metadata and the `content-type` header are supported. The following transport-level headers cannot be used in header matching rules: `:authority`, `:method`, `:path`, `:scheme`, `user-agent`, `accept-encoding`, `content-encoding`, `grpc-accept-encoding`, `grpc-encoding`, `grpc-previous-rpc-attempts`, `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.header_name + HeaderName *string `json:"headerName,omitempty"` + + // If set to false, the headerMatch is considered a match if the preceding match criteria are met. If set to true, the headerMatch is considered a match if the preceding match criteria are NOT met. The default setting is false. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.invert_match + InvertMatch *bool `json:"invertMatch,omitempty"` + + // The value of the header must start with the contents of prefixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.prefix_match + PrefixMatch *string `json:"prefixMatch,omitempty"` + + // A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.present_match + PresentMatch *bool `json:"presentMatch,omitempty"` + + // The header value must be an integer and its value must be in the range specified in rangeMatch. If the header does not contain an integer, number or is empty, the match fails. For example for a range [-5, 0] - -3 will match. - 0 will not match. - 0.25 will not match. - -3someString will not match. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. rangeMatch is not supported for load balancers that have loadBalancingScheme set to EXTERNAL. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.range_match + RangeMatch *Int64RangeMatch `json:"rangeMatch,omitempty"` + + // The value of the header must match the regular expression specified in regexMatch. For more information about regular expression syntax, see Syntax. For matching against a port specified in the HTTP request, use a headerMatch with headerName set to PORT and a regular expression that satisfies the RFC2616 Host header's port specifier. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.regex_match + RegexMatch *string `json:"regexMatch,omitempty"` + + // The value of the header must end with the contents of suffixMatch. Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderMatch.suffix_match + SuffixMatch *string `json:"suffixMatch,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpHeaderOption +type HTTPHeaderOption struct { + // The name of the header. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderOption.header_name + HeaderName *string `json:"headerName,omitempty"` + + // The value of the header to add. + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderOption.header_value + HeaderValue *string `json:"headerValue,omitempty"` + + // If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. The default value is true, unless a variable is present in headerValue, in which case the default value is false. . + // +kcc:proto:field=google.cloud.compute.v1.HttpHeaderOption.replace + Replace *bool `json:"replace,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpQueryParameterMatch +type HTTPQueryParameterMatch struct { + // The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch. Only one of presentMatch, exactMatch, or regexMatch must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpQueryParameterMatch.exact_match + ExactMatch *string `json:"exactMatch,omitempty"` + + // The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails. + // +kcc:proto:field=google.cloud.compute.v1.HttpQueryParameterMatch.name + Name *string `json:"name,omitempty"` + + // Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not. Only one of presentMatch, exactMatch, or regexMatch must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpQueryParameterMatch.present_match + PresentMatch *bool `json:"presentMatch,omitempty"` + + // The queryParameterMatch matches if the value of the parameter matches the regular expression specified by regexMatch. For more information about regular expression syntax, see Syntax. Only one of presentMatch, exactMatch, or regexMatch must be set. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. + // +kcc:proto:field=google.cloud.compute.v1.HttpQueryParameterMatch.regex_match + RegexMatch *string `json:"regexMatch,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpRedirectAction +type HTTPRedirectAction struct { + // The host that is used in the redirect response instead of the one that was supplied in the request. The value must be from 1 to 255 characters. + // +kcc:proto:field=google.cloud.compute.v1.HttpRedirectAction.host_redirect + HostRedirect *string `json:"hostRedirect,omitempty"` + + // If set to true, the URL scheme in the redirected request is set to HTTPS. If set to false, the URL scheme of the redirected request remains the same as that of the request. This must only be set for URL maps used in TargetHttpProxys. Setting this true for TargetHttpsProxy is not permitted. The default is set to false. + // +kcc:proto:field=google.cloud.compute.v1.HttpRedirectAction.https_redirect + HTTPSRedirect *bool `json:"httpsRedirect,omitempty"` + + // The path that is used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters. + // +kcc:proto:field=google.cloud.compute.v1.HttpRedirectAction.path_redirect + PathRedirect *string `json:"pathRedirect,omitempty"` + + // The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request is used for the redirect. The value must be from 1 to 1024 characters. + // +kcc:proto:field=google.cloud.compute.v1.HttpRedirectAction.prefix_redirect + PrefixRedirect *string `json:"prefixRedirect,omitempty"` + + // The HTTP Status code to use for this RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - FOUND, which corresponds to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method is retained. - PERMANENT_REDIRECT, which corresponds to 308. In this case, the request method is retained. + // Check the RedirectResponseCode enum for the list of possible values. + // +kcc:proto:field=google.cloud.compute.v1.HttpRedirectAction.redirect_response_code + RedirectResponseCode *string `json:"redirectResponseCode,omitempty"` + + // If set to true, any accompanying query portion of the original URL is removed before redirecting the request. If set to false, the query portion of the original URL is retained. The default is set to false. + // +kcc:proto:field=google.cloud.compute.v1.HttpRedirectAction.strip_query + StripQuery *bool `json:"stripQuery,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpRetryPolicy +type HTTPRetryPolicy struct { + // Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + // +kcc:proto:field=google.cloud.compute.v1.HttpRetryPolicy.num_retries + NumRetries *uint32 `json:"numRetries,omitempty"` + + // Specifies a non-zero timeout per retry attempt. If not specified, will use the timeout set in the HttpRouteAction field. If timeout in the HttpRouteAction field is not set, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HttpRetryPolicy.per_try_timeout + PerTryTimeout *Duration `json:"perTryTimeout,omitempty"` + + // Specifies one or more conditions when this retry policy applies. Valid values are: - 5xx: retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - connect-failure: a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - retriable-4xx: a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - refused-stream: a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - cancelled: a retry is attempted if the gRPC status code in the response header is set to cancelled. - deadline-exceeded: a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - internal: a retry is attempted if the gRPC status code in the response header is set to internal. - resource-exhausted: a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - unavailable: a retry is attempted if the gRPC status code in the response header is set to unavailable. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true. - cancelled - deadline-exceeded - internal - resource-exhausted - unavailable + // +kcc:proto:field=google.cloud.compute.v1.HttpRetryPolicy.retry_conditions + RetryConditions []string `json:"retryConditions,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpRouteAction +type HTTPRouteAction struct { + // The specification for allowing client-side cross-origin requests. For more information about the W3C recommendation for cross-origin resource sharing (CORS), see Fetch API Living Standard. Not supported when the URL map is bound to a target gRPC proxy. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.cors_policy + CorsPolicy *CorsPolicy `json:"corsPolicy,omitempty"` + + // The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. Similarly requests from clients can be aborted by the load balancer for a percentage of requests. timeout and retry_policy is ignored by clients that are configured with a fault_injection_policy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. Fault injection is not supported with the classic Application Load Balancer . To see which load balancers support fault injection, see Load balancing: Routing and traffic management features. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.fault_injection_policy + FaultInjectionPolicy *HTTPFaultInjection `json:"faultInjectionPolicy,omitempty"` + + // Specifies the maximum duration (timeout) for streams on the selected route. Unlike the timeout field where the timeout duration starts from the time the request has been fully processed (known as *end-of-stream*), the duration in this field is computed from the beginning of the stream until the response has been processed, including all retries. A stream that does not complete in this duration is closed. If not specified, this field uses the maximum maxStreamDuration value among all backend services associated with the route. This field is only allowed if the Url map is used with backend services with loadBalancingScheme set to INTERNAL_SELF_MANAGED. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.max_stream_duration + MaxStreamDuration *Duration `json:"maxStreamDuration,omitempty"` + + // Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.request_mirror_policy + RequestMirrorPolicy *RequestMirrorPolicy `json:"requestMirrorPolicy,omitempty"` + + // Specifies the retry policy associated with this route. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.retry_policy + RetryPolicy *HTTPRetryPolicy `json:"retryPolicy,omitempty"` + + // Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as *end-of-stream*) up until the response has been processed. Timeout includes all retries. If not specified, this field uses the largest timeout among all backend services associated with the route. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.timeout + Timeout *Duration `json:"timeout,omitempty"` + + // The spec to modify the URL of the request, before forwarding the request to the matched service. urlRewrite is the only action supported in UrlMaps for classic Application Load Balancers. Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.url_rewrite + URLRewrite *URLRewrite `json:"urlRewrite,omitempty"` + + // A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteAction.weighted_backend_services + WeightedBackendServices []WeightedBackendService `json:"weightedBackendServices,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpRouteRule +type HTTPRouteRule struct { + // customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the RouteRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with routeRules.routeAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the customErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the customErrorResponsePolicy is ignored and the response from the service is returned to the client. customErrorResponsePolicy is supported only for global external Application Load Balancers. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.custom_error_response_policy + CustomErrorResponsePolicy *CustomErrorResponsePolicy `json:"customErrorResponsePolicy,omitempty"` + + // The short description conveying the intent of this routeRule. The description can have a maximum length of 1024 characters. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.description + Description *string `json:"description,omitempty"` + + // Specifies changes to request and response headers that need to take effect for the selected backendService. The headerAction value specified here is applied before the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.header_action + HeaderAction *HTTPHeaderAction `json:"headerAction,omitempty"` + + // The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.match_rules + MatchRules []HTTPRouteRuleMatch `json:"matchRules,omitempty"` + + // For routeRules within a given pathMatcher, priority determines the order in which a load balancer interprets routeRules. RouteRules are evaluated in order of priority, from the lowest to highest number. The priority of a rule decreases as its number increases (1, 2, 3, N+1). The first rule that matches the request is applied. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number from 0 to 2147483647 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.priority + Priority *int32 `json:"priority,omitempty"` + + // In response to a matching matchRule, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. Only one of urlRedirect, service or routeAction.weightedBackendService can be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a route rule's routeAction. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.route_action + RouteAction *HTTPRouteAction `json:"routeAction,omitempty"` + + // The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. Only one of urlRedirect, service or routeAction.weightedBackendService can be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.service + Service *string `json:"service,omitempty"` + + // When this rule is matched, the request is redirected to a URL specified by urlRedirect. Only one of urlRedirect, service or routeAction.weightedBackendService can be set. Not supported when the URL map is bound to a target gRPC proxy. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRule.url_redirect + URLRedirect *HTTPRedirectAction `json:"urlRedirect,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.HttpRouteRuleMatch +type HTTPRouteRuleMatch struct { + // For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL. fullPathMatch must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.full_path_match + FullPathMatch *string `json:"fullPathMatch,omitempty"` + + // Specifies a list of header match criteria, all of which must match corresponding headers in the request. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.header_matches + HeaderMatches []HTTPHeaderMatch `json:"headerMatches,omitempty"` + + // Specifies that prefixMatch and fullPathMatch matches are case sensitive. The default value is false. ignoreCase must not be used with regexMatch. Not supported when the URL map is bound to a target gRPC proxy. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.ignore_case + IgnoreCase *bool `json:"ignoreCase,omitempty"` + + // Opaque filter criteria used by the load balancer to restrict routing configuration to a limited set of xDS compliant clients. In their xDS requests to the load balancer, xDS clients present node metadata. When there is a match, the relevant routing configuration is made available to those proxies. For each metadataFilter in this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the filterLabels must match the corresponding label provided in the metadata. If its filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match with corresponding labels provided in the metadata. If multiple metadata filters are specified, all of them need to be satisfied in order to be considered a match. metadataFilters specified here is applied after those specified in ForwardingRule that refers to the UrlMap this HttpRouteRuleMatch belongs to. metadataFilters only applies to load balancers that have loadBalancingScheme set to INTERNAL_SELF_MANAGED. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.metadata_filters + MetadataFilters []MetadataFilter `json:"metadataFilters,omitempty"` + + // If specified, the route is a pattern match expression that must match the :path header once the query string is removed. A pattern match allows you to match - The value must be between 1 and 1024 characters - The pattern must start with a leading slash ("/") - There may be no more than 5 operators in pattern Precisely one of prefix_match, full_path_match, regex_match or path_template_match must be set. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.path_template_match + PathTemplateMatch *string `json:"pathTemplateMatch,omitempty"` + + // For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /. The value must be from 1 to 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.prefix_match + PrefixMatch *string `json:"prefixMatch,omitempty"` + + // Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Not supported when the URL map is bound to a target gRPC proxy. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.query_parameter_matches + QueryParameterMatches []HTTPQueryParameterMatch `json:"queryParameterMatches,omitempty"` + + // For satisfying the matchRule condition, the path of the request must satisfy the regular expression specified in regexMatch after removing any query parameters and anchor supplied with the original URL. For more information about regular expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. Regular expressions can only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. + // +kcc:proto:field=google.cloud.compute.v1.HttpRouteRuleMatch.regex_match + RegexMatch *string `json:"regexMatch,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.Int64RangeMatch +type Int64RangeMatch struct { + // The end of the range (exclusive) in signed long integer format. + // +kcc:proto:field=google.cloud.compute.v1.Int64RangeMatch.range_end + RangeEnd *int64 `json:"rangeEnd,omitempty"` + + // The start of the range (inclusive) in signed long integer format. + // +kcc:proto:field=google.cloud.compute.v1.Int64RangeMatch.range_start + RangeStart *int64 `json:"rangeStart,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.PathMatcher +type PathMatcher struct { + // defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. This policy takes effect at the PathMatcher level and applies only when no policy has been defined for the error code at lower levels like RouteRule and PathRule within this PathMatcher. If an error code does not have a policy defined in defaultCustomErrorResponsePolicy, then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy is configured with policies for 5xx and 4xx errors - A RouteRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in RouteRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, retries take precedence. Only once all retries are exhausted, the defaultCustomErrorResponsePolicy is applied. While attempting a retry, if load balancer is successful in reaching the service, the defaultCustomErrorResponsePolicy is ignored and the response from the service is returned to the client. defaultCustomErrorResponsePolicy is supported only for global external Application Load Balancers. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.default_custom_error_response_policy + DefaultCustomErrorResponsePolicy *CustomErrorResponsePolicy `json:"defaultCustomErrorResponsePolicy,omitempty"` + + // defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. Only one of defaultUrlRedirect, defaultService or defaultRouteAction.weightedBackendService can be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path matcher's defaultRouteAction. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.default_route_action + DefaultRouteAction *HTTPRouteAction `json:"defaultRouteAction,omitempty"` + + // The full or partial URL to the BackendService resource. This URL is used if none of the pathRules or routeRules defined by this PathMatcher are matched. For example, the following are all valid URLs to a BackendService resource: - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService - compute/v1/projects/project/global/backendServices/backendService - global/backendServices/backendService If defaultRouteAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. Only one of defaultUrlRedirect, defaultService or defaultRouteAction.weightedBackendService can be set. Authorization requires one or more of the following Google IAM permissions on the specified resource default_service: - compute.backendBuckets.use - compute.backendServices.use + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.default_service + DefaultService *string `json:"defaultService,omitempty"` + + // When none of the specified pathRules or routeRules match, the request is redirected to a URL specified by defaultUrlRedirect. Only one of defaultUrlRedirect, defaultService or defaultRouteAction.weightedBackendService can be set. Not supported when the URL map is bound to a target gRPC proxy. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.default_url_redirect + DefaultURLRedirect *HTTPRedirectAction `json:"defaultURLRedirect,omitempty"` + + // An optional description of this resource. Provide this property when you create the resource. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.description + Description *string `json:"description,omitempty"` + + // Specifies changes to request and response headers that need to take effect for the selected backend service. HeaderAction specified here are applied after the matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap HeaderAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.header_action + HeaderAction *HTTPHeaderAction `json:"headerAction,omitempty"` + + // The name to which this PathMatcher is referred by the HostRule. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.name + Name *string `json:"name,omitempty"` + + // The list of path rules. Use this list instead of routeRules when routing based on simple path matching is all that's required. The order by which path rules are specified does not matter. Matches are always done on the longest-path-first basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* irrespective of the order in which those paths appear in this list. Within a given pathMatcher, only one of pathRules or routeRules must be set. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.path_rules + PathRules []PathRule `json:"pathRules,omitempty"` + + // The list of HTTP route rules. Use this list instead of pathRules when advanced route matching and routing actions are desired. routeRules are evaluated in order of priority, from the lowest to highest number. Within a given pathMatcher, you can set only one of pathRules or routeRules. + // +kcc:proto:field=google.cloud.compute.v1.PathMatcher.route_rules + RouteRules []HTTPRouteRule `json:"routeRules,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.PathRule +type PathRule struct { + // customErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. If a policy for an error code is not configured for the PathRule, a policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, the policy configured in UrlMap.defaultCustomErrorResponsePolicy takes effect. For example, consider a UrlMap with the following configuration: - UrlMap.defaultCustomErrorResponsePolicy are configured with policies for 5xx and 4xx errors - A PathRule for /coming_soon/ is configured for the error code 404. If the request is for www.myotherdomain.com and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy takes effect. If a 404 response is encountered for the request www.example.com/current_events/, the pathMatcher's policy takes effect. If however, the request for www.example.com/coming_soon/ encounters a 404, the policy in PathRule.customErrorResponsePolicy takes effect. If any of the requests in this example encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy takes effect. customErrorResponsePolicy is supported only for global external Application Load Balancers. + // +kcc:proto:field=google.cloud.compute.v1.PathRule.custom_error_response_policy + CustomErrorResponsePolicy *CustomErrorResponsePolicy `json:"customErrorResponsePolicy,omitempty"` + + // The list of path patterns to match. Each must start with / and the only place a * is allowed is at the end following a /. The string fed to the path matcher does not include any text after the first ? or #, and those chars are not allowed here. + // +kcc:proto:field=google.cloud.compute.v1.PathRule.paths + Paths []string `json:"paths,omitempty"` + + // In response to a matching path, the load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. Only one of urlRedirect, service or routeAction.weightedBackendService can be set. URL maps for classic Application Load Balancers only support the urlRewrite action within a path rule's routeAction. + // +kcc:proto:field=google.cloud.compute.v1.PathRule.route_action + RouteAction *HTTPRouteAction `json:"routeAction,omitempty"` + + // The full or partial URL of the backend service resource to which traffic is directed if this rule is matched. If routeAction is also specified, advanced routing actions, such as URL rewrites, take effect before sending the request to the backend. Only one of urlRedirect, service or routeAction.weightedBackendService can be set. + // +kcc:proto:field=google.cloud.compute.v1.PathRule.service + Service *string `json:"service,omitempty"` + + // When a path pattern is matched, the request is redirected to a URL specified by urlRedirect. Only one of urlRedirect, service or routeAction.weightedBackendService can be set. Not supported when the URL map is bound to a target gRPC proxy. + // +kcc:proto:field=google.cloud.compute.v1.PathRule.url_redirect + URLRedirect *HTTPRedirectAction `json:"urlRedirect,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.RequestMirrorPolicy +type RequestMirrorPolicy struct { + // The full or partial URL to the BackendService resource being mirrored to. The backend service configured for a mirroring policy must reference backends that are of the same type as the original backend service matched in the URL map. Serverless NEG backends are not currently supported as a mirrored backend service. + // +kcc:proto:field=google.cloud.compute.v1.RequestMirrorPolicy.backend_service + BackendService *string `json:"backendService,omitempty"` +} + // +kcc:proto=google.cloud.compute.v1.SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig type SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig struct { // +kcc:proto:field=google.cloud.compute.v1.SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig.auto_deploy_confidence_threshold @@ -235,3 +672,75 @@ type SubnetworkParams struct { // +kcc:proto:field=google.cloud.compute.v1.SubnetworkParams.resource_manager_tags ResourceManagerTags map[string]string `json:"resourceManagerTags,omitempty"` } + +// +kcc:proto=google.cloud.compute.v1.UrlMapTest +type URLMapTest struct { + // Description of this test case. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.description + Description *string `json:"description,omitempty"` + + // The expected output URL evaluated by the load balancer containing the scheme, host, path and query parameters. For rules that forward requests to backends, the test passes only when expectedOutputUrl matches the request forwarded by the load balancer to backends. For rules with urlRewrite, the test verifies that the forwarded request matches hostRewrite and pathPrefixRewrite in the urlRewrite action. When service is specified, expectedOutputUrl`s scheme is ignored. For rules with urlRedirect, the test passes only if expectedOutputUrl matches the URL in the load balancer's redirect response. If urlRedirect specifies https_redirect, the test passes only if the scheme in expectedOutputUrl is also set to HTTPS. If urlRedirect specifies strip_query, the test passes only if expectedOutputUrl does not contain any query parameters. expectedOutputUrl is optional when service is specified. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.expected_output_url + ExpectedOutputURL *string `json:"expectedOutputURL,omitempty"` + + // For rules with urlRedirect, the test passes only if expectedRedirectResponseCode matches the HTTP status code in load balancer's redirect response. expectedRedirectResponseCode cannot be set when service is set. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.expected_redirect_response_code + ExpectedRedirectResponseCode *int32 `json:"expectedRedirectResponseCode,omitempty"` + + // HTTP headers for this request. If headers contains a host header, then host must also match the header value. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.headers + Headers []URLMapTestHeader `json:"headers,omitempty"` + + // Host portion of the URL. If headers contains a host header, then host must also match the header value. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.host + Host *string `json:"host,omitempty"` + + // Path portion of the URL. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.path + Path *string `json:"path,omitempty"` + + // Expected BackendService or BackendBucket resource the given URL should be mapped to. The service field cannot be set if expectedRedirectResponseCode is set. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTest.service + Service *string `json:"service,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.UrlMapTestHeader +type URLMapTestHeader struct { + // Header name. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTestHeader.name + Name *string `json:"name,omitempty"` + + // Header value. + // +kcc:proto:field=google.cloud.compute.v1.UrlMapTestHeader.value + Value *string `json:"value,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.UrlRewrite +type URLRewrite struct { + // Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. The value must be from 1 to 255 characters. + // +kcc:proto:field=google.cloud.compute.v1.UrlRewrite.host_rewrite + HostRewrite *string `json:"hostRewrite,omitempty"` + + // Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. The value must be from 1 to 1024 characters. + // +kcc:proto:field=google.cloud.compute.v1.UrlRewrite.path_prefix_rewrite + PathPrefixRewrite *string `json:"pathPrefixRewrite,omitempty"` + + // If specified, the pattern rewrites the URL path (based on the :path header) using the HTTP template syntax. A corresponding path_template_match must be specified. Any template variables must exist in the path_template_match field. - -At least one variable must be specified in the path_template_match field - You can omit variables from the rewritten URL - The * and ** operators cannot be matched unless they have a corresponding variable name - e.g. {format=*} or {var=**}. For example, a path_template_match of /static/{format=**} could be rewritten as /static/content/{format} to prefix /content to the URL. Variables can also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} can be rewritten as /content/{format}/{country}/{suffix}. At least one non-empty routeRules[].matchRules[].path_template_match is required. Only one of path_prefix_rewrite or path_template_rewrite may be specified. + // +kcc:proto:field=google.cloud.compute.v1.UrlRewrite.path_template_rewrite + PathTemplateRewrite *string `json:"pathTemplateRewrite,omitempty"` +} + +// +kcc:proto=google.cloud.compute.v1.WeightedBackendService +type WeightedBackendService struct { + // The full or partial URL to the default BackendService resource. Before forwarding the request to backendService, the load balancer applies any relevant headerActions specified as part of this backendServiceWeight. + // +kcc:proto:field=google.cloud.compute.v1.WeightedBackendService.backend_service + BackendService *string `json:"backendService,omitempty"` + + // Specifies changes to request and response headers that need to take effect for the selected backendService. headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + // +kcc:proto:field=google.cloud.compute.v1.WeightedBackendService.header_action + HeaderAction *HTTPHeaderAction `json:"headerAction,omitempty"` + + // Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. Don't configure session affinity if you're using weighted traffic splitting. If you do, the weighted traffic splitting configuration takes precedence. The value must be from 0 to 1000. + // +kcc:proto:field=google.cloud.compute.v1.WeightedBackendService.weight + Weight *uint32 `json:"weight,omitempty"` +} diff --git a/apis/compute/v1beta1/urlmap_identity.go b/apis/compute/v1beta1/urlmap_identity.go new file mode 100644 index 00000000000..ccd772b0656 --- /dev/null +++ b/apis/compute/v1beta1/urlmap_identity.go @@ -0,0 +1,120 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + "context" + "fmt" + + "github.com/GoogleCloudPlatform/k8s-config-connector/apis/common" + "github.com/GoogleCloudPlatform/k8s-config-connector/apis/common/identity" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/gcpurls" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +var ( + _ identity.IdentityV2 = &ComputeURLMapIdentity{} + _ identity.Resource = &ComputeURLMap{} +) + +var ComputeURLMapGlobalIdentityFormat = gcpurls.Template[ComputeURLMapIdentity]("compute.googleapis.com", "projects/{project}/global/urlMaps/{name}") +var ComputeURLMapRegionalIdentityFormat = gcpurls.Template[ComputeURLMapIdentity]("compute.googleapis.com", "projects/{project}/regions/{region}/urlMaps/{name}") + +// +k8s:deepcopy-gen=false +type ComputeURLMapIdentity struct { + Project string + Region string + Name string +} + +func (i *ComputeURLMapIdentity) String() string { + if i.Region == "" { + return ComputeURLMapGlobalIdentityFormat.ToString(*i) + } + return ComputeURLMapRegionalIdentityFormat.ToString(*i) +} + +func (i *ComputeURLMapIdentity) FromExternal(ref string) error { + if parsed, match, err := ComputeURLMapGlobalIdentityFormat.Parse(ref); err == nil && match { + *i = *parsed + i.Region = "" + return nil + } + if parsed, match, err := ComputeURLMapRegionalIdentityFormat.Parse(ref); err == nil && match { + *i = *parsed + return nil + } + + return fmt.Errorf("format of ComputeURLMap external=%q was not known (use %s or %s)", ref, ComputeURLMapGlobalIdentityFormat.CanonicalForm(), ComputeURLMapRegionalIdentityFormat.CanonicalForm()) +} + +func (i *ComputeURLMapIdentity) Host() string { + return ComputeURLMapGlobalIdentityFormat.Host() +} + +func NewComputeURLMapIdentity(ctx context.Context, reader client.Reader, obj *ComputeURLMap) (*ComputeURLMapIdentity, error) { + return getIdentityFromComputeURLMapSpec(ctx, reader, obj) +} + +func getIdentityFromComputeURLMapSpec(ctx context.Context, reader client.Reader, obj client.Object) (*ComputeURLMapIdentity, error) { + resourceID, err := refs.GetResourceID(obj) + if err != nil { + return nil, fmt.Errorf("cannot resolve resource ID") + } + + projectID, err := refs.ResolveProjectID(ctx, reader, obj) + if err != nil { + return nil, fmt.Errorf("cannot resolve project") + } + + location, err := refs.GetLocation(obj) + if err != nil { + // Default to global if not found in spec (for compute URL maps) + location = "global" + } + + id := &ComputeURLMapIdentity{ + Project: projectID, + Name: resourceID, + } + if location != "global" { + id.Region = location + } + return id, nil +} + +func (obj *ComputeURLMap) GetIdentity(ctx context.Context, reader client.Reader) (identity.Identity, error) { + specIdentity, err := getIdentityFromComputeURLMapSpec(ctx, reader, obj) + if err != nil { + return nil, err + } + + // Cross-check the identity against the status value, if present. + externalRef := common.ValueOf(obj.Status.ExternalRef) + if externalRef != "" { + // Validate desired with actual + statusIdentity := &ComputeURLMapIdentity{} + if err := statusIdentity.FromExternal(externalRef); err != nil { + return nil, err + } + + if statusIdentity.String() != specIdentity.String() { + return nil, fmt.Errorf("cannot change ComputeURLMap identity (old=%q, new=%q)", statusIdentity.String(), specIdentity.String()) + } + } + + return specIdentity, nil +} diff --git a/apis/compute/v1beta1/urlmap_reference.go b/apis/compute/v1beta1/urlmap_reference.go new file mode 100644 index 00000000000..11b93c8415c --- /dev/null +++ b/apis/compute/v1beta1/urlmap_reference.go @@ -0,0 +1,92 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + "context" + + "github.com/GoogleCloudPlatform/k8s-config-connector/apis/common/identity" + refs "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/types" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +var _ refs.Ref = &ComputeURLMapRef{} + +// ComputeURLMapRef defines the resource reference to ComputeURLMap, which "External" field +// holds the GCP identifier for the KRM object. +type ComputeURLMapRef struct { + // A reference to an externally managed ComputeURLMap resource. + // Should be in the format "projects/{{projectID}}/global/urlMaps/{{name}}" or "projects/{{projectID}}/regions/{{region}}/urlMaps/{{name}}". + External string `json:"external,omitempty"` + + // The name of a ComputeURLMap resource. + Name string `json:"name,omitempty"` + + // The namespace of a ComputeURLMap resource. + Namespace string `json:"namespace,omitempty"` +} + +func init() { + refs.Register(&ComputeURLMapRef{}) +} + +func (r *ComputeURLMapRef) GetGVK() schema.GroupVersionKind { + return ComputeURLMapGVK +} + +func (r *ComputeURLMapRef) GetNamespacedName() types.NamespacedName { + return types.NamespacedName{ + Name: r.Name, + Namespace: r.Namespace, + } +} + +func (r *ComputeURLMapRef) GetExternal() string { + return r.External +} + +func (r *ComputeURLMapRef) SetExternal(ref string) { + r.External = ref +} + +func (r *ComputeURLMapRef) ValidateExternal(ref string) error { + id := &ComputeURLMapIdentity{} + if err := id.FromExternal(ref); err != nil { + return err + } + return nil +} + +func (r *ComputeURLMapRef) ParseExternalToIdentity() (identity.Identity, error) { + id := &ComputeURLMapIdentity{} + if err := id.FromExternal(r.External); err != nil { + return nil, err + } + return id, nil +} + +func (r *ComputeURLMapRef) Normalize(ctx context.Context, reader client.Reader, defaultNamespace string) error { + fallback := func(u *unstructured.Unstructured) string { + identity, err := getIdentityFromComputeURLMapSpec(ctx, reader, u) + if err != nil { + return "" + } + return identity.String() + } + return refs.NormalizeWithFallback(ctx, reader, r, defaultNamespace, fallback) +} diff --git a/apis/compute/v1beta1/urlmap_types.go b/apis/compute/v1beta1/urlmap_types.go new file mode 100644 index 00000000000..ead7dcfd0a5 --- /dev/null +++ b/apis/compute/v1beta1/urlmap_types.go @@ -0,0 +1,143 @@ +// Copyright 2025 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + refsv1beta1 "github.com/GoogleCloudPlatform/k8s-config-connector/apis/refs/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/k8s/v1alpha1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +var ComputeURLMapGVK = GroupVersion.WithKind("ComputeURLMap") + +// ComputeURLMapSpec defines the desired state of ComputeURLMap +// +kcc:spec:proto=google.cloud.compute.v1.UrlMap +type ComputeURLMapSpec struct { + // The project that this resource belongs to. + ProjectRef *refsv1beta1.ProjectRef `json:"projectRef"` + + // The location of this resource. + Location string `json:"location"` + + // The ComputeURLMap name. If not given, the metadata.name will be used. + ResourceID *string `json:"resourceID,omitempty"` + + // defaultCustomErrorResponsePolicy specifies how the Load Balancer returns error responses when BackendServiceor BackendBucket responds with an error. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.default_custom_error_response_policy + DefaultCustomErrorResponsePolicy *CustomErrorResponsePolicy `json:"defaultCustomErrorResponsePolicy,omitempty"` + + // defaultRouteAction takes effect when none of the hostRules match. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.default_route_action + DefaultRouteAction *HTTPRouteAction `json:"defaultRouteAction,omitempty"` + + // The full or partial URL to the BackendService resource. This URL is used if none of the hostRules match. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.default_service + DefaultService *string `json:"defaultService,omitempty"` + + // When none of the specified hostRules match, the request is redirected to a URL specified by defaultUrlRedirect. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.default_url_redirect + DefaultURLRedirect *HTTPRedirectAction `json:"defaultURLRedirect,omitempty"` + + // An optional description of this resource. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.description + Description *string `json:"description,omitempty"` + + // Specifies changes to request and response headers that need to take effect for the selected backend service. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.header_action + HeaderAction *HTTPHeaderAction `json:"headerAction,omitempty"` + + // The list of HostRules to use against the URL. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.host_rules + HostRules []HostRule `json:"hostRules,omitempty"` + + // The list of named PathMatchers to use against the URL. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.path_matchers + PathMatchers []PathMatcher `json:"pathMatchers,omitempty"` + + // The list of expected URL mappings. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.tests + Tests []URLMapTest `json:"tests,omitempty"` +} + +// ComputeURLMapStatus defines the config connector machine state of ComputeURLMap +type ComputeURLMapStatus struct { + /* Conditions represent the latest available observations of the + object's current state. */ + Conditions []v1alpha1.Condition `json:"conditions,omitempty"` + + // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + ObservedGeneration *int64 `json:"observedGeneration,omitempty"` + + // A unique specifier for the ComputeURLMap resource in GCP. + ExternalRef *string `json:"externalRef,omitempty"` + + // ObservedState is the state of the resource as most recently observed in GCP. + ObservedState *ComputeURLMapObservedState `json:"observedState,omitempty"` +} + +// ComputeURLMapObservedState is the state of the ComputeURLMap resource as most recently observed in GCP. +// +kcc:observedstate:proto=google.cloud.compute.v1.UrlMap +type ComputeURLMapObservedState struct { + // Creation timestamp in RFC3339 text format. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.creation_timestamp + CreationTimestamp *string `json:"creationTimestamp,omitempty"` + + // Fingerprint used for optimistic locking. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.fingerprint + Fingerprint *string `json:"fingerprint,omitempty"` + + // The unique identifier for the resource. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.id + URLMapId *uint64 `json:"urlMapId,omitempty"` + + // The self-link for the resource. + // +kcc:proto:field=google.cloud.compute.v1.UrlMap.self_link + SelfLink *string `json:"selfLink,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:resource:categories=gcp,shortName=gcpcomputeurlmap;gcpcomputeurlmaps +// +kubebuilder:subresource:status +// +kubebuilder:metadata:labels="cnrm.cloud.google.com/managed-by-kcc=true" +// +kubebuilder:metadata:labels="cnrm.cloud.google.com/system=true" +// +kubebuilder:metadata:labels="cnrm.cloud.google.com/tf2crd=true" +// +kubebuilder:printcolumn:name="Age",JSONPath=".metadata.creationTimestamp",type="date" +// +kubebuilder:printcolumn:name="Ready",JSONPath=".status.conditions[?(@.type=='Ready')].status",type="string",description="When 'True', the most recent reconcile of the resource succeeded" +// +kubebuilder:printcolumn:name="Status",JSONPath=".status.conditions[?(@.type=='Ready')].reason",type="string",description="The reason for the value in 'Ready'" +// +kubebuilder:printcolumn:name="Status Age",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime",type="date",description="The last transition time for the value in 'Status'" + +// ComputeURLMap is the Schema for the ComputeURLMap API +// +k8s:openapi-gen=true +type ComputeURLMap struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + // +required + Spec ComputeURLMapSpec `json:"spec,omitempty"` + Status ComputeURLMapStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// ComputeURLMapList contains a list of ComputeURLMap +type ComputeURLMapList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []ComputeURLMap `json:"items"` +} + +func init() { + SchemeBuilder.Register(&ComputeURLMap{}, &ComputeURLMapList{}) +} diff --git a/apis/compute/v1beta1/zz_generated.deepcopy.go b/apis/compute/v1beta1/zz_generated.deepcopy.go index 577a38e361a..8aa5c3b9468 100644 --- a/apis/compute/v1beta1/zz_generated.deepcopy.go +++ b/apis/compute/v1beta1/zz_generated.deepcopy.go @@ -1052,6 +1052,363 @@ func (in *ComputeTargetTCPProxyStatus) DeepCopy() *ComputeTargetTCPProxyStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeURLMap) DeepCopyInto(out *ComputeURLMap) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeURLMap. +func (in *ComputeURLMap) DeepCopy() *ComputeURLMap { + if in == nil { + return nil + } + out := new(ComputeURLMap) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ComputeURLMap) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeURLMapList) DeepCopyInto(out *ComputeURLMapList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ComputeURLMap, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeURLMapList. +func (in *ComputeURLMapList) DeepCopy() *ComputeURLMapList { + if in == nil { + return nil + } + out := new(ComputeURLMapList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ComputeURLMapList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeURLMapObservedState) DeepCopyInto(out *ComputeURLMapObservedState) { + *out = *in + if in.CreationTimestamp != nil { + in, out := &in.CreationTimestamp, &out.CreationTimestamp + *out = new(string) + **out = **in + } + if in.Fingerprint != nil { + in, out := &in.Fingerprint, &out.Fingerprint + *out = new(string) + **out = **in + } + if in.URLMapId != nil { + in, out := &in.URLMapId, &out.URLMapId + *out = new(uint64) + **out = **in + } + if in.SelfLink != nil { + in, out := &in.SelfLink, &out.SelfLink + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeURLMapObservedState. +func (in *ComputeURLMapObservedState) DeepCopy() *ComputeURLMapObservedState { + if in == nil { + return nil + } + out := new(ComputeURLMapObservedState) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeURLMapRef) DeepCopyInto(out *ComputeURLMapRef) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeURLMapRef. +func (in *ComputeURLMapRef) DeepCopy() *ComputeURLMapRef { + if in == nil { + return nil + } + out := new(ComputeURLMapRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeURLMapSpec) DeepCopyInto(out *ComputeURLMapSpec) { + *out = *in + if in.ProjectRef != nil { + in, out := &in.ProjectRef, &out.ProjectRef + *out = new(refsv1beta1.ProjectRef) + **out = **in + } + if in.ResourceID != nil { + in, out := &in.ResourceID, &out.ResourceID + *out = new(string) + **out = **in + } + if in.DefaultCustomErrorResponsePolicy != nil { + in, out := &in.DefaultCustomErrorResponsePolicy, &out.DefaultCustomErrorResponsePolicy + *out = new(CustomErrorResponsePolicy) + (*in).DeepCopyInto(*out) + } + if in.DefaultRouteAction != nil { + in, out := &in.DefaultRouteAction, &out.DefaultRouteAction + *out = new(HTTPRouteAction) + (*in).DeepCopyInto(*out) + } + if in.DefaultService != nil { + in, out := &in.DefaultService, &out.DefaultService + *out = new(string) + **out = **in + } + if in.DefaultURLRedirect != nil { + in, out := &in.DefaultURLRedirect, &out.DefaultURLRedirect + *out = new(HTTPRedirectAction) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.HeaderAction != nil { + in, out := &in.HeaderAction, &out.HeaderAction + *out = new(HTTPHeaderAction) + (*in).DeepCopyInto(*out) + } + if in.HostRules != nil { + in, out := &in.HostRules, &out.HostRules + *out = make([]HostRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PathMatchers != nil { + in, out := &in.PathMatchers, &out.PathMatchers + *out = make([]PathMatcher, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Tests != nil { + in, out := &in.Tests, &out.Tests + *out = make([]URLMapTest, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeURLMapSpec. +func (in *ComputeURLMapSpec) DeepCopy() *ComputeURLMapSpec { + if in == nil { + return nil + } + out := new(ComputeURLMapSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ComputeURLMapStatus) DeepCopyInto(out *ComputeURLMapStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]v1alpha1.Condition, len(*in)) + copy(*out, *in) + } + if in.ObservedGeneration != nil { + in, out := &in.ObservedGeneration, &out.ObservedGeneration + *out = new(int64) + **out = **in + } + if in.ExternalRef != nil { + in, out := &in.ExternalRef, &out.ExternalRef + *out = new(string) + **out = **in + } + if in.ObservedState != nil { + in, out := &in.ObservedState, &out.ObservedState + *out = new(ComputeURLMapObservedState) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ComputeURLMapStatus. +func (in *ComputeURLMapStatus) DeepCopy() *ComputeURLMapStatus { + if in == nil { + return nil + } + out := new(ComputeURLMapStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CorsPolicy) DeepCopyInto(out *CorsPolicy) { + *out = *in + if in.AllowCredentials != nil { + in, out := &in.AllowCredentials, &out.AllowCredentials + *out = new(bool) + **out = **in + } + if in.AllowHeaders != nil { + in, out := &in.AllowHeaders, &out.AllowHeaders + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowMethods != nil { + in, out := &in.AllowMethods, &out.AllowMethods + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowOriginRegexes != nil { + in, out := &in.AllowOriginRegexes, &out.AllowOriginRegexes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.AllowOrigins != nil { + in, out := &in.AllowOrigins, &out.AllowOrigins + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.Disabled != nil { + in, out := &in.Disabled, &out.Disabled + *out = new(bool) + **out = **in + } + if in.ExposeHeaders != nil { + in, out := &in.ExposeHeaders, &out.ExposeHeaders + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.MaxAge != nil { + in, out := &in.MaxAge, &out.MaxAge + *out = new(int32) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CorsPolicy. +func (in *CorsPolicy) DeepCopy() *CorsPolicy { + if in == nil { + return nil + } + out := new(CorsPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomErrorResponsePolicy) DeepCopyInto(out *CustomErrorResponsePolicy) { + *out = *in + if in.ErrorResponseRules != nil { + in, out := &in.ErrorResponseRules, &out.ErrorResponseRules + *out = make([]CustomErrorResponsePolicyCustomErrorResponseRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ErrorService != nil { + in, out := &in.ErrorService, &out.ErrorService + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomErrorResponsePolicy. +func (in *CustomErrorResponsePolicy) DeepCopy() *CustomErrorResponsePolicy { + if in == nil { + return nil + } + out := new(CustomErrorResponsePolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CustomErrorResponsePolicyCustomErrorResponseRule) DeepCopyInto(out *CustomErrorResponsePolicyCustomErrorResponseRule) { + *out = *in + if in.MatchResponseCodes != nil { + in, out := &in.MatchResponseCodes, &out.MatchResponseCodes + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.OverrideResponseCode != nil { + in, out := &in.OverrideResponseCode, &out.OverrideResponseCode + *out = new(int32) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomErrorResponsePolicyCustomErrorResponseRule. +func (in *CustomErrorResponsePolicyCustomErrorResponseRule) DeepCopy() *CustomErrorResponsePolicyCustomErrorResponseRule { + if in == nil { + return nil + } + out := new(CustomErrorResponsePolicyCustomErrorResponseRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Duration) DeepCopyInto(out *Duration) { + *out = *in + if in.Nanos != nil { + in, out := &in.Nanos, &out.Nanos + *out = new(int32) + **out = **in + } + if in.Seconds != nil { + in, out := &in.Seconds, &out.Seconds + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Duration. +func (in *Duration) DeepCopy() *Duration { + if in == nil { + return nil + } + out := new(Duration) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Expr) DeepCopyInto(out *Expr) { *out = *in @@ -1264,52 +1621,566 @@ func (in *ForwardingRuleIdentity) DeepCopyInto(out *ForwardingRuleIdentity) { } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingRuleIdentity. -func (in *ForwardingRuleIdentity) DeepCopy() *ForwardingRuleIdentity { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingRuleIdentity. +func (in *ForwardingRuleIdentity) DeepCopy() *ForwardingRuleIdentity { + if in == nil { + return nil + } + out := new(ForwardingRuleIdentity) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ForwardingRuleRef) DeepCopyInto(out *ForwardingRuleRef) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingRuleRef. +func (in *ForwardingRuleRef) DeepCopy() *ForwardingRuleRef { + if in == nil { + return nil + } + out := new(ForwardingRuleRef) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ForwardingruleServiceDirectoryRegistrations) DeepCopyInto(out *ForwardingruleServiceDirectoryRegistrations) { + *out = *in + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingruleServiceDirectoryRegistrations. +func (in *ForwardingruleServiceDirectoryRegistrations) DeepCopy() *ForwardingruleServiceDirectoryRegistrations { + if in == nil { + return nil + } + out := new(ForwardingruleServiceDirectoryRegistrations) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPFaultAbort) DeepCopyInto(out *HTTPFaultAbort) { + *out = *in + if in.HTTPStatus != nil { + in, out := &in.HTTPStatus, &out.HTTPStatus + *out = new(uint32) + **out = **in + } + if in.Percentage != nil { + in, out := &in.Percentage, &out.Percentage + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPFaultAbort. +func (in *HTTPFaultAbort) DeepCopy() *HTTPFaultAbort { + if in == nil { + return nil + } + out := new(HTTPFaultAbort) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPFaultDelay) DeepCopyInto(out *HTTPFaultDelay) { + *out = *in + if in.FixedDelay != nil { + in, out := &in.FixedDelay, &out.FixedDelay + *out = new(Duration) + (*in).DeepCopyInto(*out) + } + if in.Percentage != nil { + in, out := &in.Percentage, &out.Percentage + *out = new(float64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPFaultDelay. +func (in *HTTPFaultDelay) DeepCopy() *HTTPFaultDelay { + if in == nil { + return nil + } + out := new(HTTPFaultDelay) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPFaultInjection) DeepCopyInto(out *HTTPFaultInjection) { + *out = *in + if in.Abort != nil { + in, out := &in.Abort, &out.Abort + *out = new(HTTPFaultAbort) + (*in).DeepCopyInto(*out) + } + if in.Delay != nil { + in, out := &in.Delay, &out.Delay + *out = new(HTTPFaultDelay) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPFaultInjection. +func (in *HTTPFaultInjection) DeepCopy() *HTTPFaultInjection { + if in == nil { + return nil + } + out := new(HTTPFaultInjection) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPHeaderAction) DeepCopyInto(out *HTTPHeaderAction) { + *out = *in + if in.RequestHeadersToAdd != nil { + in, out := &in.RequestHeadersToAdd, &out.RequestHeadersToAdd + *out = make([]HTTPHeaderOption, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequestHeadersToRemove != nil { + in, out := &in.RequestHeadersToRemove, &out.RequestHeadersToRemove + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.ResponseHeadersToAdd != nil { + in, out := &in.ResponseHeadersToAdd, &out.ResponseHeadersToAdd + *out = make([]HTTPHeaderOption, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResponseHeadersToRemove != nil { + in, out := &in.ResponseHeadersToRemove, &out.ResponseHeadersToRemove + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeaderAction. +func (in *HTTPHeaderAction) DeepCopy() *HTTPHeaderAction { + if in == nil { + return nil + } + out := new(HTTPHeaderAction) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPHeaderMatch) DeepCopyInto(out *HTTPHeaderMatch) { + *out = *in + if in.ExactMatch != nil { + in, out := &in.ExactMatch, &out.ExactMatch + *out = new(string) + **out = **in + } + if in.HeaderName != nil { + in, out := &in.HeaderName, &out.HeaderName + *out = new(string) + **out = **in + } + if in.InvertMatch != nil { + in, out := &in.InvertMatch, &out.InvertMatch + *out = new(bool) + **out = **in + } + if in.PrefixMatch != nil { + in, out := &in.PrefixMatch, &out.PrefixMatch + *out = new(string) + **out = **in + } + if in.PresentMatch != nil { + in, out := &in.PresentMatch, &out.PresentMatch + *out = new(bool) + **out = **in + } + if in.RangeMatch != nil { + in, out := &in.RangeMatch, &out.RangeMatch + *out = new(Int64RangeMatch) + (*in).DeepCopyInto(*out) + } + if in.RegexMatch != nil { + in, out := &in.RegexMatch, &out.RegexMatch + *out = new(string) + **out = **in + } + if in.SuffixMatch != nil { + in, out := &in.SuffixMatch, &out.SuffixMatch + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeaderMatch. +func (in *HTTPHeaderMatch) DeepCopy() *HTTPHeaderMatch { + if in == nil { + return nil + } + out := new(HTTPHeaderMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPHeaderOption) DeepCopyInto(out *HTTPHeaderOption) { + *out = *in + if in.HeaderName != nil { + in, out := &in.HeaderName, &out.HeaderName + *out = new(string) + **out = **in + } + if in.HeaderValue != nil { + in, out := &in.HeaderValue, &out.HeaderValue + *out = new(string) + **out = **in + } + if in.Replace != nil { + in, out := &in.Replace, &out.Replace + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPHeaderOption. +func (in *HTTPHeaderOption) DeepCopy() *HTTPHeaderOption { + if in == nil { + return nil + } + out := new(HTTPHeaderOption) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPQueryParameterMatch) DeepCopyInto(out *HTTPQueryParameterMatch) { + *out = *in + if in.ExactMatch != nil { + in, out := &in.ExactMatch, &out.ExactMatch + *out = new(string) + **out = **in + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PresentMatch != nil { + in, out := &in.PresentMatch, &out.PresentMatch + *out = new(bool) + **out = **in + } + if in.RegexMatch != nil { + in, out := &in.RegexMatch, &out.RegexMatch + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPQueryParameterMatch. +func (in *HTTPQueryParameterMatch) DeepCopy() *HTTPQueryParameterMatch { + if in == nil { + return nil + } + out := new(HTTPQueryParameterMatch) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRedirectAction) DeepCopyInto(out *HTTPRedirectAction) { + *out = *in + if in.HostRedirect != nil { + in, out := &in.HostRedirect, &out.HostRedirect + *out = new(string) + **out = **in + } + if in.HTTPSRedirect != nil { + in, out := &in.HTTPSRedirect, &out.HTTPSRedirect + *out = new(bool) + **out = **in + } + if in.PathRedirect != nil { + in, out := &in.PathRedirect, &out.PathRedirect + *out = new(string) + **out = **in + } + if in.PrefixRedirect != nil { + in, out := &in.PrefixRedirect, &out.PrefixRedirect + *out = new(string) + **out = **in + } + if in.RedirectResponseCode != nil { + in, out := &in.RedirectResponseCode, &out.RedirectResponseCode + *out = new(string) + **out = **in + } + if in.StripQuery != nil { + in, out := &in.StripQuery, &out.StripQuery + *out = new(bool) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRedirectAction. +func (in *HTTPRedirectAction) DeepCopy() *HTTPRedirectAction { + if in == nil { + return nil + } + out := new(HTTPRedirectAction) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRetryPolicy) DeepCopyInto(out *HTTPRetryPolicy) { + *out = *in + if in.NumRetries != nil { + in, out := &in.NumRetries, &out.NumRetries + *out = new(uint32) + **out = **in + } + if in.PerTryTimeout != nil { + in, out := &in.PerTryTimeout, &out.PerTryTimeout + *out = new(Duration) + (*in).DeepCopyInto(*out) + } + if in.RetryConditions != nil { + in, out := &in.RetryConditions, &out.RetryConditions + *out = make([]string, len(*in)) + copy(*out, *in) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRetryPolicy. +func (in *HTTPRetryPolicy) DeepCopy() *HTTPRetryPolicy { + if in == nil { + return nil + } + out := new(HTTPRetryPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteAction) DeepCopyInto(out *HTTPRouteAction) { + *out = *in + if in.CorsPolicy != nil { + in, out := &in.CorsPolicy, &out.CorsPolicy + *out = new(CorsPolicy) + (*in).DeepCopyInto(*out) + } + if in.FaultInjectionPolicy != nil { + in, out := &in.FaultInjectionPolicy, &out.FaultInjectionPolicy + *out = new(HTTPFaultInjection) + (*in).DeepCopyInto(*out) + } + if in.MaxStreamDuration != nil { + in, out := &in.MaxStreamDuration, &out.MaxStreamDuration + *out = new(Duration) + (*in).DeepCopyInto(*out) + } + if in.RequestMirrorPolicy != nil { + in, out := &in.RequestMirrorPolicy, &out.RequestMirrorPolicy + *out = new(RequestMirrorPolicy) + (*in).DeepCopyInto(*out) + } + if in.RetryPolicy != nil { + in, out := &in.RetryPolicy, &out.RetryPolicy + *out = new(HTTPRetryPolicy) + (*in).DeepCopyInto(*out) + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(Duration) + (*in).DeepCopyInto(*out) + } + if in.URLRewrite != nil { + in, out := &in.URLRewrite, &out.URLRewrite + *out = new(URLRewrite) + (*in).DeepCopyInto(*out) + } + if in.WeightedBackendServices != nil { + in, out := &in.WeightedBackendServices, &out.WeightedBackendServices + *out = make([]WeightedBackendService, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteAction. +func (in *HTTPRouteAction) DeepCopy() *HTTPRouteAction { + if in == nil { + return nil + } + out := new(HTTPRouteAction) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPRouteRule) DeepCopyInto(out *HTTPRouteRule) { + *out = *in + if in.CustomErrorResponsePolicy != nil { + in, out := &in.CustomErrorResponsePolicy, &out.CustomErrorResponsePolicy + *out = new(CustomErrorResponsePolicy) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.HeaderAction != nil { + in, out := &in.HeaderAction, &out.HeaderAction + *out = new(HTTPHeaderAction) + (*in).DeepCopyInto(*out) + } + if in.MatchRules != nil { + in, out := &in.MatchRules, &out.MatchRules + *out = make([]HTTPRouteRuleMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Priority != nil { + in, out := &in.Priority, &out.Priority + *out = new(int32) + **out = **in + } + if in.RouteAction != nil { + in, out := &in.RouteAction, &out.RouteAction + *out = new(HTTPRouteAction) + (*in).DeepCopyInto(*out) + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } + if in.URLRedirect != nil { + in, out := &in.URLRedirect, &out.URLRedirect + *out = new(HTTPRedirectAction) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteRule. +func (in *HTTPRouteRule) DeepCopy() *HTTPRouteRule { if in == nil { return nil } - out := new(ForwardingRuleIdentity) + out := new(HTTPRouteRule) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ForwardingRuleRef) DeepCopyInto(out *ForwardingRuleRef) { +func (in *HTTPRouteRuleMatch) DeepCopyInto(out *HTTPRouteRuleMatch) { *out = *in + if in.FullPathMatch != nil { + in, out := &in.FullPathMatch, &out.FullPathMatch + *out = new(string) + **out = **in + } + if in.HeaderMatches != nil { + in, out := &in.HeaderMatches, &out.HeaderMatches + *out = make([]HTTPHeaderMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IgnoreCase != nil { + in, out := &in.IgnoreCase, &out.IgnoreCase + *out = new(bool) + **out = **in + } + if in.MetadataFilters != nil { + in, out := &in.MetadataFilters, &out.MetadataFilters + *out = make([]MetadataFilter, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.PathTemplateMatch != nil { + in, out := &in.PathTemplateMatch, &out.PathTemplateMatch + *out = new(string) + **out = **in + } + if in.PrefixMatch != nil { + in, out := &in.PrefixMatch, &out.PrefixMatch + *out = new(string) + **out = **in + } + if in.QueryParameterMatches != nil { + in, out := &in.QueryParameterMatches, &out.QueryParameterMatches + *out = make([]HTTPQueryParameterMatch, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RegexMatch != nil { + in, out := &in.RegexMatch, &out.RegexMatch + *out = new(string) + **out = **in + } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingRuleRef. -func (in *ForwardingRuleRef) DeepCopy() *ForwardingRuleRef { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPRouteRuleMatch. +func (in *HTTPRouteRuleMatch) DeepCopy() *HTTPRouteRuleMatch { if in == nil { return nil } - out := new(ForwardingRuleRef) + out := new(HTTPRouteRuleMatch) in.DeepCopyInto(out) return out } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ForwardingruleServiceDirectoryRegistrations) DeepCopyInto(out *ForwardingruleServiceDirectoryRegistrations) { +func (in *HostRule) DeepCopyInto(out *HostRule) { *out = *in - if in.Namespace != nil { - in, out := &in.Namespace, &out.Namespace + if in.Description != nil { + in, out := &in.Description, &out.Description *out = new(string) **out = **in } - if in.Service != nil { - in, out := &in.Service, &out.Service + if in.Hosts != nil { + in, out := &in.Hosts, &out.Hosts + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.PathMatcher != nil { + in, out := &in.PathMatcher, &out.PathMatcher *out = new(string) **out = **in } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ForwardingruleServiceDirectoryRegistrations. -func (in *ForwardingruleServiceDirectoryRegistrations) DeepCopy() *ForwardingruleServiceDirectoryRegistrations { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HostRule. +func (in *HostRule) DeepCopy() *HostRule { if in == nil { return nil } - out := new(ForwardingruleServiceDirectoryRegistrations) + out := new(HostRule) in.DeepCopyInto(out) return out } @@ -1364,6 +2235,31 @@ func (in *InstanceRef) DeepCopy() *InstanceRef { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Int64RangeMatch) DeepCopyInto(out *Int64RangeMatch) { + *out = *in + if in.RangeEnd != nil { + in, out := &in.RangeEnd, &out.RangeEnd + *out = new(int64) + **out = **in + } + if in.RangeStart != nil { + in, out := &in.RangeStart, &out.RangeStart + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Int64RangeMatch. +func (in *Int64RangeMatch) DeepCopy() *Int64RangeMatch { + if in == nil { + return nil + } + out := new(Int64RangeMatch) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IpAddress) DeepCopyInto(out *IpAddress) { *out = *in @@ -1457,6 +2353,110 @@ func (in *NetworkIdentity) DeepCopy() *NetworkIdentity { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PathMatcher) DeepCopyInto(out *PathMatcher) { + *out = *in + if in.DefaultCustomErrorResponsePolicy != nil { + in, out := &in.DefaultCustomErrorResponsePolicy, &out.DefaultCustomErrorResponsePolicy + *out = new(CustomErrorResponsePolicy) + (*in).DeepCopyInto(*out) + } + if in.DefaultRouteAction != nil { + in, out := &in.DefaultRouteAction, &out.DefaultRouteAction + *out = new(HTTPRouteAction) + (*in).DeepCopyInto(*out) + } + if in.DefaultService != nil { + in, out := &in.DefaultService, &out.DefaultService + *out = new(string) + **out = **in + } + if in.DefaultURLRedirect != nil { + in, out := &in.DefaultURLRedirect, &out.DefaultURLRedirect + *out = new(HTTPRedirectAction) + (*in).DeepCopyInto(*out) + } + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.HeaderAction != nil { + in, out := &in.HeaderAction, &out.HeaderAction + *out = new(HTTPHeaderAction) + (*in).DeepCopyInto(*out) + } + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.PathRules != nil { + in, out := &in.PathRules, &out.PathRules + *out = make([]PathRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RouteRules != nil { + in, out := &in.RouteRules, &out.RouteRules + *out = make([]HTTPRouteRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PathMatcher. +func (in *PathMatcher) DeepCopy() *PathMatcher { + if in == nil { + return nil + } + out := new(PathMatcher) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PathRule) DeepCopyInto(out *PathRule) { + *out = *in + if in.CustomErrorResponsePolicy != nil { + in, out := &in.CustomErrorResponsePolicy, &out.CustomErrorResponsePolicy + *out = new(CustomErrorResponsePolicy) + (*in).DeepCopyInto(*out) + } + if in.Paths != nil { + in, out := &in.Paths, &out.Paths + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.RouteAction != nil { + in, out := &in.RouteAction, &out.RouteAction + *out = new(HTTPRouteAction) + (*in).DeepCopyInto(*out) + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } + if in.URLRedirect != nil { + in, out := &in.URLRedirect, &out.URLRedirect + *out = new(HTTPRedirectAction) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PathRule. +func (in *PathRule) DeepCopy() *PathRule { + if in == nil { + return nil + } + out := new(PathRule) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RecaptchaEnterpriseKeyRef) DeepCopyInto(out *RecaptchaEnterpriseKeyRef) { *out = *in @@ -1472,6 +2472,26 @@ func (in *RecaptchaEnterpriseKeyRef) DeepCopy() *RecaptchaEnterpriseKeyRef { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *RequestMirrorPolicy) DeepCopyInto(out *RequestMirrorPolicy) { + *out = *in + if in.BackendService != nil { + in, out := &in.BackendService, &out.BackendService + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RequestMirrorPolicy. +func (in *RequestMirrorPolicy) DeepCopy() *RequestMirrorPolicy { + if in == nil { + return nil + } + out := new(RequestMirrorPolicy) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecurityPolicyAdaptiveProtectionConfig) DeepCopyInto(out *SecurityPolicyAdaptiveProtectionConfig) { *out = *in @@ -2501,3 +3521,140 @@ func (in *TargetTCPProxyRef) DeepCopy() *TargetTCPProxyRef { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *URLMapTest) DeepCopyInto(out *URLMapTest) { + *out = *in + if in.Description != nil { + in, out := &in.Description, &out.Description + *out = new(string) + **out = **in + } + if in.ExpectedOutputURL != nil { + in, out := &in.ExpectedOutputURL, &out.ExpectedOutputURL + *out = new(string) + **out = **in + } + if in.ExpectedRedirectResponseCode != nil { + in, out := &in.ExpectedRedirectResponseCode, &out.ExpectedRedirectResponseCode + *out = new(int32) + **out = **in + } + if in.Headers != nil { + in, out := &in.Headers, &out.Headers + *out = make([]URLMapTestHeader, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Host != nil { + in, out := &in.Host, &out.Host + *out = new(string) + **out = **in + } + if in.Path != nil { + in, out := &in.Path, &out.Path + *out = new(string) + **out = **in + } + if in.Service != nil { + in, out := &in.Service, &out.Service + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLMapTest. +func (in *URLMapTest) DeepCopy() *URLMapTest { + if in == nil { + return nil + } + out := new(URLMapTest) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *URLMapTestHeader) DeepCopyInto(out *URLMapTestHeader) { + *out = *in + if in.Name != nil { + in, out := &in.Name, &out.Name + *out = new(string) + **out = **in + } + if in.Value != nil { + in, out := &in.Value, &out.Value + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLMapTestHeader. +func (in *URLMapTestHeader) DeepCopy() *URLMapTestHeader { + if in == nil { + return nil + } + out := new(URLMapTestHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *URLRewrite) DeepCopyInto(out *URLRewrite) { + *out = *in + if in.HostRewrite != nil { + in, out := &in.HostRewrite, &out.HostRewrite + *out = new(string) + **out = **in + } + if in.PathPrefixRewrite != nil { + in, out := &in.PathPrefixRewrite, &out.PathPrefixRewrite + *out = new(string) + **out = **in + } + if in.PathTemplateRewrite != nil { + in, out := &in.PathTemplateRewrite, &out.PathTemplateRewrite + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new URLRewrite. +func (in *URLRewrite) DeepCopy() *URLRewrite { + if in == nil { + return nil + } + out := new(URLRewrite) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *WeightedBackendService) DeepCopyInto(out *WeightedBackendService) { + *out = *in + if in.BackendService != nil { + in, out := &in.BackendService, &out.BackendService + *out = new(string) + **out = **in + } + if in.HeaderAction != nil { + in, out := &in.HeaderAction, &out.HeaderAction + *out = new(HTTPHeaderAction) + (*in).DeepCopyInto(*out) + } + if in.Weight != nil { + in, out := &in.Weight, &out.Weight + *out = new(uint32) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WeightedBackendService. +func (in *WeightedBackendService) DeepCopy() *WeightedBackendService { + if in == nil { + return nil + } + out := new(WeightedBackendService) + in.DeepCopyInto(out) + return out +} diff --git a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computeurlmaps.compute.cnrm.cloud.google.com.yaml b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computeurlmaps.compute.cnrm.cloud.google.com.yaml index ad44f000af1..06413b1b9cf 100644 --- a/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computeurlmaps.compute.cnrm.cloud.google.com.yaml +++ b/config/crds/resources/apiextensions.k8s.io_v1_customresourcedefinition_computeurlmaps.compute.cnrm.cloud.google.com.yaml @@ -1,3 +1,5 @@ +# Generated by dev/tasks/generate-crds. DO NOT EDIT. + apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -6,7 +8,6 @@ metadata: creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" - cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: computeurlmaps.compute.cnrm.cloud.google.com @@ -16,6 +17,7 @@ spec: categories: - gcp kind: ComputeURLMap + listKind: ComputeURLMapList plural: computeurlmaps shortNames: - gcpcomputeurlmap @@ -43,37 +45,104 @@ spec: name: v1beta1 schema: openAPIV3Schema: + description: ComputeURLMap is the Schema for the ComputeURLMap API properties: apiVersion: - description: 'apiVersion defines the versioned schema of this representation + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'kind is a string value representing the REST resource this + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: ComputeURLMapSpec defines the desired state of ComputeURLMap properties: + defaultCustomErrorResponsePolicy: + description: defaultCustomErrorResponsePolicy specifies how the Load + Balancer returns error responses when BackendServiceor BackendBucket + responds with an error. + properties: + errorResponseRules: + description: Specifies rules for returning error responses. In + a given policy, if you specify rules for both a range of error + codes as well as rules for specific error codes then rules with + specific error codes have a higher priority. For example, assume + that you configure a rule for 401 (Un-authorized) code, and + another for all 4 series error codes (4XX). If the backend service + returns a 401, then the rule for 401 will be applied. However + if the backend service returns a 403, the rule for 4xx takes + effect. + items: + properties: + matchResponseCodes: + description: 'Valid values include: - A number between 400 + and 599: For example 401 or 503, in which case the load + balancer applies the policy if the error code exactly + matches this value. - 5xx: Load Balancer will apply the + policy if the backend service responds with any response + code in the range of 500 to 599. - 4xx: Load Balancer + will apply the policy if the backend service responds + with any response code in the range of 400 to 499. Values + must be unique within matchResponseCodes and across all + errorResponseRules of CustomErrorResponsePolicy.' + items: + type: string + type: array + overrideResponseCode: + description: The HTTP status code returned with the response + containing the custom error content. If overrideResponseCode + is not supplied, the same response code returned by the + original backend bucket or backend service is returned + to the client. + format: int32 + type: integer + path: + description: 'The full path to a file within backendBucket + . For example: /errors/defaultError.html path must start + with a leading slash. path cannot have trailing slashes. + If the file is not available in backendBucket or the load + balancer cannot reach the BackendBucket, a simple Not + Found Error is returned to the client. The value must + be from 1 to 1024 characters' + type: string + type: object + type: array + errorService: + description: 'The full or partial URL to the BackendBucket resource + that contains the custom error content. Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + - compute/v1/projects/project/global/backendBuckets/myBackendBucket + - global/backendBuckets/myBackendBucket If errorService is not + specified at lower levels like pathMatcher, pathRule and routeRule, + an errorService specified at a higher level in the UrlMap will + be used. If UrlMap.defaultCustomErrorResponsePolicy contains + one or more errorResponseRules[], it must specify errorService. + If load balancer cannot reach the backendBucket, a simple Not + Found Error will be returned, with the original response code + (or overrideResponseCode if configured). errorService is not + supported for internal or regional HTTP/HTTPS load balancers.' + type: string + type: object defaultRouteAction: - description: |- - defaultRouteAction takes effect when none of the hostRules match. The load balancer performs advanced routing actions, such as URL rewrites and header transformations, before forwarding the request to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. - Only one of defaultRouteAction or defaultUrlRedirect must be set. - URL maps for Classic external HTTP(S) load balancers only support the urlRewrite action within defaultRouteAction. - defaultRouteAction has no effect when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + description: defaultRouteAction takes effect when none of the hostRules + match. properties: corsPolicy: - description: |- - The specification for allowing client side cross-origin requests. Please see - [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/). + description: The specification for allowing client-side cross-origin + requests. For more information about the W3C recommendation + for cross-origin resource sharing (CORS), see Fetch API Living + Standard. Not supported when the URL map is bound to a target + gRPC proxy. properties: allowCredentials: - description: |- - In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This field translates to the Access-Control-Allow-Credentials header. - Default is false. + description: In response to a preflight request, setting this + to true indicates that the actual request can include user + credentials. This field translates to the Access-Control-Allow-Credentials + header. Default is false. type: boolean allowHeaders: description: Specifies the content for the Access-Control-Allow-Headers @@ -88,24 +157,25 @@ spec: type: string type: array allowOriginRegexes: - description: |- - Specifies the regualar expression patterns that match allowed origins. For regular expression grammar - please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + description: Specifies a regular expression that matches allowed + origins. For more information, see regular expression syntax + . An origin is allowed if it matches either an item in allowOrigins + or an item in allowOriginRegexes. Regular expressions can + only be used when the loadBalancingScheme is set to INTERNAL_SELF_MANAGED. items: type: string type: array allowOrigins: - description: |- - Specifies the list of origins that will be allowed to do CORS requests. - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + description: Specifies the list of origins that is allowed + to do CORS requests. An origin is allowed if it matches + either an item in allowOrigins or an item in allowOriginRegexes. items: type: string type: array disabled: - description: If true, the setting specifies the CORS policy - is disabled. The default value of false, which indicates - that the CORS policy is in effect. + description: If true, disables the CORS policy. The default + value is false, which indicates that the CORS policy is + in effect. type: boolean exposeHeaders: description: Specifies the content for the Access-Control-Expose-Headers @@ -114,32 +184,45 @@ spec: type: string type: array maxAge: - description: |- - Specifies how long results of a preflight request can be cached in seconds. - This translates to the Access-Control-Max-Age header. + description: Specifies how long results of a preflight request + can be cached in seconds. This field translates to the Access-Control-Max-Age + header. + format: int32 type: integer type: object faultInjectionPolicy: - description: |- - The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. - As part of fault injection, when clients send requests to a backend service, delays can be introduced by a load balancer on a percentage of requests before sending those requests to the backend service. - Similarly requests from clients can be aborted by the load balancer for a percentage of requests. - timeout and retryPolicy is ignored by clients that are configured with a faultInjectionPolicy if: 1. The traffic is generated by fault injection AND 2. The fault injection is not a delay fault injection. - Fault injection is not supported with the global external HTTP(S) load balancer (classic). To see which load balancers support fault injection, see Load balancing: [Routing and traffic management features](https://cloud.google.com/load-balancing/docs/features#routing-traffic-management). + description: 'The specification for fault injection introduced + into traffic to test the resiliency of clients to backend service + failure. As part of fault injection, when clients send requests + to a backend service, delays can be introduced by a load balancer + on a percentage of requests before sending those requests to + the backend service. Similarly requests from clients can be + aborted by the load balancer for a percentage of requests. timeout + and retry_policy is ignored by clients that are configured with + a fault_injection_policy if: 1. The traffic is generated by + fault injection AND 2. The fault injection is not a delay fault + injection. Fault injection is not supported with the classic + Application Load Balancer . To see which load balancers support + fault injection, see Load balancing: Routing and traffic management + features.' properties: abort: description: The specification for how client requests are aborted as part of fault injection. properties: httpStatus: - description: |- - The HTTP status code used to abort the request. - The value must be between 200 and 599 inclusive. + description: The HTTP status code used to abort the request. + The value must be from 200 to 599 inclusive. For gRPC + protocol, the gRPC status code is mapped to HTTP status + code according to this mapping table. HTTP status 200 + is mapped to gRPC status UNKNOWN. Injecting an OK status + is currently not supported by Traffic Director. + format: int32 type: integer percentage: - description: |- - The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. + description: The percentage of traffic for connections, + operations, or requests that is aborted as part of fault + injection. The value must be from 0.0 to 100.0 inclusive. type: number type: object delay: @@ -151,63 +234,74 @@ spec: description: Specifies the value of the fixed delay interval. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction of a second + at nanosecond resolution. Durations less than one + second are represented with a 0 `seconds` field + and a positive `nanos` field. Must be from 0 to + 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. - type: string + description: 'Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min * 60 + min/hr * 24 hr/day * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object percentage: - description: |- - The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. + description: The percentage of traffic for connections, + operations, or requests for which a delay is introduced + as part of fault injection. The value must be from 0.0 + to 100.0 inclusive. type: number type: object type: object + maxStreamDuration: + description: Specifies the maximum duration (timeout) for streams + on the selected route. Unlike the timeout field where the timeout + duration starts from the time the request has been fully processed + (known as *end-of-stream*), the duration in this field is computed + from the beginning of the stream until the response has been + processed, including all retries. A stream that does not complete + in this duration is closed. If not specified, this field uses + the maximum maxStreamDuration value among all backend services + associated with the route. This field is only allowed if the + Url map is used with backend services with loadBalancingScheme + set to INTERNAL_SELF_MANAGED. + properties: + nanos: + description: Span of time that's a fraction of a second at + nanosecond resolution. Durations less than one second are + represented with a 0 `seconds` field and a positive `nanos` + field. Must be from 0 to 999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Span of time at a resolution of a second. Must + be from 0 to 315,576,000,000 inclusive. Note: these bounds + are computed from: 60 sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object requestMirrorPolicy: - description: |- - Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. - The load balancer does not wait for responses from the shadow service. Before sending traffic to the shadow service, the host / authority header is suffixed with -shadow. - Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + description: Specifies the policy on how requests intended for + the route's backends are shadowed to a separate mirrored backend + service. The load balancer does not wait for responses from + the shadow service. Before sending traffic to the shadow service, + the host / authority header is suffixed with -shadow. Not supported + when the URL map is bound to a target gRPC proxy that has the + validateForProxyless field set to true. properties: - backendServiceRef: - description: |- - The backend service resource being mirrored to. - The backend service configured for a mirroring policy must reference - backends that are of the same type as the original backend service - matched in the URL map. - Serverless NEG backends are not currently supported as a mirrored - backend service. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of a - `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + backendService: + description: The full or partial URL to the BackendService + resource being mirrored to. The backend service configured + for a mirroring policy must reference backends that are + of the same type as the original backend service matched + in the URL map. Serverless NEG backends are not currently + supported as a mirrored backend service. + type: string type: object retryPolicy: description: Specifies the retry policy associated with this route. @@ -215,124 +309,154 @@ spec: numRetries: description: Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + format: int32 type: integer perTryTimeout: - description: |- - Specifies a non-zero timeout per retry attempt. - - If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - will use the largest timeout among all backend services associated with the route. + description: Specifies a non-zero timeout per retry attempt. + If not specified, will use the timeout set in the HttpRouteAction + field. If timeout in the HttpRouteAction field is not set, + this field uses the largest timeout among all backend services + associated with the route. Not supported when the URL map + is bound to a target gRPC proxy that has the validateForProxyless + field set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction of a second + at nanosecond resolution. Durations less than one second + are represented with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. - type: string + description: 'Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * 60 min/hr * 24 + hr/day * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object retryConditions: - description: |- - Specifies one or more conditions when this retry policy applies. - Valid values are listed below. Only the following codes are supported when the URL map is bound to target gRPC proxy that has validateForProxyless field set to true: cancelled, deadline-exceeded, internal, resource-exhausted, unavailable. - - 5xx : retry is attempted if the instance or endpoint responds with any 5xx response code, or if the instance or endpoint does not respond at all. For example, disconnects, reset, read timeout, connection failure, and refused streams. - - gateway-error : Similar to 5xx, but only applies to response codes 502, 503 or 504. - - connect-failure : a retry is attempted on failures connecting to the instance or endpoint. For example, connection timeouts. - - retriable-4xx : a retry is attempted if the instance or endpoint responds with a 4xx response code. The only error that you can retry is error code 409. - - refused-stream : a retry is attempted if the instance or endpoint resets the stream with a REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - - cancelled : a retry is attempted if the gRPC status code in the response header is set to cancelled. - - deadline-exceeded : a retry is attempted if the gRPC status code in the response header is set to deadline-exceeded. - - internal : a retry is attempted if the gRPC status code in the response header is set to internal. - - resource-exhausted : a retry is attempted if the gRPC status code in the response header is set to resource-exhausted. - - unavailable : a retry is attempted if the gRPC status code in the response header is set to unavailable. + description: 'Specifies one or more conditions when this retry + policy applies. Valid values are: - 5xx: retry is attempted + if the instance or endpoint responds with any 5xx response + code, or if the instance or endpoint does not respond at + all. For example, disconnects, reset, read timeout, connection + failure, and refused streams. - gateway-error: Similar to + 5xx, but only applies to response codes 502, 503 or 504. + - connect-failure: a retry is attempted on failures connecting + to the instance or endpoint. For example, connection timeouts. + - retriable-4xx: a retry is attempted if the instance or + endpoint responds with a 4xx response code. The only error + that you can retry is error code 409. - refused-stream: + a retry is attempted if the instance or endpoint resets + the stream with a REFUSED_STREAM error code. This reset + type indicates that it is safe to retry. - cancelled: a + retry is attempted if the gRPC status code in the response + header is set to cancelled. - deadline-exceeded: a retry + is attempted if the gRPC status code in the response header + is set to deadline-exceeded. - internal: a retry is attempted + if the gRPC status code in the response header is set to + internal. - resource-exhausted: a retry is attempted if + the gRPC status code in the response header is set to resource-exhausted. + - unavailable: a retry is attempted if the gRPC status code + in the response header is set to unavailable. Only the following + codes are supported when the URL map is bound to target + gRPC proxy that has validateForProxyless field set to true. + - cancelled - deadline-exceeded - internal - resource-exhausted + - unavailable' items: type: string type: array type: object timeout: - description: |- - Specifies the timeout for the selected route. Timeout is computed from the time the request has been fully processed (known as end-of-stream) up until the response has been processed. Timeout includes all retries. - If not specified, this field uses the largest timeout among all backend services associated with the route. - Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + description: Specifies the timeout for the selected route. Timeout + is computed from the time the request has been fully processed + (known as *end-of-stream*) up until the response has been processed. + Timeout includes all retries. If not specified, this field uses + the largest timeout among all backend services associated with + the route. Not supported when the URL map is bound to a target + gRPC proxy that has validateForProxyless field set to true. properties: nanos: description: Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos + represented with a 0 `seconds` field and a positive `nanos` field. Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: description: 'Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * - 365.25 days/year * 10000 years.' - type: string + 365.25 days/year * 10000 years' + format: int64 + type: integer type: object urlRewrite: - description: |- - The spec to modify the URL of the request, before forwarding the request to the matched service. - urlRewrite is the only action supported in UrlMaps for external HTTP(S) load balancers. - Not supported when the URL map is bound to a target gRPC proxy that has the validateForProxyless field set to true. + description: The spec to modify the URL of the request, before + forwarding the request to the matched service. urlRewrite is + the only action supported in UrlMaps for classic Application + Load Balancers. Not supported when the URL map is bound to a + target gRPC proxy that has the validateForProxyless field set + to true. properties: hostRewrite: - description: |- - Before forwarding the request to the selected service, the request's host header is replaced with contents of hostRewrite. - The value must be from 1 to 255 characters. + description: Before forwarding the request to the selected + service, the request's host header is replaced with contents + of hostRewrite. The value must be from 1 to 255 characters. type: string pathPrefixRewrite: - description: |- - Before forwarding the request to the selected backend service, the matching portion of the request's path is replaced by pathPrefixRewrite. - The value must be from 1 to 1024 characters. + description: Before forwarding the request to the selected + backend service, the matching portion of the request's path + is replaced by pathPrefixRewrite. The value must be from + 1 to 1024 characters. + type: string + pathTemplateRewrite: + description: If specified, the pattern rewrites the URL path + (based on the :path header) using the HTTP template syntax. + A corresponding path_template_match must be specified. Any + template variables must exist in the path_template_match + field. - -At least one variable must be specified in the + path_template_match field - You can omit variables from + the rewritten URL - The * and ** operators cannot be matched + unless they have a corresponding variable name - e.g. {format=*} + or {var=**}. For example, a path_template_match of /static/{format=**} + could be rewritten as /static/content/{format} to prefix + /content to the URL. Variables can also be re-ordered in + a rewrite, so that /{country}/{format}/{suffix=**} can be + rewritten as /content/{format}/{country}/{suffix}. At least + one non-empty routeRules[].matchRules[].path_template_match + is required. Only one of path_prefix_rewrite or path_template_rewrite + may be specified. type: string type: object weightedBackendServices: - description: |- - A list of weighted backend services to send traffic to when a route match occurs. The weights determine the fraction of traffic that flows to their corresponding backend service. If all traffic needs to go to a single backend service, there must be one weightedBackendService with weight set to a non-zero number. - After a backend service is identified and before forwarding the request to the backend service, advanced routing actions such as URL rewrites and header transformations are applied depending on additional settings specified in this HttpRouteAction. + description: A list of weighted backend services to send traffic + to when a route match occurs. The weights determine the fraction + of traffic that flows to their corresponding backend service. + If all traffic needs to go to a single backend service, there + must be one weightedBackendService with weight set to a non-zero + number. After a backend service is identified and before forwarding + the request to the backend service, advanced routing actions + such as URL rewrites and header transformations are applied + depending on additional settings specified in this HttpRouteAction. items: properties: - backendServiceRef: - description: |- - The default backend service resource. - Before forwarding the request to backendService, the loadbalancer - applies any relevant headerActions specified as part of this - backendServiceWeight. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of - a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + backendService: + description: The full or partial URL to the default BackendService + resource. Before forwarding the request to backendService, + the load balancer applies any relevant headerActions specified + as part of this backendServiceWeight. + type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for the selected backendService. - headerAction specified here take effect before headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. - headerAction is not supported for load balancers that have their loadBalancingScheme set to EXTERNAL. - Not supported when the URL map is bound to a target gRPC proxy that has validateForProxyless field set to true. + description: Specifies changes to request and response headers + that need to take effect for the selected backendService. + headerAction specified here take effect before headerAction + in the enclosing HttpRouteRule, PathMatcher and UrlMap. + headerAction is not supported for load balancers that + have their loadBalancingScheme set to EXTERNAL. Not supported + when the URL map is bound to a target gRPC proxy that + has validateForProxyless field set to true. properties: requestHeadersToAdd: description: Headers to add to a matching request before @@ -346,9 +470,13 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - The default value is false. + description: If false, headerValue is appended + to any values that already exist for the header. + If true, headerValue is set for the header, + discarding any values that were set for that + header. The default value is true, unless a + variable is present in headerValue, in which + case the default value is false. . type: boolean type: object type: array @@ -371,9 +499,13 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the header. If true, headerValue is set for the header, discarding any values that were set for that header. - The default value is false. + description: If false, headerValue is appended + to any values that already exist for the header. + If true, headerValue is set for the header, + discarding any values that were set for that + header. The default value is true, unless a + variable is present in headerValue, in which + case the default value is false. . type: boolean type: object type: array @@ -386,166 +518,84 @@ spec: type: array type: object weight: - description: |- - Specifies the fraction of traffic sent to a backend service, computed as weight / (sum of all weightedBackendService weights in routeAction) . - The selection of a backend service is determined only for new traffic. Once a user's request has been directed to a backend service, subsequent requests are sent to the same backend service as determined by the backend service's session affinity policy. - The value must be from 0 to 1000. + description: Specifies the fraction of traffic sent to a + backend service, computed as weight / (sum of all weightedBackendService + weights in routeAction) . The selection of a backend service + is determined only for new traffic. Once a user's request + has been directed to a backend service, subsequent requests + are sent to the same backend service as determined by + the backend service's session affinity policy. Don't configure + session affinity if you're using weighted traffic splitting. + If you do, the weighted traffic splitting configuration + takes precedence. The value must be from 0 to 1000. + format: int32 type: integer type: object type: array type: object defaultService: - description: |- - The defaultService resource to which traffic is directed if none of - the hostRules match. - For the Global URL Map, it should be a reference to the backend - service or backend bucket. - For the Regional URL Map, it should be a reference to the backend - service. - If defaultRouteAction is additionally specified, advanced routing - actions like URL Rewrites, etc. take effect prior to sending the - request to the backend. However, if defaultService is specified, - defaultRouteAction cannot contain any weightedBackendServices. - Conversely, if routeAction specifies any weightedBackendServices, - service must not be specified. Only one of defaultService, - defaultUrlRedirect or defaultRouteAction.weightedBackendService - must be set. - oneOf: - - required: - - backendBucketRef - - required: - - backendServiceRef - properties: - backendBucketRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of a `ComputeBackendBucket` - resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - backendServiceRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of a `ComputeBackendService` - resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object - defaultUrlRedirect: - description: |- - When none of the specified hostRules match, the request is redirected to a URL specified - by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or - defaultRouteAction must not be set. + description: The full or partial URL to the BackendService resource. + This URL is used if none of the hostRules match. + type: string + defaultURLRedirect: + description: When none of the specified hostRules match, the request + is redirected to a URL specified by defaultUrlRedirect. properties: hostRedirect: - description: |- - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. + description: The host that is used in the redirect response instead + of the one that was supplied in the request. The value must + be from 1 to 255 characters. type: string httpsRedirect: - description: |- - If set to true, the URL scheme in the redirected request is set to https. If set to - false, the URL scheme of the redirected request will remain the same as that of the - request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this - true for TargetHttpsProxy is not permitted. The default is set to false. + description: If set to true, the URL scheme in the redirected + request is set to HTTPS. If set to false, the URL scheme of + the redirected request remains the same as that of the request. + This must only be set for URL maps used in TargetHttpProxys. + Setting this true for TargetHttpsProxy is not permitted. The + default is set to false. type: boolean pathRedirect: - description: |- - The path that will be used in the redirect response instead of the one that was - supplied in the request. pathRedirect cannot be supplied together with - prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the - original request will be used for the redirect. The value must be between 1 and 1024 - characters. + description: The path that is used in the redirect response instead + of the one that was supplied in the request. pathRedirect cannot + be supplied together with prefixRedirect. Supply one alone or + neither. If neither is supplied, the path of the original request + is used for the redirect. The value must be from 1 to 1024 characters. type: string prefixRedirect: - description: |- - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or - neither. If neither is supplied, the path of the original request will be used for - the redirect. The value must be between 1 and 1024 characters. + description: The prefix that replaces the prefixMatch specified + in the HttpRouteRuleMatch, retaining the remaining portion of + the URL before redirecting the request. prefixRedirect cannot + be supplied together with pathRedirect. Supply one alone or + neither. If neither is supplied, the path of the original request + is used for the redirect. The value must be from 1 to 1024 characters. type: string redirectResponseCode: - description: |- - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"]. + description: 'The HTTP Status code to use for this RedirectAction. + Supported values are: - MOVED_PERMANENTLY_DEFAULT, which is + the default value and corresponds to 301. - FOUND, which corresponds + to 302. - SEE_OTHER which corresponds to 303. - TEMPORARY_REDIRECT, + which corresponds to 307. In this case, the request method is + retained. - PERMANENT_REDIRECT, which corresponds to 308. In + this case, the request method is retained. Check the RedirectResponseCode + enum for the list of possible values.' type: string stripQuery: - description: |- - If set to true, any accompanying query portion of the original URL is removed prior - to redirecting the request. If set to false, the query portion of the original URL is - retained. - This field is required to ensure an empty block is not set. The normal default value is false. + description: If set to true, any accompanying query portion of + the original URL is removed before redirecting the request. + If set to false, the query portion of the original URL is retained. + The default is set to false. type: boolean - required: - - stripQuery type: object description: - description: |- - An optional description of this resource. Provide this property when - you create the resource. + description: An optional description of this resource. type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for - the selected backendService. The headerAction specified here take effect after - headerAction specified under pathMatcher. + description: Specifies changes to request and response headers that + need to take effect for the selected backend service. properties: requestHeadersToAdd: - description: |- - Headers to add to a matching request prior to forwarding the request to the - backendService. + description: Headers to add to a matching request before forwarding + the request to the backendService. items: properties: headerName: @@ -555,27 +605,25 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue is appended to any values + that already exist for the header. If true, headerValue + is set for the header, discarding any values that were + set for that header. The default value is true, unless + a variable is present in headerValue, in which case the + default value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array requestHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. + description: A list of header names for headers that need to be + removed from the request before forwarding the request to the + backendService. items: type: string type: array responseHeadersToAdd: - description: Headers to add the response prior to sending the - response back to the client. + description: Headers to add the response before sending the response + back to the client. items: properties: headerName: @@ -585,80 +633,171 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue is appended to any values + that already exist for the header. If true, headerValue + is set for the header, discarding any values that were + set for that header. The default value is true, unless + a variable is present in headerValue, in which case the + default value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array responseHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. + description: A list of header names for headers that need to be + removed from the response before sending the response back to + the client. items: type: string type: array type: object - hostRule: + hostRules: description: The list of HostRules to use against the URL. items: properties: description: - description: |- - An optional description of this HostRule. Provide this property - when you create the resource. + description: An optional description of this resource. Provide + this property when you create the resource. type: string hosts: - description: |- - The list of host patterns to match. They must be valid - hostnames, except * will match any string of ([a-z0-9-.]*). In - that case, * must be the first character and must be followed in - the pattern by either - or .. + description: The list of host patterns to match. They must be + valid hostnames with optional port numbers in the format host:port. + * matches any string of ([a-z0-9-.]*). In that case, * must + be the first character, and if followed by anything, the immediate + following character must be either - or .. * based matching + is not supported when the URL map is bound to a target gRPC + proxy that has the validateForProxyless field set to true. items: type: string type: array pathMatcher: - description: |- - The name of the PathMatcher to use to match the path portion of - the URL if the hostRule matches the URL's host portion. + description: The name of the PathMatcher to use to match the + path portion of the URL if the hostRule matches the URL's + host portion. type: string - required: - - hosts - - pathMatcher type: object type: array location: - description: 'Location represents the geographical location of the - ComputeURLMap. Specify a region name or "global" for global resources. - Reference: GCP definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)' + description: The location of this resource. type: string - pathMatcher: + pathMatchers: description: The list of named PathMatchers to use against the URL. items: properties: + defaultCustomErrorResponsePolicy: + description: 'defaultCustomErrorResponsePolicy specifies how + the Load Balancer returns error responses when BackendServiceor + BackendBucket responds with an error. This policy takes effect + at the PathMatcher level and applies only when no policy has + been defined for the error code at lower levels like RouteRule + and PathRule within this PathMatcher. If an error code does + not have a policy defined in defaultCustomErrorResponsePolicy, + then a policy defined for the error code in UrlMap.defaultCustomErrorResponsePolicy + takes effect. For example, consider a UrlMap with the following + configuration: - UrlMap.defaultCustomErrorResponsePolicy is + configured with policies for 5xx and 4xx errors - A RouteRule + for /coming_soon/ is configured for the error code 404. If + the request is for www.myotherdomain.com and a 404 is encountered, + the policy under UrlMap.defaultCustomErrorResponsePolicy takes + effect. If a 404 response is encountered for the request www.example.com/current_events/, + the pathMatcher''s policy takes effect. If however, the request + for www.example.com/coming_soon/ encounters a 404, the policy + in RouteRule.customErrorResponsePolicy takes effect. If any + of the requests in this example encounter a 500 error code, + the policy at UrlMap.defaultCustomErrorResponsePolicy takes + effect. When used in conjunction with pathMatcher.defaultRouteAction.retryPolicy, + retries take precedence. Only once all retries are exhausted, + the defaultCustomErrorResponsePolicy is applied. While attempting + a retry, if load balancer is successful in reaching the service, + the defaultCustomErrorResponsePolicy is ignored and the response + from the service is returned to the client. defaultCustomErrorResponsePolicy + is supported only for global external Application Load Balancers.' + properties: + errorResponseRules: + description: Specifies rules for returning error responses. + In a given policy, if you specify rules for both a range + of error codes as well as rules for specific error codes + then rules with specific error codes have a higher priority. + For example, assume that you configure a rule for 401 + (Un-authorized) code, and another for all 4 series error + codes (4XX). If the backend service returns a 401, then + the rule for 401 will be applied. However if the backend + service returns a 403, the rule for 4xx takes effect. + items: + properties: + matchResponseCodes: + description: 'Valid values include: - A number between + 400 and 599: For example 401 or 503, in which case + the load balancer applies the policy if the error + code exactly matches this value. - 5xx: Load Balancer + will apply the policy if the backend service responds + with any response code in the range of 500 to 599. + - 4xx: Load Balancer will apply the policy if the + backend service responds with any response code + in the range of 400 to 499. Values must be unique + within matchResponseCodes and across all errorResponseRules + of CustomErrorResponsePolicy.' + items: + type: string + type: array + overrideResponseCode: + description: The HTTP status code returned with the + response containing the custom error content. If + overrideResponseCode is not supplied, the same response + code returned by the original backend bucket or + backend service is returned to the client. + format: int32 + type: integer + path: + description: 'The full path to a file within backendBucket + . For example: /errors/defaultError.html path must + start with a leading slash. path cannot have trailing + slashes. If the file is not available in backendBucket + or the load balancer cannot reach the BackendBucket, + a simple Not Found Error is returned to the client. + The value must be from 1 to 1024 characters' + type: string + type: object + type: array + errorService: + description: 'The full or partial URL to the BackendBucket + resource that contains the custom error content. Examples + are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + - compute/v1/projects/project/global/backendBuckets/myBackendBucket + - global/backendBuckets/myBackendBucket If errorService + is not specified at lower levels like pathMatcher, pathRule + and routeRule, an errorService specified at a higher level + in the UrlMap will be used. If UrlMap.defaultCustomErrorResponsePolicy + contains one or more errorResponseRules[], it must specify + errorService. If load balancer cannot reach the backendBucket, + a simple Not Found Error will be returned, with the original + response code (or overrideResponseCode if configured). + errorService is not supported for internal or regional + HTTP/HTTPS load balancers.' + type: string + type: object defaultRouteAction: - description: |- - defaultRouteAction takes effect when none of the pathRules or routeRules match. The load balancer performs - advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request - to the selected backend. If defaultRouteAction specifies any weightedBackendServices, defaultService must not be set. - Conversely if defaultService is set, defaultRouteAction cannot contain any weightedBackendServices. - - Only one of defaultRouteAction or defaultUrlRedirect must be set. + description: defaultRouteAction takes effect when none of the + pathRules or routeRules match. The load balancer performs + advanced routing actions, such as URL rewrites and header + transformations, before forwarding the request to the selected + backend. Only one of defaultUrlRedirect, defaultService or + defaultRouteAction.weightedBackendService can be set. URL + maps for classic Application Load Balancers only support the + urlRewrite action within a path matcher's defaultRouteAction. properties: corsPolicy: - description: |- - The specification for allowing client side cross-origin requests. Please see - [W3C Recommendation for Cross Origin Resource Sharing](https://www.w3.org/TR/cors/). + description: The specification for allowing client-side + cross-origin requests. For more information about the + W3C recommendation for cross-origin resource sharing (CORS), + see Fetch API Living Standard. Not supported when the + URL map is bound to a target gRPC proxy. properties: allowCredentials: - description: |- - In response to a preflight request, setting this to true indicates that the actual request can include user credentials. - This translates to the Access-Control-Allow-Credentials header. + description: In response to a preflight request, setting + this to true indicates that the actual request can + include user credentials. This field translates to + the Access-Control-Allow-Credentials header. Default + is false. type: boolean allowHeaders: description: Specifies the content for the Access-Control-Allow-Headers @@ -673,24 +812,26 @@ spec: type: string type: array allowOriginRegexes: - description: |- - Specifies the regular expression patterns that match allowed origins. For regular expression grammar - please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + description: Specifies a regular expression that matches + allowed origins. For more information, see regular + expression syntax . An origin is allowed if it matches + either an item in allowOrigins or an item in allowOriginRegexes. + Regular expressions can only be used when the loadBalancingScheme + is set to INTERNAL_SELF_MANAGED. items: type: string type: array allowOrigins: - description: |- - Specifies the list of origins that will be allowed to do CORS requests. - An origin is allowed if it matches either an item in allowOrigins or an item in allowOriginRegexes. + description: Specifies the list of origins that is allowed + to do CORS requests. An origin is allowed if it matches + either an item in allowOrigins or an item in allowOriginRegexes. items: type: string type: array disabled: - description: If true, specifies the CORS policy is disabled. - The default value is false, which indicates that the - CORS policy is in effect. + description: If true, disables the CORS policy. The + default value is false, which indicates that the CORS + policy is in effect. type: boolean exposeHeaders: description: Specifies the content for the Access-Control-Expose-Headers @@ -699,33 +840,48 @@ spec: type: string type: array maxAge: - description: |- - Specifies how long results of a preflight request can be cached in seconds. - This translates to the Access-Control-Max-Age header. + description: Specifies how long results of a preflight + request can be cached in seconds. This field translates + to the Access-Control-Max-Age header. + format: int32 type: integer type: object faultInjectionPolicy: - description: |- - The specification for fault injection introduced into traffic to test the resiliency of clients to backend service failure. - As part of fault injection, when clients send requests to a backend service, delays can be introduced by Loadbalancer on a - percentage of requests before sending those request to the backend service. Similarly requests from clients can be aborted - by the Loadbalancer for a percentage of requests. - - timeout and retryPolicy will be ignored by clients that are configured with a faultInjectionPolicy. + description: 'The specification for fault injection introduced + into traffic to test the resiliency of clients to backend + service failure. As part of fault injection, when clients + send requests to a backend service, delays can be introduced + by a load balancer on a percentage of requests before + sending those requests to the backend service. Similarly + requests from clients can be aborted by the load balancer + for a percentage of requests. timeout and retry_policy + is ignored by clients that are configured with a fault_injection_policy + if: 1. The traffic is generated by fault injection AND + 2. The fault injection is not a delay fault injection. + Fault injection is not supported with the classic Application + Load Balancer . To see which load balancers support fault + injection, see Load balancing: Routing and traffic management + features.' properties: abort: description: The specification for how client requests are aborted as part of fault injection. properties: httpStatus: - description: |- - The HTTP status code used to abort the request. - The value must be between 200 and 599 inclusive. + description: The HTTP status code used to abort + the request. The value must be from 200 to 599 + inclusive. For gRPC protocol, the gRPC status + code is mapped to HTTP status code according to + this mapping table. HTTP status 200 is mapped + to gRPC status UNKNOWN. Injecting an OK status + is currently not supported by Traffic Director. + format: int32 type: integer percentage: - description: |- - The percentage of traffic (connections/operations/requests) which will be aborted as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. + description: The percentage of traffic for connections, + operations, or requests that is aborted as part + of fault injection. The value must be from 0.0 + to 100.0 inclusive. type: number type: object delay: @@ -738,61 +894,78 @@ spec: interval. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction + of a second at nanosecond resolution. Durations + less than one second are represented with + a 0 `seconds` field and a positive `nanos` + field. Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. - type: string + description: 'Span of time at a resolution of + a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer type: object percentage: - description: |- - The percentage of traffic (connections/operations/requests) on which delay will be introduced as part of fault injection. - The value must be between 0.0 and 100.0 inclusive. + description: The percentage of traffic for connections, + operations, or requests for which a delay is introduced + as part of fault injection. The value must be + from 0.0 to 100.0 inclusive. type: number type: object type: object + maxStreamDuration: + description: Specifies the maximum duration (timeout) for + streams on the selected route. Unlike the timeout field + where the timeout duration starts from the time the request + has been fully processed (known as *end-of-stream*), the + duration in this field is computed from the beginning + of the stream until the response has been processed, including + all retries. A stream that does not complete in this duration + is closed. If not specified, this field uses the maximum + maxStreamDuration value among all backend services associated + with the route. This field is only allowed if the Url + map is used with backend services with loadBalancingScheme + set to INTERNAL_SELF_MANAGED. + properties: + nanos: + description: Span of time that's a fraction of a second + at nanosecond resolution. Durations less than one + second are represented with a 0 `seconds` field and + a positive `nanos` field. Must be from 0 to 999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min * 60 min/hr + * 24 hr/day * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object requestMirrorPolicy: - description: |- - Specifies the policy on how requests intended for the route's backends are shadowed to a separate mirrored backend service. - Loadbalancer does not wait for responses from the shadow service. Prior to sending traffic to the shadow service, - the host / authority header is suffixed with -shadow. + description: Specifies the policy on how requests intended + for the route's backends are shadowed to a separate mirrored + backend service. The load balancer does not wait for responses + from the shadow service. Before sending traffic to the + shadow service, the host / authority header is suffixed + with -shadow. Not supported when the URL map is bound + to a target gRPC proxy that has the validateForProxyless + field set to true. properties: - backendServiceRef: - description: Required. The backend service resource - being mirrored to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field - of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - required: - - backendServiceRef + backendService: + description: The full or partial URL to the BackendService + resource being mirrored to. The backend service configured + for a mirroring policy must reference backends that + are of the same type as the original backend service + matched in the URL map. Serverless NEG backends are + not currently supported as a mirrored backend service. + type: string type: object retryPolicy: description: Specifies the retry policy associated with @@ -802,349 +975,336 @@ spec: description: Specifies the allowed number retries. This number must be > 0. If not specified, defaults to 1. + format: int32 type: integer perTryTimeout: - description: |- - Specifies a non-zero timeout per retry attempt. - - If not specified, will use the timeout set in HttpRouteAction. If timeout in HttpRouteAction is not set, - will use the largest timeout among all backend services associated with the route. + description: Specifies a non-zero timeout per retry + attempt. If not specified, will use the timeout set + in the HttpRouteAction field. If timeout in the HttpRouteAction + field is not set, this field uses the largest timeout + among all backend services associated with the route. + Not supported when the URL map is bound to a target + gRPC proxy that has the validateForProxyless field + set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are - represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction of a + second at nanosecond resolution. Durations less + than one second are represented with a 0 `seconds` + field and a positive `nanos` field. Must be from + 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. - type: string + description: 'Span of time at a resolution of a + second. Must be from 0 to 315,576,000,000 inclusive. + Note: these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 + years' + format: int64 + type: integer type: object retryConditions: - description: |- - Specfies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with any 5xx response code, - or if the backend service does not respond at all, example: disconnects, reset, read timeout, - * connection failure, and refused streams. - * gateway-error: Similar to 5xx, but only applies to response codes 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures connecting to backend services, - for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream:Loadbalancer will retry if the backend service resets the stream with a REFUSED_STREAM error code. - This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response header is set to resource-exhausted - * unavailable: Loadbalancer will retry if the gRPC status code in the response header is set to unavailable. + description: 'Specifies one or more conditions when + this retry policy applies. Valid values are: - 5xx: + retry is attempted if the instance or endpoint responds + with any 5xx response code, or if the instance or + endpoint does not respond at all. For example, disconnects, + reset, read timeout, connection failure, and refused + streams. - gateway-error: Similar to 5xx, but only + applies to response codes 502, 503 or 504. - connect-failure: + a retry is attempted on failures connecting to the + instance or endpoint. For example, connection timeouts. + - retriable-4xx: a retry is attempted if the instance + or endpoint responds with a 4xx response code. The + only error that you can retry is error code 409. - + refused-stream: a retry is attempted if the instance + or endpoint resets the stream with a REFUSED_STREAM + error code. This reset type indicates that it is safe + to retry. - cancelled: a retry is attempted if the + gRPC status code in the response header is set to + cancelled. - deadline-exceeded: a retry is attempted + if the gRPC status code in the response header is + set to deadline-exceeded. - internal: a retry is attempted + if the gRPC status code in the response header is + set to internal. - resource-exhausted: a retry is + attempted if the gRPC status code in the response + header is set to resource-exhausted. - unavailable: + a retry is attempted if the gRPC status code in the + response header is set to unavailable. Only the following + codes are supported when the URL map is bound to target + gRPC proxy that has validateForProxyless field set + to true. - cancelled - deadline-exceeded - internal + - resource-exhausted - unavailable' items: type: string type: array type: object timeout: - description: |- - Specifies the timeout for the selected route. Timeout is computed from the time the request has been - fully processed (i.e. end-of-stream) up until the response has been completely processed. Timeout includes all retries. - - If not specified, will use the largest timeout among all backend services associated with the route. + description: Specifies the timeout for the selected route. + Timeout is computed from the time the request has been + fully processed (known as *end-of-stream*) up until the + response has been processed. Timeout includes all retries. + If not specified, this field uses the largest timeout + among all backend services associated with the route. + Not supported when the URL map is bound to a target gRPC + proxy that has validateForProxyless field set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented - with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction of a second + at nanosecond resolution. Durations less than one + second are represented with a 0 `seconds` field and + a positive `nanos` field. Must be from 0 to 999,999,999 + inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. - Note: these bounds are computed from: 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years. - type: string + description: 'Span of time at a resolution of a second. + Must be from 0 to 315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min * 60 min/hr + * 24 hr/day * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object urlRewrite: description: The spec to modify the URL of the request, - prior to forwarding the request to the matched service. + before forwarding the request to the matched service. + urlRewrite is the only action supported in UrlMaps for + classic Application Load Balancers. Not supported when + the URL map is bound to a target gRPC proxy that has the + validateForProxyless field set to true. properties: hostRewrite: - description: |- - Prior to forwarding the request to the selected service, the request's host header is replaced - with contents of hostRewrite. - - The value must be between 1 and 255 characters. + description: Before forwarding the request to the selected + service, the request's host header is replaced with + contents of hostRewrite. The value must be from 1 + to 255 characters. type: string pathPrefixRewrite: - description: |- - Prior to forwarding the request to the selected backend service, the matching portion of the - request's path is replaced by pathPrefixRewrite. - - The value must be between 1 and 1024 characters. + description: Before forwarding the request to the selected + backend service, the matching portion of the request's + path is replaced by pathPrefixRewrite. The value must + be from 1 to 1024 characters. + type: string + pathTemplateRewrite: + description: If specified, the pattern rewrites the + URL path (based on the :path header) using the HTTP + template syntax. A corresponding path_template_match + must be specified. Any template variables must exist + in the path_template_match field. - -At least one + variable must be specified in the path_template_match + field - You can omit variables from the rewritten + URL - The * and ** operators cannot be matched unless + they have a corresponding variable name - e.g. {format=*} + or {var=**}. For example, a path_template_match of + /static/{format=**} could be rewritten as /static/content/{format} + to prefix /content to the URL. Variables can also + be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} + can be rewritten as /content/{format}/{country}/{suffix}. + At least one non-empty routeRules[].matchRules[].path_template_match + is required. Only one of path_prefix_rewrite or path_template_rewrite + may be specified. type: string type: object weightedBackendServices: - description: |- - A list of weighted backend services to send traffic to when a route match occurs. - The weights determine the fraction of traffic that flows to their corresponding backend service. - If all traffic needs to go to a single backend service, there must be one weightedBackendService - with weight set to a non 0 number. - - Once a backendService is identified and before forwarding the request to the backend service, - advanced routing actions like Url rewrites and header transformations are applied depending on - additional settings specified in this HttpRouteAction. + description: A list of weighted backend services to send + traffic to when a route match occurs. The weights determine + the fraction of traffic that flows to their corresponding + backend service. If all traffic needs to go to a single + backend service, there must be one weightedBackendService + with weight set to a non-zero number. After a backend + service is identified and before forwarding the request + to the backend service, advanced routing actions such + as URL rewrites and header transformations are applied + depending on additional settings specified in this HttpRouteAction. items: properties: - backendServiceRef: - description: |- - The default backend service resource. - Before forwarding the request to backendService, the loadbalancer - applies any relevant headerActions specified as part of this + backendService: + description: The full or partial URL to the default + BackendService resource. Before forwarding the request + to backendService, the load balancer applies any + relevant headerActions specified as part of this backendServiceWeight. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field - of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for - the selected backendService. - - headerAction specified here take effect before headerAction in the enclosing - HttpRouteRule, PathMatcher and UrlMap. + description: Specifies changes to request and response + headers that need to take effect for the selected + backendService. headerAction specified here take + effect before headerAction in the enclosing HttpRouteRule, + PathMatcher and UrlMap. headerAction is not supported + for load balancers that have their loadBalancingScheme + set to EXTERNAL. Not supported when the URL map + is bound to a target gRPC proxy that has validateForProxyless + field set to true. properties: requestHeadersToAdd: description: Headers to add to a matching request - prior to forwarding the request to the backendService. + before forwarding the request to the backendService. items: properties: headerName: - description: The name of the header to add. + description: The name of the header. type: string headerValue: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. + description: If false, headerValue is appended + to any values that already exist for the + header. If true, headerValue is set for + the header, discarding any values that + were set for that header. The default + value is true, unless a variable is present + in headerValue, in which case the default + value is false. . type: boolean type: object type: array requestHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the request prior to + description: A list of header names for headers + that need to be removed from the request before forwarding the request to the backendService. items: type: string type: array responseHeadersToAdd: - description: Headers to add the response prior - to sending the response back to the client. + description: Headers to add the response before + sending the response back to the client. items: properties: headerName: - description: The name of the header to add. + description: The name of the header. type: string headerValue: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the header. - If true, headerValue is set for the header, discarding any values that were set for that header. + description: If false, headerValue is appended + to any values that already exist for the + header. If true, headerValue is set for + the header, discarding any values that + were set for that header. The default + value is true, unless a variable is present + in headerValue, in which case the default + value is false. . type: boolean type: object type: array responseHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the response prior to sending the - response back to the client. + description: A list of header names for headers + that need to be removed from the response before + sending the response back to the client. items: type: string type: array type: object weight: - description: |- - Specifies the fraction of traffic sent to backendService, computed as - weight / (sum of all weightedBackendService weights in routeAction) . - - The selection of a backend service is determined only for new traffic. Once a user's request - has been directed to a backendService, subsequent requests will be sent to the same backendService - as determined by the BackendService's session affinity policy. - - The value must be between 0 and 1000. + description: Specifies the fraction of traffic sent + to a backend service, computed as weight / (sum + of all weightedBackendService weights in routeAction) + . The selection of a backend service is determined + only for new traffic. Once a user's request has + been directed to a backend service, subsequent requests + are sent to the same backend service as determined + by the backend service's session affinity policy. + Don't configure session affinity if you're using + weighted traffic splitting. If you do, the weighted + traffic splitting configuration takes precedence. + The value must be from 0 to 1000. + format: int32 type: integer type: object type: array type: object defaultService: - description: |- - The default service to use if none of the pathRules defined by this - PathMatcher is matched by the URL's path portion. - For the Global URL Map, it should be a reference to the backend - service or backend bucket. - For the Regional URL Map, it should be a reference to the backend - service. - oneOf: - - required: - - backendBucketRef - - required: - - backendServiceRef - properties: - backendBucketRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of - a `ComputeBackendBucket` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - backendServiceRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of - a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object - defaultUrlRedirect: - description: |- - When none of the specified hostRules match, the request is redirected to a URL specified - by defaultUrlRedirect. If defaultUrlRedirect is specified, defaultService or - defaultRouteAction must not be set. + description: 'The full or partial URL to the BackendService + resource. This URL is used if none of the pathRules or routeRules + defined by this PathMatcher are matched. For example, the + following are all valid URLs to a BackendService resource: + - https://www.googleapis.com/compute/v1/projects/project /global/backendServices/backendService + - compute/v1/projects/project/global/backendServices/backendService + - global/backendServices/backendService If defaultRouteAction + is also specified, advanced routing actions, such as URL rewrites, + take effect before sending the request to the backend. Only + one of defaultUrlRedirect, defaultService or defaultRouteAction.weightedBackendService + can be set. Authorization requires one or more of the following + Google IAM permissions on the specified resource default_service: + - compute.backendBuckets.use - compute.backendServices.use' + type: string + defaultURLRedirect: + description: When none of the specified pathRules or routeRules + match, the request is redirected to a URL specified by defaultUrlRedirect. + Only one of defaultUrlRedirect, defaultService or defaultRouteAction.weightedBackendService + can be set. Not supported when the URL map is bound to a target + gRPC proxy. properties: hostRedirect: - description: |- - The host that will be used in the redirect response instead of the one that was - supplied in the request. The value must be between 1 and 255 characters. + description: The host that is used in the redirect response + instead of the one that was supplied in the request. The + value must be from 1 to 255 characters. type: string httpsRedirect: - description: |- - If set to true, the URL scheme in the redirected request is set to https. If set to - false, the URL scheme of the redirected request will remain the same as that of the - request. This must only be set for UrlMaps used in TargetHttpProxys. Setting this - true for TargetHttpsProxy is not permitted. The default is set to false. + description: If set to true, the URL scheme in the redirected + request is set to HTTPS. If set to false, the URL scheme + of the redirected request remains the same as that of + the request. This must only be set for URL maps used in + TargetHttpProxys. Setting this true for TargetHttpsProxy + is not permitted. The default is set to false. type: boolean pathRedirect: - description: |- - The path that will be used in the redirect response instead of the one that was - supplied in the request. pathRedirect cannot be supplied together with - prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the - original request will be used for the redirect. The value must be between 1 and 1024 - characters. + description: The path that is used in the redirect response + instead of the one that was supplied in the request. pathRedirect + cannot be supplied together with prefixRedirect. Supply + one alone or neither. If neither is supplied, the path + of the original request is used for the redirect. The + value must be from 1 to 1024 characters. type: string prefixRedirect: - description: |- - The prefix that replaces the prefixMatch specified in the HttpRouteRuleMatch, - retaining the remaining portion of the URL before redirecting the request. - prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or - neither. If neither is supplied, the path of the original request will be used for - the redirect. The value must be between 1 and 1024 characters. + description: The prefix that replaces the prefixMatch specified + in the HttpRouteRuleMatch, retaining the remaining portion + of the URL before redirecting the request. prefixRedirect + cannot be supplied together with pathRedirect. Supply + one alone or neither. If neither is supplied, the path + of the original request is used for the redirect. The + value must be from 1 to 1024 characters. type: string redirectResponseCode: - description: |- - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"]. + description: 'The HTTP Status code to use for this RedirectAction. + Supported values are: - MOVED_PERMANENTLY_DEFAULT, which + is the default value and corresponds to 301. - FOUND, + which corresponds to 302. - SEE_OTHER which corresponds + to 303. - TEMPORARY_REDIRECT, which corresponds to 307. + In this case, the request method is retained. - PERMANENT_REDIRECT, + which corresponds to 308. In this case, the request method + is retained. Check the RedirectResponseCode enum for the + list of possible values.' type: string stripQuery: - description: |- - If set to true, any accompanying query portion of the original URL is removed prior - to redirecting the request. If set to false, the query portion of the original URL is - retained. - This field is required to ensure an empty block is not set. The normal default value is false. + description: If set to true, any accompanying query portion + of the original URL is removed before redirecting the + request. If set to false, the query portion of the original + URL is retained. The default is set to false. type: boolean - required: - - stripQuery type: object description: - description: An optional description of this resource. + description: An optional description of this resource. Provide + this property when you create the resource. type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for - the selected backendService. HeaderAction specified here are applied after the - matching HttpRouteRule HeaderAction and before the HeaderAction in the UrlMap. + description: Specifies changes to request and response headers + that need to take effect for the selected backend service. + HeaderAction specified here are applied after the matching + HttpRouteRule HeaderAction and before the HeaderAction in + the UrlMap HeaderAction is not supported for load balancers + that have their loadBalancingScheme set to EXTERNAL. Not supported + when the URL map is bound to a target gRPC proxy that has + validateForProxyless field set to true. properties: requestHeadersToAdd: - description: |- - Headers to add to a matching request prior to forwarding the request to the - backendService. + description: Headers to add to a matching request before + forwarding the request to the backendService. items: properties: headerName: @@ -1154,26 +1314,24 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue is appended to + any values that already exist for the header. If + true, headerValue is set for the header, discarding + any values that were set for that header. The default + value is true, unless a variable is present in headerValue, + in which case the default value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array requestHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. + description: A list of header names for headers that need + to be removed from the request before forwarding the request + to the backendService. items: type: string type: array responseHeadersToAdd: - description: Headers to add the response prior to sending + description: Headers to add the response before sending the response back to the client. items: properties: @@ -1184,21 +1342,19 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue is appended to + any values that already exist for the header. If + true, headerValue is set for the header, discarding + any values that were set for that header. The default + value is true, unless a variable is present in headerValue, + in which case the default value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array responseHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. + description: A list of header names for headers that need + to be removed from the response before sending the response + back to the client. items: type: string type: array @@ -1207,44 +1363,141 @@ spec: description: The name to which this PathMatcher is referred by the HostRule. type: string - pathRule: - description: |- - The list of path rules. Use this list instead of routeRules when routing based - on simple path matching is all that's required. The order by which path rules - are specified does not matter. Matches are always done on the longest-path-first - basis. For example: a pathRule with a path /a/b/c/* will match before /a/b/* - irrespective of the order in which those paths appear in this list. Within a - given pathMatcher, only one of pathRules or routeRules must be set. + pathRules: + description: 'The list of path rules. Use this list instead + of routeRules when routing based on simple path matching is + all that''s required. The order by which path rules are specified + does not matter. Matches are always done on the longest-path-first + basis. For example: a pathRule with a path /a/b/c/* will match + before /a/b/* irrespective of the order in which those paths + appear in this list. Within a given pathMatcher, only one + of pathRules or routeRules must be set.' items: properties: + customErrorResponsePolicy: + description: 'customErrorResponsePolicy specifies how + the Load Balancer returns error responses when BackendServiceor + BackendBucket responds with an error. If a policy for + an error code is not configured for the PathRule, a + policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy + is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, + the policy configured in UrlMap.defaultCustomErrorResponsePolicy + takes effect. For example, consider a UrlMap with the + following configuration: - UrlMap.defaultCustomErrorResponsePolicy + are configured with policies for 5xx and 4xx errors + - A PathRule for /coming_soon/ is configured for the + error code 404. If the request is for www.myotherdomain.com + and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy + takes effect. If a 404 response is encountered for the + request www.example.com/current_events/, the pathMatcher''s + policy takes effect. If however, the request for www.example.com/coming_soon/ + encounters a 404, the policy in PathRule.customErrorResponsePolicy + takes effect. If any of the requests in this example + encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy + takes effect. customErrorResponsePolicy is supported + only for global external Application Load Balancers.' + properties: + errorResponseRules: + description: Specifies rules for returning error responses. + In a given policy, if you specify rules for both + a range of error codes as well as rules for specific + error codes then rules with specific error codes + have a higher priority. For example, assume that + you configure a rule for 401 (Un-authorized) code, + and another for all 4 series error codes (4XX). + If the backend service returns a 401, then the rule + for 401 will be applied. However if the backend + service returns a 403, the rule for 4xx takes effect. + items: + properties: + matchResponseCodes: + description: 'Valid values include: - A number + between 400 and 599: For example 401 or 503, + in which case the load balancer applies the + policy if the error code exactly matches this + value. - 5xx: Load Balancer will apply the + policy if the backend service responds with + any response code in the range of 500 to 599. + - 4xx: Load Balancer will apply the policy + if the backend service responds with any response + code in the range of 400 to 499. Values must + be unique within matchResponseCodes and across + all errorResponseRules of CustomErrorResponsePolicy.' + items: + type: string + type: array + overrideResponseCode: + description: The HTTP status code returned with + the response containing the custom error content. + If overrideResponseCode is not supplied, the + same response code returned by the original + backend bucket or backend service is returned + to the client. + format: int32 + type: integer + path: + description: 'The full path to a file within + backendBucket . For example: /errors/defaultError.html + path must start with a leading slash. path + cannot have trailing slashes. If the file + is not available in backendBucket or the load + balancer cannot reach the BackendBucket, a + simple Not Found Error is returned to the + client. The value must be from 1 to 1024 characters' + type: string + type: object + type: array + errorService: + description: 'The full or partial URL to the BackendBucket + resource that contains the custom error content. + Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + - compute/v1/projects/project/global/backendBuckets/myBackendBucket + - global/backendBuckets/myBackendBucket If errorService + is not specified at lower levels like pathMatcher, + pathRule and routeRule, an errorService specified + at a higher level in the UrlMap will be used. If + UrlMap.defaultCustomErrorResponsePolicy contains + one or more errorResponseRules[], it must specify + errorService. If load balancer cannot reach the + backendBucket, a simple Not Found Error will be + returned, with the original response code (or overrideResponseCode + if configured). errorService is not supported for + internal or regional HTTP/HTTPS load balancers.' + type: string + type: object paths: - description: |- - The list of path patterns to match. Each must start with / and the only place a - \* is allowed is at the end following a /. The string fed to the path matcher - does not include any text after the first ? or #, and those chars are not - allowed here. + description: 'The list of path patterns to match. Each + must start with / and the only place a * is allowed + is at the end following a /. The string fed to the path + matcher does not include any text after the first ? + or #, and those chars are not allowed here.' items: type: string type: array routeAction: - description: |- - In response to a matching path, the load balancer performs advanced routing - actions like URL rewrites, header transformations, etc. prior to forwarding the - request to the selected backend. If routeAction specifies any - weightedBackendServices, service must not be set. Conversely if service is set, - routeAction cannot contain any weightedBackendServices. Only one of routeAction - or urlRedirect must be set. + description: In response to a matching path, the load + balancer performs advanced routing actions, such as + URL rewrites and header transformations, before forwarding + the request to the selected backend. Only one of urlRedirect, + service or routeAction.weightedBackendService can be + set. URL maps for classic Application Load Balancers + only support the urlRewrite action within a path rule's + routeAction. properties: corsPolicy: - description: |- - The specification for allowing client side cross-origin requests. Please see W3C - Recommendation for Cross Origin Resource Sharing. + description: The specification for allowing client-side + cross-origin requests. For more information about + the W3C recommendation for cross-origin resource + sharing (CORS), see Fetch API Living Standard. Not + supported when the URL map is bound to a target + gRPC proxy. properties: allowCredentials: - description: |- - In response to a preflight request, setting this to true indicates that the - actual request can include user credentials. This translates to the Access- - Control-Allow-Credentials header. Defaults to false. + description: In response to a preflight request, + setting this to true indicates that the actual + request can include user credentials. This field + translates to the Access-Control-Allow-Credentials + header. Default is false. type: boolean allowHeaders: description: Specifies the content for the Access-Control-Allow-Headers @@ -1259,23 +1512,28 @@ spec: type: string type: array allowOriginRegexes: - description: |- - Specifies the regular expression patterns that match allowed origins. For - regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either allow_origins or allow_origin_regex. + description: Specifies a regular expression that + matches allowed origins. For more information, + see regular expression syntax . An origin is + allowed if it matches either an item in allowOrigins + or an item in allowOriginRegexes. Regular expressions + can only be used when the loadBalancingScheme + is set to INTERNAL_SELF_MANAGED. items: type: string type: array allowOrigins: - description: |- - Specifies the list of origins that will be allowed to do CORS requests. An - origin is allowed if it matches either allow_origins or allow_origin_regex. + description: Specifies the list of origins that + is allowed to do CORS requests. An origin is + allowed if it matches either an item in allowOrigins + or an item in allowOriginRegexes. items: type: string type: array disabled: - description: If true, specifies the CORS policy - is disabled. + description: If true, disables the CORS policy. + The default value is false, which indicates + that the CORS policy is in effect. type: boolean exposeHeaders: description: Specifies the content for the Access-Control-Expose-Headers @@ -1284,117 +1542,141 @@ spec: type: string type: array maxAge: - description: |- - Specifies how long the results of a preflight request can be cached. This - translates to the content for the Access-Control-Max-Age header. + description: Specifies how long results of a preflight + request can be cached in seconds. This field + translates to the Access-Control-Max-Age header. + format: int32 type: integer - required: - - disabled type: object faultInjectionPolicy: - description: |- - The specification for fault injection introduced into traffic to test the - resiliency of clients to backend service failure. As part of fault injection, - when clients send requests to a backend service, delays can be introduced by - Loadbalancer on a percentage of requests before sending those request to the - backend service. Similarly requests from clients can be aborted by the - Loadbalancer for a percentage of requests. timeout and retry_policy will be - ignored by clients that are configured with a fault_injection_policy. + description: 'The specification for fault injection + introduced into traffic to test the resiliency of + clients to backend service failure. As part of fault + injection, when clients send requests to a backend + service, delays can be introduced by a load balancer + on a percentage of requests before sending those + requests to the backend service. Similarly requests + from clients can be aborted by the load balancer + for a percentage of requests. timeout and retry_policy + is ignored by clients that are configured with a + fault_injection_policy if: 1. The traffic is generated + by fault injection AND 2. The fault injection is + not a delay fault injection. Fault injection is + not supported with the classic Application Load + Balancer . To see which load balancers support fault + injection, see Load balancing: Routing and traffic + management features.' properties: abort: - description: |- - The specification for how client requests are aborted as part of fault - injection. + description: The specification for how client + requests are aborted as part of fault injection. properties: httpStatus: - description: |- - The HTTP status code used to abort the request. The value must be between 200 - and 599 inclusive. + description: The HTTP status code used to + abort the request. The value must be from + 200 to 599 inclusive. For gRPC protocol, + the gRPC status code is mapped to HTTP status + code according to this mapping table. HTTP + status 200 is mapped to gRPC status UNKNOWN. + Injecting an OK status is currently not + supported by Traffic Director. + format: int32 type: integer percentage: - description: |- - The percentage of traffic (connections/operations/requests) which will be - aborted as part of fault injection. The value must be between 0.0 and 100.0 - inclusive. + description: The percentage of traffic for + connections, operations, or requests that + is aborted as part of fault injection. The + value must be from 0.0 to 100.0 inclusive. type: number - required: - - httpStatus - - percentage type: object delay: - description: |- - The specification for how client requests are delayed as part of fault - injection, before being sent to a backend service. + description: The specification for how client + requests are delayed as part of fault injection, + before being sent to a backend service. properties: fixedDelay: description: Specifies the value of the fixed delay interval. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 'seconds' field and a positive - 'nanos' field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction + of a second at nanosecond resolution. + Durations less than one second are represented + with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 + inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - type: string - required: - - seconds + description: 'Span of time at a resolution + of a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object percentage: - description: |- - The percentage of traffic (connections/operations/requests) on which delay will - be introduced as part of fault injection. The value must be between 0.0 and + description: The percentage of traffic for + connections, operations, or requests for + which a delay is introduced as part of fault + injection. The value must be from 0.0 to 100.0 inclusive. type: number - required: - - fixedDelay - - percentage type: object type: object + maxStreamDuration: + description: Specifies the maximum duration (timeout) + for streams on the selected route. Unlike the timeout + field where the timeout duration starts from the + time the request has been fully processed (known + as *end-of-stream*), the duration in this field + is computed from the beginning of the stream until + the response has been processed, including all retries. + A stream that does not complete in this duration + is closed. If not specified, this field uses the + maximum maxStreamDuration value among all backend + services associated with the route. This field is + only allowed if the Url map is used with backend + services with loadBalancingScheme set to INTERNAL_SELF_MANAGED. + properties: + nanos: + description: Span of time that's a fraction of + a second at nanosecond resolution. Durations + less than one second are represented with a + 0 `seconds` field and a positive `nanos` field. + Must be from 0 to 999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Span of time at a resolution of + a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object requestMirrorPolicy: - description: |- - Specifies the policy on how requests intended for the route's backends are - shadowed to a separate mirrored backend service. Loadbalancer does not wait for - responses from the shadow service. Prior to sending traffic to the shadow - service, the host / authority header is suffixed with -shadow. + description: Specifies the policy on how requests + intended for the route's backends are shadowed to + a separate mirrored backend service. The load balancer + does not wait for responses from the shadow service. + Before sending traffic to the shadow service, the + host / authority header is suffixed with -shadow. + Not supported when the URL map is bound to a target + gRPC proxy that has the validateForProxyless field + set to true. properties: - backendServiceRef: - description: Required. The backend service resource - being mirrored to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` - field of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - required: - - backendServiceRef + backendService: + description: The full or partial URL to the BackendService + resource being mirrored to. The backend service + configured for a mirroring policy must reference + backends that are of the same type as the original + backend service matched in the URL map. Serverless + NEG backends are not currently supported as + a mirrored backend service. + type: string type: object retryPolicy: description: Specifies the retry policy associated @@ -1402,148 +1684,184 @@ spec: properties: numRetries: description: Specifies the allowed number retries. - This number must be > 0. + This number must be > 0. If not specified, defaults + to 1. + format: int32 type: integer perTryTimeout: description: Specifies a non-zero timeout per - retry attempt. + retry attempt. If not specified, will use the + timeout set in the HttpRouteAction field. If + timeout in the HttpRouteAction field is not + set, this field uses the largest timeout among + all backend services associated with the route. + Not supported when the URL map is bound to a + target gRPC proxy that has the validateForProxyless + field set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 'seconds' field and a positive - 'nanos' field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction + of a second at nanosecond resolution. Durations + less than one second are represented with + a 0 `seconds` field and a positive `nanos` + field. Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - type: string - required: - - seconds + description: 'Span of time at a resolution + of a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object retryConditions: - description: |- - Specifies one or more conditions when this retry rule applies. Valid values are: - - - 5xx: Loadbalancer will attempt a retry if the backend service responds with - any 5xx response code, or if the backend service does not respond at all, - example: disconnects, reset, read timeout, connection failure, and refused - streams. - - gateway-error: Similar to 5xx, but only applies to response codes - 502, 503 or 504. - - connect-failure: Loadbalancer will retry on failures - connecting to backend services, for example due to connection timeouts. - - retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - - refused-stream: Loadbalancer will retry if the backend service resets the stream with a - REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - - cancelled: Loadbalancer will retry if the gRPC status code in the response - header is set to cancelled - - deadline-exceeded: Loadbalancer will retry if the - gRPC status code in the response header is set to deadline-exceeded - - resource-exhausted: Loadbalancer will retry if the gRPC status code in the response - header is set to resource-exhausted - - unavailable: Loadbalancer will retry if - the gRPC status code in the response header is set to unavailable. + description: 'Specifies one or more conditions + when this retry policy applies. Valid values + are: - 5xx: retry is attempted if the instance + or endpoint responds with any 5xx response code, + or if the instance or endpoint does not respond + at all. For example, disconnects, reset, read + timeout, connection failure, and refused streams. + - gateway-error: Similar to 5xx, but only applies + to response codes 502, 503 or 504. - connect-failure: + a retry is attempted on failures connecting + to the instance or endpoint. For example, connection + timeouts. - retriable-4xx: a retry is attempted + if the instance or endpoint responds with a + 4xx response code. The only error that you can + retry is error code 409. - refused-stream: a + retry is attempted if the instance or endpoint + resets the stream with a REFUSED_STREAM error + code. This reset type indicates that it is safe + to retry. - cancelled: a retry is attempted + if the gRPC status code in the response header + is set to cancelled. - deadline-exceeded: a + retry is attempted if the gRPC status code in + the response header is set to deadline-exceeded. + - internal: a retry is attempted if the gRPC + status code in the response header is set to + internal. - resource-exhausted: a retry is attempted + if the gRPC status code in the response header + is set to resource-exhausted. - unavailable: + a retry is attempted if the gRPC status code + in the response header is set to unavailable. + Only the following codes are supported when + the URL map is bound to target gRPC proxy that + has validateForProxyless field set to true. + - cancelled - deadline-exceeded - internal - + resource-exhausted - unavailable' items: type: string type: array type: object timeout: - description: |- - Specifies the timeout for the selected route. Timeout is computed from the time - the request is has been fully processed (i.e. end-of-stream) up until the - response has been completely processed. Timeout includes all retries. If not - specified, the default value is 15 seconds. + description: Specifies the timeout for the selected + route. Timeout is computed from the time the request + has been fully processed (known as *end-of-stream*) + up until the response has been processed. Timeout + includes all retries. If not specified, this field + uses the largest timeout among all backend services + associated with the route. Not supported when the + URL map is bound to a target gRPC proxy that has + validateForProxyless field set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 'seconds' field and a positive - 'nanos' field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction of + a second at nanosecond resolution. Durations + less than one second are represented with a + 0 `seconds` field and a positive `nanos` field. + Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - type: string - required: - - seconds + description: 'Span of time at a resolution of + a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer type: object urlRewrite: - description: |- - The spec to modify the URL of the request, prior to forwarding the request to - the matched service. + description: The spec to modify the URL of the request, + before forwarding the request to the matched service. + urlRewrite is the only action supported in UrlMaps + for classic Application Load Balancers. Not supported + when the URL map is bound to a target gRPC proxy + that has the validateForProxyless field set to true. properties: hostRewrite: - description: |- - Prior to forwarding the request to the selected service, the request's host - header is replaced with contents of hostRewrite. The value must be between 1 and - 255 characters. + description: Before forwarding the request to + the selected service, the request's host header + is replaced with contents of hostRewrite. The + value must be from 1 to 255 characters. type: string pathPrefixRewrite: - description: |- - Prior to forwarding the request to the selected backend service, the matching - portion of the request's path is replaced by pathPrefixRewrite. The value must - be between 1 and 1024 characters. + description: Before forwarding the request to + the selected backend service, the matching portion + of the request's path is replaced by pathPrefixRewrite. + The value must be from 1 to 1024 characters. + type: string + pathTemplateRewrite: + description: If specified, the pattern rewrites + the URL path (based on the :path header) using + the HTTP template syntax. A corresponding path_template_match + must be specified. Any template variables must + exist in the path_template_match field. - -At + least one variable must be specified in the + path_template_match field - You can omit variables + from the rewritten URL - The * and ** operators + cannot be matched unless they have a corresponding + variable name - e.g. {format=*} or {var=**}. + For example, a path_template_match of /static/{format=**} + could be rewritten as /static/content/{format} + to prefix /content to the URL. Variables can + also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} + can be rewritten as /content/{format}/{country}/{suffix}. + At least one non-empty routeRules[].matchRules[].path_template_match + is required. Only one of path_prefix_rewrite + or path_template_rewrite may be specified. type: string type: object weightedBackendServices: - description: |- - A list of weighted backend services to send traffic to when a route match - occurs. The weights determine the fraction of traffic that flows to their - corresponding backend service. If all traffic needs to go to a single backend - service, there must be one weightedBackendService with weight set to a non 0 - number. Once a backendService is identified and before forwarding the request to - the backend service, advanced routing actions like Url rewrites and header - transformations are applied depending on additional settings specified in this - HttpRouteAction. + description: A list of weighted backend services to + send traffic to when a route match occurs. The weights + determine the fraction of traffic that flows to + their corresponding backend service. If all traffic + needs to go to a single backend service, there must + be one weightedBackendService with weight set to + a non-zero number. After a backend service is identified + and before forwarding the request to the backend + service, advanced routing actions such as URL rewrites + and header transformations are applied depending + on additional settings specified in this HttpRouteAction. items: properties: - backendServiceRef: - description: |- - Required. The default backend service resource. Before forwarding - the request to backendService, the loadbalancer applies any relevant - headerActions specified as part of this backendServiceWeight. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` - field of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + backendService: + description: The full or partial URL to the + default BackendService resource. Before forwarding + the request to backendService, the load balancer + applies any relevant headerActions specified + as part of this backendServiceWeight. + type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for - the selected backendService. headerAction specified here take effect before - headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + description: Specifies changes to request and + response headers that need to take effect + for the selected backendService. headerAction + specified here take effect before headerAction + in the enclosing HttpRouteRule, PathMatcher + and UrlMap. headerAction is not supported + for load balancers that have their loadBalancingScheme + set to EXTERNAL. Not supported when the URL + map is bound to a target gRPC proxy that has + validateForProxyless field set to true. properties: requestHeadersToAdd: - description: |- - Headers to add to a matching request prior to forwarding the request to the - backendService. + description: Headers to add to a matching + request before forwarding the request + to the backendService. items: properties: headerName: @@ -1554,28 +1872,30 @@ spec: to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue + is appended to any values that already + exist for the header. If true, headerValue + is set for the header, discarding + any values that were set for that + header. The default value is true, + unless a variable is present in + headerValue, in which case the default + value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array requestHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. + description: A list of header names for + headers that need to be removed from the + request before forwarding the request + to the backendService. items: type: string type: array responseHeadersToAdd: description: Headers to add the response - prior to sending the response back to - the client. + before sending the response back to the + client. items: properties: headerName: @@ -1586,208 +1906,241 @@ spec: to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue + is appended to any values that already + exist for the header. If true, headerValue + is set for the header, discarding + any values that were set for that + header. The default value is true, + unless a variable is present in + headerValue, in which case the default + value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array responseHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. + description: A list of header names for + headers that need to be removed from the + response before sending the response back + to the client. items: type: string type: array type: object weight: - description: |- - Specifies the fraction of traffic sent to backendService, computed as weight / - (sum of all weightedBackendService weights in routeAction) . The selection of a - backend service is determined only for new traffic. Once a user's request has - been directed to a backendService, subsequent requests will be sent to the same - backendService as determined by the BackendService's session affinity policy. - The value must be between 0 and 1000. + description: Specifies the fraction of traffic + sent to a backend service, computed as weight + / (sum of all weightedBackendService weights + in routeAction) . The selection of a backend + service is determined only for new traffic. + Once a user's request has been directed to + a backend service, subsequent requests are + sent to the same backend service as determined + by the backend service's session affinity + policy. Don't configure session affinity if + you're using weighted traffic splitting. If + you do, the weighted traffic splitting configuration + takes precedence. The value must be from 0 + to 1000. + format: int32 type: integer - required: - - backendServiceRef - - weight type: object type: array type: object service: - description: |- - The backend service to which traffic is directed if this rule is - matched. - For the Global URL Map, it should be a reference to the backend - service or backend bucket. - For the Regional URL Map, it should be a reference to the backend - service. - If routeAction is additionally specified, advanced routing actions - like URL Rewrites, etc. take effect prior to sending the request to - the backend. However, if service is specified, routeAction cannot - contain any weightedBackendServices. Conversely, if routeAction - specifies any weightedBackendServices, service must not be - specified. Only one of urlRedirect, service or - routeAction.weightedBackendService must be set. - oneOf: - - required: - - backendBucketRef - - required: - - backendServiceRef - properties: - backendBucketRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field - of a `ComputeBackendBucket` resource.' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - backendServiceRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field - of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object + description: The full or partial URL of the backend service + resource to which traffic is directed if this rule is + matched. If routeAction is also specified, advanced + routing actions, such as URL rewrites, take effect before + sending the request to the backend. Only one of urlRedirect, + service or routeAction.weightedBackendService can be + set. + type: string urlRedirect: - description: |- - When a path pattern is matched, the request is redirected to a URL specified - by urlRedirect. If urlRedirect is specified, service or routeAction must not - be set. + description: When a path pattern is matched, the request + is redirected to a URL specified by urlRedirect. Only + one of urlRedirect, service or routeAction.weightedBackendService + can be set. Not supported when the URL map is bound + to a target gRPC proxy. properties: hostRedirect: - description: |- - The host that will be used in the redirect response instead of the one - that was supplied in the request. The value must be between 1 and 255 - characters. + description: The host that is used in the redirect + response instead of the one that was supplied in + the request. The value must be from 1 to 255 characters. type: string httpsRedirect: - description: |- - If set to true, the URL scheme in the redirected request is set to https. - If set to false, the URL scheme of the redirected request will remain the - same as that of the request. This must only be set for UrlMaps used in - TargetHttpProxys. Setting this true for TargetHttpsProxy is not - permitted. The default is set to false. + description: If set to true, the URL scheme in the + redirected request is set to HTTPS. If set to false, + the URL scheme of the redirected request remains + the same as that of the request. This must only + be set for URL maps used in TargetHttpProxys. Setting + this true for TargetHttpsProxy is not permitted. + The default is set to false. type: boolean pathRedirect: - description: |- - The path that will be used in the redirect response instead of the one - that was supplied in the request. pathRedirect cannot be supplied - together with prefixRedirect. Supply one alone or neither. If neither is - supplied, the path of the original request will be used for the redirect. - The value must be between 1 and 1024 characters. + description: The path that is used in the redirect + response instead of the one that was supplied in + the request. pathRedirect cannot be supplied together + with prefixRedirect. Supply one alone or neither. + If neither is supplied, the path of the original + request is used for the redirect. The value must + be from 1 to 1024 characters. type: string prefixRedirect: - description: |- - The prefix that replaces the prefixMatch specified in the - HttpRouteRuleMatch, retaining the remaining portion of the URL before - redirecting the request. prefixRedirect cannot be supplied together with - pathRedirect. Supply one alone or neither. If neither is supplied, the - path of the original request will be used for the redirect. The value - must be between 1 and 1024 characters. + description: The prefix that replaces the prefixMatch + specified in the HttpRouteRuleMatch, retaining the + remaining portion of the URL before redirecting + the request. prefixRedirect cannot be supplied together + with pathRedirect. Supply one alone or neither. + If neither is supplied, the path of the original + request is used for the redirect. The value must + be from 1 to 1024 characters. type: string redirectResponseCode: - description: |- - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"]. + description: 'The HTTP Status code to use for this + RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, + which is the default value and corresponds to 301. + - FOUND, which corresponds to 302. - SEE_OTHER which + corresponds to 303. - TEMPORARY_REDIRECT, which + corresponds to 307. In this case, the request method + is retained. - PERMANENT_REDIRECT, which corresponds + to 308. In this case, the request method is retained. + Check the RedirectResponseCode enum for the list + of possible values.' type: string stripQuery: - description: |- - If set to true, any accompanying query portion of the original URL is removed - prior to redirecting the request. If set to false, the query portion of the - original URL is retained. - This field is required to ensure an empty block is not set. The normal default value is false. + description: If set to true, any accompanying query + portion of the original URL is removed before redirecting + the request. If set to false, the query portion + of the original URL is retained. The default is + set to false. type: boolean - required: - - stripQuery type: object - required: - - paths type: object type: array routeRules: - description: |- - The list of ordered HTTP route rules. Use this list instead of pathRules when - advanced route matching and routing actions are desired. The order of specifying - routeRules matters: the first rule that matches will cause its specified routing - action to take effect. Within a given pathMatcher, only one of pathRules or - routeRules must be set. routeRules are not supported in UrlMaps intended for - External load balancers. + description: The list of HTTP route rules. Use this list instead + of pathRules when advanced route matching and routing actions + are desired. routeRules are evaluated in order of priority, + from the lowest to highest number. Within a given pathMatcher, + you can set only one of pathRules or routeRules. items: properties: + customErrorResponsePolicy: + description: 'customErrorResponsePolicy specifies how + the Load Balancer returns error responses when BackendServiceor + BackendBucket responds with an error. If a policy for + an error code is not configured for the RouteRule, a + policy for the error code configured in pathMatcher.defaultCustomErrorResponsePolicy + is applied. If one is not specified in pathMatcher.defaultCustomErrorResponsePolicy, + the policy configured in UrlMap.defaultCustomErrorResponsePolicy + takes effect. For example, consider a UrlMap with the + following configuration: - UrlMap.defaultCustomErrorResponsePolicy + are configured with policies for 5xx and 4xx errors + - A RouteRule for /coming_soon/ is configured for the + error code 404. If the request is for www.myotherdomain.com + and a 404 is encountered, the policy under UrlMap.defaultCustomErrorResponsePolicy + takes effect. If a 404 response is encountered for the + request www.example.com/current_events/, the pathMatcher''s + policy takes effect. If however, the request for www.example.com/coming_soon/ + encounters a 404, the policy in RouteRule.customErrorResponsePolicy + takes effect. If any of the requests in this example + encounter a 500 error code, the policy at UrlMap.defaultCustomErrorResponsePolicy + takes effect. When used in conjunction with routeRules.routeAction.retryPolicy, + retries take precedence. Only once all retries are exhausted, + the customErrorResponsePolicy is applied. While attempting + a retry, if load balancer is successful in reaching + the service, the customErrorResponsePolicy is ignored + and the response from the service is returned to the + client. customErrorResponsePolicy is supported only + for global external Application Load Balancers.' + properties: + errorResponseRules: + description: Specifies rules for returning error responses. + In a given policy, if you specify rules for both + a range of error codes as well as rules for specific + error codes then rules with specific error codes + have a higher priority. For example, assume that + you configure a rule for 401 (Un-authorized) code, + and another for all 4 series error codes (4XX). + If the backend service returns a 401, then the rule + for 401 will be applied. However if the backend + service returns a 403, the rule for 4xx takes effect. + items: + properties: + matchResponseCodes: + description: 'Valid values include: - A number + between 400 and 599: For example 401 or 503, + in which case the load balancer applies the + policy if the error code exactly matches this + value. - 5xx: Load Balancer will apply the + policy if the backend service responds with + any response code in the range of 500 to 599. + - 4xx: Load Balancer will apply the policy + if the backend service responds with any response + code in the range of 400 to 499. Values must + be unique within matchResponseCodes and across + all errorResponseRules of CustomErrorResponsePolicy.' + items: + type: string + type: array + overrideResponseCode: + description: The HTTP status code returned with + the response containing the custom error content. + If overrideResponseCode is not supplied, the + same response code returned by the original + backend bucket or backend service is returned + to the client. + format: int32 + type: integer + path: + description: 'The full path to a file within + backendBucket . For example: /errors/defaultError.html + path must start with a leading slash. path + cannot have trailing slashes. If the file + is not available in backendBucket or the load + balancer cannot reach the BackendBucket, a + simple Not Found Error is returned to the + client. The value must be from 1 to 1024 characters' + type: string + type: object + type: array + errorService: + description: 'The full or partial URL to the BackendBucket + resource that contains the custom error content. + Examples are: - https://www.googleapis.com/compute/v1/projects/project/global/backendBuckets/myBackendBucket + - compute/v1/projects/project/global/backendBuckets/myBackendBucket + - global/backendBuckets/myBackendBucket If errorService + is not specified at lower levels like pathMatcher, + pathRule and routeRule, an errorService specified + at a higher level in the UrlMap will be used. If + UrlMap.defaultCustomErrorResponsePolicy contains + one or more errorResponseRules[], it must specify + errorService. If load balancer cannot reach the + backendBucket, a simple Not Found Error will be + returned, with the original response code (or overrideResponseCode + if configured). errorService is not supported for + internal or regional HTTP/HTTPS load balancers.' + type: string + type: object + description: + description: The short description conveying the intent + of this routeRule. The description can have a maximum + length of 1024 characters. + type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for - the selected backendService. The headerAction specified here are applied before - the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].r - outeAction.weightedBackendService.backendServiceWeightAction[].headerAction. + description: Specifies changes to request and response + headers that need to take effect for the selected backendService. + The headerAction value specified here is applied before + the matching pathMatchers[].headerAction and after pathMatchers[].routeRules[].routeAction.weightedBackendService.backendServiceWeightAction[].headerAction + HeaderAction is not supported for load balancers that + have their loadBalancingScheme set to EXTERNAL. Not + supported when the URL map is bound to a target gRPC + proxy that has validateForProxyless field set to true. properties: requestHeadersToAdd: - description: |- - Headers to add to a matching request prior to forwarding the request to the - backendService. + description: Headers to add to a matching request + before forwarding the request to the backendService. items: properties: headerName: @@ -1797,27 +2150,26 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue is appended + to any values that already exist for the header. + If true, headerValue is set for the header, + discarding any values that were set for that + header. The default value is true, unless + a variable is present in headerValue, in which + case the default value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array requestHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. + description: A list of header names for headers that + need to be removed from the request before forwarding + the request to the backendService. items: type: string type: array responseHeadersToAdd: - description: Headers to add the response prior to - sending the response back to the client. + description: Headers to add the response before sending + the response back to the client. items: properties: headerName: @@ -1827,152 +2179,193 @@ spec: description: The value of the header to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue is appended + to any values that already exist for the header. + If true, headerValue is set for the header, + discarding any values that were set for that + header. The default value is true, unless + a variable is present in headerValue, in which + case the default value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array responseHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. + description: A list of header names for headers that + need to be removed from the response before sending + the response back to the client. items: type: string type: array type: object matchRules: - description: The rules for determining a match. + description: 'The list of criteria for matching attributes + of a request to this routeRule. This list has OR semantics: + the request matches this routeRule when any of the matchRules + are satisfied. However predicates within a given matchRule + have AND semantics. All predicates within a matchRule + must match for the request to match the rule.' items: properties: fullPathMatch: - description: |- - For satisfying the matchRule condition, the path of the request must exactly - match the value specified in fullPathMatch after removing any query parameters - and anchor that may be part of the original URL. FullPathMatch must be between 1 - and 1024 characters. Only one of prefixMatch, fullPathMatch or regexMatch must - be specified. + description: For satisfying the matchRule condition, + the path of the request must exactly match the + value specified in fullPathMatch after removing + any query parameters and anchor that may be part + of the original URL. fullPathMatch must be from + 1 to 1024 characters. Only one of prefixMatch, + fullPathMatch or regexMatch must be specified. type: string headerMatches: - description: |- - Specifies a list of header match criteria, all of which must match corresponding - headers in the request. + description: Specifies a list of header match criteria, + all of which must match corresponding headers + in the request. items: properties: exactMatch: - description: |- - The value should exactly match contents of exactMatch. Only one of exactMatch, - prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + description: The value should exactly match + contents of exactMatch. Only one of exactMatch, + prefixMatch, suffixMatch, regexMatch, presentMatch + or rangeMatch must be set. type: string headerName: - description: |- - The name of the HTTP header to match. For matching against the HTTP request's - authority, use a headerMatch with the header name ":authority". For matching a - request's method, use the headerName ":method". + description: 'The name of the HTTP header + to match. For matching against the HTTP + request''s authority, use a headerMatch + with the header name ":authority". For matching + a request''s method, use the headerName + ":method". When the URL map is bound to + a target gRPC proxy that has the validateForProxyless + field set to true, only non-binary user-specified + custom metadata and the `content-type` header + are supported. The following transport-level + headers cannot be used in header matching + rules: `:authority`, `:method`, `:path`, + `:scheme`, `user-agent`, `accept-encoding`, + `content-encoding`, `grpc-accept-encoding`, + `grpc-encoding`, `grpc-previous-rpc-attempts`, + `grpc-tags-bin`, `grpc-timeout` and `grpc-trace-bin`.' type: string invertMatch: - description: |- - If set to false, the headerMatch is considered a match if the match criteria - above are met. If set to true, the headerMatch is considered a match if the - match criteria above are NOT met. Defaults to false. + description: If set to false, the headerMatch + is considered a match if the preceding match + criteria are met. If set to true, the headerMatch + is considered a match if the preceding match + criteria are NOT met. The default setting + is false. type: boolean prefixMatch: - description: |- - The value of the header must start with the contents of prefixMatch. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. + description: The value of the header must + start with the contents of prefixMatch. + Only one of exactMatch, prefixMatch, suffixMatch, + regexMatch, presentMatch or rangeMatch must + be set. type: string presentMatch: - description: |- - A header with the contents of headerName must exist. The match takes place - whether or not the request's header has a value or not. Only one of exactMatch, - prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch must be set. + description: A header with the contents of + headerName must exist. The match takes place + whether or not the request's header has + a value. Only one of exactMatch, prefixMatch, + suffixMatch, regexMatch, presentMatch or + rangeMatch must be set. type: boolean rangeMatch: - description: |- - The header value must be an integer and its value must be in the range specified - in rangeMatch. If the header does not contain an integer, number or is empty, - the match fails. For example for a range [-5, 0] - - * -3 will match - * 0 will not match - * 0.25 will not match - * -3someString will not match. - - Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or - rangeMatch must be set. + description: The header value must be an integer + and its value must be in the range specified + in rangeMatch. If the header does not contain + an integer, number or is empty, the match + fails. For example for a range [-5, 0] - + -3 will match. - 0 will not match. - 0.25 + will not match. - -3someString will not + match. Only one of exactMatch, prefixMatch, + suffixMatch, regexMatch, presentMatch or + rangeMatch must be set. rangeMatch is not + supported for load balancers that have loadBalancingScheme + set to EXTERNAL. properties: rangeEnd: - description: The end of the range (exclusive). + description: The end of the range (exclusive) + in signed long integer format. + format: int64 type: integer rangeStart: - description: The start of the range (inclusive). + description: The start of the range (inclusive) + in signed long integer format. + format: int64 type: integer - required: - - rangeEnd - - rangeStart type: object regexMatch: - description: |- - The value of the header must match the regular expression specified in - regexMatch. For regular expression grammar, please see: - en.cppreference.com/w/cpp/regex/ecmascript For matching against a port - specified in the HTTP request, use a headerMatch with headerName set to PORT and - a regular expression that satisfies the RFC2616 Host header's port specifier. - Only one of exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or - rangeMatch must be set. + description: The value of the header must + match the regular expression specified in + regexMatch. For more information about regular + expression syntax, see Syntax. For matching + against a port specified in the HTTP request, + use a headerMatch with headerName set to + PORT and a regular expression that satisfies + the RFC2616 Host header's port specifier. + Only one of exactMatch, prefixMatch, suffixMatch, + regexMatch, presentMatch or rangeMatch must + be set. Regular expressions can only be + used when the loadBalancingScheme is set + to INTERNAL_SELF_MANAGED. type: string suffixMatch: - description: |- - The value of the header must end with the contents of suffixMatch. Only one of - exactMatch, prefixMatch, suffixMatch, regexMatch, presentMatch or rangeMatch - must be set. + description: The value of the header must + end with the contents of suffixMatch. Only + one of exactMatch, prefixMatch, suffixMatch, + regexMatch, presentMatch or rangeMatch must + be set. type: string - required: - - headerName type: object type: array ignoreCase: - description: |- - Specifies that prefixMatch and fullPathMatch matches are case sensitive. - Defaults to false. + description: Specifies that prefixMatch and fullPathMatch + matches are case sensitive. The default value + is false. ignoreCase must not be used with regexMatch. + Not supported when the URL map is bound to a target + gRPC proxy. type: boolean metadataFilters: - description: |- - Opaque filter criteria used by Loadbalancer to restrict routing configuration to - a limited set xDS compliant clients. In their xDS requests to Loadbalancer, xDS - clients present node metadata. If a match takes place, the relevant routing - configuration is made available to those proxies. For each metadataFilter in - this list, if its filterMatchCriteria is set to MATCH_ANY, at least one of the - filterLabels must match the corresponding label provided in the metadata. If its - filterMatchCriteria is set to MATCH_ALL, then all of its filterLabels must match - with corresponding labels in the provided metadata. metadataFilters specified - here can be overrides those specified in ForwardingRule that refers to this - UrlMap. metadataFilters only applies to Loadbalancers that have their - loadBalancingScheme set to INTERNAL_SELF_MANAGED. + description: Opaque filter criteria used by the + load balancer to restrict routing configuration + to a limited set of xDS compliant clients. In + their xDS requests to the load balancer, xDS clients + present node metadata. When there is a match, + the relevant routing configuration is made available + to those proxies. For each metadataFilter in this + list, if its filterMatchCriteria is set to MATCH_ANY, + at least one of the filterLabels must match the + corresponding label provided in the metadata. + If its filterMatchCriteria is set to MATCH_ALL, + then all of its filterLabels must match with corresponding + labels provided in the metadata. If multiple metadata + filters are specified, all of them need to be + satisfied in order to be considered a match. metadataFilters + specified here is applied after those specified + in ForwardingRule that refers to the UrlMap this + HttpRouteRuleMatch belongs to. metadataFilters + only applies to load balancers that have loadBalancingScheme + set to INTERNAL_SELF_MANAGED. Not supported when + the URL map is bound to a target gRPC proxy that + has validateForProxyless field set to true. items: properties: filterLabels: description: |- - The list of label value pairs that must match labels in the provided metadata - based on filterMatchCriteria This list must not be empty and can have at the - most 64 entries. + Immutable. The list of label value pairs that must match labels in the + provided metadata based on filterMatchCriteria + + This list must not be empty and can have at the most 64 entries. items: properties: name: - description: |- - Name of metadata label. The name can have a maximum length of 1024 characters - and must be at least 1 character long. + description: Immutable. Name of the + metadata label. The length must be + between 1 and 1024 characters, inclusive. type: string value: - description: |- - The value of the label must match the specified value. value can have a maximum - length of 1024 characters. + description: Immutable. The value that + the label must match. The value has + a maximum length of 1024 characters. type: string required: - name @@ -1981,13 +2374,13 @@ spec: type: array filterMatchCriteria: description: |- - Specifies how individual filterLabel matches within the list of filterLabels - contribute towards the overall metadataFilter match. Supported values are: + Immutable. Specifies how individual filterLabel matches within the list of + filterLabels contribute towards the overall metadataFilter match. - * MATCH_ANY: At least one of the filterLabels must have a matching label in the - provided metadata. - * MATCH_ALL: All filterLabels must have matching labels in - the provided metadata. Possible values: ["MATCH_ALL", "MATCH_ANY"]. + MATCH_ANY - At least one of the filterLabels must have a matching + label in the provided metadata. + MATCH_ALL - All filterLabels must have matching labels in the + provided metadata. Possible values: ["MATCH_ANY", "MATCH_ALL"]. type: string required: - filterLabels @@ -1995,105 +2388,118 @@ spec: type: object type: array pathTemplateMatch: - description: |- - For satisfying the matchRule condition, the path of the request - must match the wildcard pattern specified in pathTemplateMatch - after removing any query parameters and anchor that may be part - of the original URL. - - pathTemplateMatch must be between 1 and 255 characters - (inclusive). The pattern specified by pathTemplateMatch may - have at most 5 wildcard operators and at most 5 variable - captures in total. + description: If specified, the route is a pattern + match expression that must match the :path header + once the query string is removed. A pattern match + allows you to match - The value must be between + 1 and 1024 characters - The pattern must start + with a leading slash ("/") - There may be no more + than 5 operators in pattern Precisely one of prefix_match, + full_path_match, regex_match or path_template_match + must be set. type: string prefixMatch: - description: |- - For satisfying the matchRule condition, the request's path must begin with the - specified prefixMatch. prefixMatch must begin with a /. The value must be - between 1 and 1024 characters. Only one of prefixMatch, fullPathMatch or - regexMatch must be specified. + description: For satisfying the matchRule condition, + the request's path must begin with the specified + prefixMatch. prefixMatch must begin with a /. + The value must be from 1 to 1024 characters. Only + one of prefixMatch, fullPathMatch or regexMatch + must be specified. type: string queryParameterMatches: - description: |- - Specifies a list of query parameter match criteria, all of which must match - corresponding query parameters in the request. + description: Specifies a list of query parameter + match criteria, all of which must match corresponding + query parameters in the request. Not supported + when the URL map is bound to a target gRPC proxy. items: properties: exactMatch: - description: |- - The queryParameterMatch matches if the value of the parameter exactly matches - the contents of exactMatch. Only one of presentMatch, exactMatch and regexMatch + description: The queryParameterMatch matches + if the value of the parameter exactly matches + the contents of exactMatch. Only one of + presentMatch, exactMatch, or regexMatch must be set. type: string name: - description: |- - The name of the query parameter to match. The query parameter must exist in the - request, in the absence of which the request match fails. + description: The name of the query parameter + to match. The query parameter must exist + in the request, in the absence of which + the request match fails. type: string presentMatch: - description: |- - Specifies that the queryParameterMatch matches if the request contains the query - parameter, irrespective of whether the parameter has a value or not. Only one of - presentMatch, exactMatch and regexMatch must be set. + description: Specifies that the queryParameterMatch + matches if the request contains the query + parameter, irrespective of whether the parameter + has a value or not. Only one of presentMatch, + exactMatch, or regexMatch must be set. type: boolean regexMatch: - description: |- - The queryParameterMatch matches if the value of the parameter matches the - regular expression specified by regexMatch. For the regular expression grammar, - please see en.cppreference.com/w/cpp/regex/ecmascript Only one of presentMatch, - exactMatch and regexMatch must be set. + description: The queryParameterMatch matches + if the value of the parameter matches the + regular expression specified by regexMatch. + For more information about regular expression + syntax, see Syntax. Only one of presentMatch, + exactMatch, or regexMatch must be set. Regular + expressions can only be used when the loadBalancingScheme + is set to INTERNAL_SELF_MANAGED. type: string - required: - - name type: object type: array regexMatch: - description: |- - For satisfying the matchRule condition, the path of the request must satisfy the - regular expression specified in regexMatch after removing any query parameters - and anchor supplied with the original URL. For regular expression grammar please - see en.cppreference.com/w/cpp/regex/ecmascript Only one of prefixMatch, + description: For satisfying the matchRule condition, + the path of the request must satisfy the regular + expression specified in regexMatch after removing + any query parameters and anchor supplied with + the original URL. For more information about regular + expression syntax, see Syntax. Only one of prefixMatch, fullPathMatch or regexMatch must be specified. + Regular expressions can only be used when the + loadBalancingScheme is set to INTERNAL_SELF_MANAGED. type: string type: object type: array priority: - description: |- - For routeRules within a given pathMatcher, priority determines the order - in which load balancer will interpret routeRules. RouteRules are evaluated - in order of priority, from the lowest to highest number. The priority of - a rule decreases as its number increases (1, 2, 3, N+1). The first rule - that matches the request is applied. - - You cannot configure two or more routeRules with the same priority. - Priority for each rule must be set to a number between 0 and - 2147483647 inclusive. - - Priority numbers can have gaps, which enable you to add or remove rules - in the future without affecting the rest of the rules. For example, - 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which - you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the + description: For routeRules within a given pathMatcher, + priority determines the order in which a load balancer + interprets routeRules. RouteRules are evaluated in order + of priority, from the lowest to highest number. The + priority of a rule decreases as its number increases + (1, 2, 3, N+1). The first rule that matches the request + is applied. You cannot configure two or more routeRules + with the same priority. Priority for each rule must + be set to a number from 0 to 2147483647 inclusive. Priority + numbers can have gaps, which enable you to add or remove + rules in the future without affecting the rest of the + rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid + series of priority numbers to which you could add rules + numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules. + format: int32 type: integer routeAction: - description: |- - In response to a matching matchRule, the load balancer performs advanced routing - actions like URL rewrites, header transformations, etc. prior to forwarding the - request to the selected backend. If routeAction specifies any - weightedBackendServices, service must not be set. Conversely if service is set, - routeAction cannot contain any weightedBackendServices. Only one of routeAction - or urlRedirect must be set. + description: In response to a matching matchRule, the + load balancer performs advanced routing actions, such + as URL rewrites and header transformations, before forwarding + the request to the selected backend. Only one of urlRedirect, + service or routeAction.weightedBackendService can be + set. URL maps for classic Application Load Balancers + only support the urlRewrite action within a route rule's + routeAction. properties: corsPolicy: - description: |- - The specification for allowing client side cross-origin requests. Please see W3C - Recommendation for Cross Origin Resource Sharing. + description: The specification for allowing client-side + cross-origin requests. For more information about + the W3C recommendation for cross-origin resource + sharing (CORS), see Fetch API Living Standard. Not + supported when the URL map is bound to a target + gRPC proxy. properties: allowCredentials: - description: |- - In response to a preflight request, setting this to true indicates that the - actual request can include user credentials. This translates to the Access- - Control-Allow-Credentials header. Defaults to false. + description: In response to a preflight request, + setting this to true indicates that the actual + request can include user credentials. This field + translates to the Access-Control-Allow-Credentials + header. Default is false. type: boolean allowHeaders: description: Specifies the content for the Access-Control-Allow-Headers @@ -2108,24 +2514,28 @@ spec: type: string type: array allowOriginRegexes: - description: |- - Specifies the regular expression patterns that match allowed origins. For - regular expression grammar please see en.cppreference.com/w/cpp/regex/ecmascript - An origin is allowed if it matches either allow_origins or allow_origin_regex. + description: Specifies a regular expression that + matches allowed origins. For more information, + see regular expression syntax . An origin is + allowed if it matches either an item in allowOrigins + or an item in allowOriginRegexes. Regular expressions + can only be used when the loadBalancingScheme + is set to INTERNAL_SELF_MANAGED. items: type: string type: array allowOrigins: - description: |- - Specifies the list of origins that will be allowed to do CORS requests. An - origin is allowed if it matches either allow_origins or allow_origin_regex. + description: Specifies the list of origins that + is allowed to do CORS requests. An origin is + allowed if it matches either an item in allowOrigins + or an item in allowOriginRegexes. items: type: string type: array disabled: - description: |- - If true, specifies the CORS policy is disabled. - which indicates that the CORS policy is in effect. Defaults to false. + description: If true, disables the CORS policy. + The default value is false, which indicates + that the CORS policy is in effect. type: boolean exposeHeaders: description: Specifies the content for the Access-Control-Expose-Headers @@ -2134,109 +2544,141 @@ spec: type: string type: array maxAge: - description: |- - Specifies how long the results of a preflight request can be cached. This - translates to the content for the Access-Control-Max-Age header. + description: Specifies how long results of a preflight + request can be cached in seconds. This field + translates to the Access-Control-Max-Age header. + format: int32 type: integer type: object faultInjectionPolicy: - description: |- - The specification for fault injection introduced into traffic to test the - resiliency of clients to backend service failure. As part of fault injection, - when clients send requests to a backend service, delays can be introduced by - Loadbalancer on a percentage of requests before sending those request to the - backend service. Similarly requests from clients can be aborted by the - Loadbalancer for a percentage of requests. timeout and retry_policy will be - ignored by clients that are configured with a fault_injection_policy. + description: 'The specification for fault injection + introduced into traffic to test the resiliency of + clients to backend service failure. As part of fault + injection, when clients send requests to a backend + service, delays can be introduced by a load balancer + on a percentage of requests before sending those + requests to the backend service. Similarly requests + from clients can be aborted by the load balancer + for a percentage of requests. timeout and retry_policy + is ignored by clients that are configured with a + fault_injection_policy if: 1. The traffic is generated + by fault injection AND 2. The fault injection is + not a delay fault injection. Fault injection is + not supported with the classic Application Load + Balancer . To see which load balancers support fault + injection, see Load balancing: Routing and traffic + management features.' properties: abort: - description: |- - The specification for how client requests are aborted as part of fault - injection. + description: The specification for how client + requests are aborted as part of fault injection. properties: httpStatus: - description: |- - The HTTP status code used to abort the request. The value must be between 200 - and 599 inclusive. + description: The HTTP status code used to + abort the request. The value must be from + 200 to 599 inclusive. For gRPC protocol, + the gRPC status code is mapped to HTTP status + code according to this mapping table. HTTP + status 200 is mapped to gRPC status UNKNOWN. + Injecting an OK status is currently not + supported by Traffic Director. + format: int32 type: integer percentage: - description: |- - The percentage of traffic (connections/operations/requests) which will be - aborted as part of fault injection. The value must be between 0.0 and 100.0 - inclusive. + description: The percentage of traffic for + connections, operations, or requests that + is aborted as part of fault injection. The + value must be from 0.0 to 100.0 inclusive. type: number type: object delay: - description: |- - The specification for how client requests are delayed as part of fault - injection, before being sent to a backend service. + description: The specification for how client + requests are delayed as part of fault injection, + before being sent to a backend service. properties: fixedDelay: description: Specifies the value of the fixed delay interval. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 'seconds' field and a positive - 'nanos' field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction + of a second at nanosecond resolution. + Durations less than one second are represented + with a 0 `seconds` field and a positive + `nanos` field. Must be from 0 to 999,999,999 + inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - type: string - required: - - seconds + description: 'Span of time at a resolution + of a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object percentage: - description: |- - The percentage of traffic (connections/operations/requests) on which delay will - be introduced as part of fault injection. The value must be between 0.0 and + description: The percentage of traffic for + connections, operations, or requests for + which a delay is introduced as part of fault + injection. The value must be from 0.0 to 100.0 inclusive. type: number type: object type: object + maxStreamDuration: + description: Specifies the maximum duration (timeout) + for streams on the selected route. Unlike the timeout + field where the timeout duration starts from the + time the request has been fully processed (known + as *end-of-stream*), the duration in this field + is computed from the beginning of the stream until + the response has been processed, including all retries. + A stream that does not complete in this duration + is closed. If not specified, this field uses the + maximum maxStreamDuration value among all backend + services associated with the route. This field is + only allowed if the Url map is used with backend + services with loadBalancingScheme set to INTERNAL_SELF_MANAGED. + properties: + nanos: + description: Span of time that's a fraction of + a second at nanosecond resolution. Durations + less than one second are represented with a + 0 `seconds` field and a positive `nanos` field. + Must be from 0 to 999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Span of time at a resolution of + a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object requestMirrorPolicy: - description: |- - Specifies the policy on how requests intended for the route's backends are - shadowed to a separate mirrored backend service. Loadbalancer does not wait for - responses from the shadow service. Prior to sending traffic to the shadow - service, the host / authority header is suffixed with -shadow. + description: Specifies the policy on how requests + intended for the route's backends are shadowed to + a separate mirrored backend service. The load balancer + does not wait for responses from the shadow service. + Before sending traffic to the shadow service, the + host / authority header is suffixed with -shadow. + Not supported when the URL map is bound to a target + gRPC proxy that has the validateForProxyless field + set to true. properties: - backendServiceRef: - description: Required. The backend service resource - being mirrored to. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` - field of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - required: - - backendServiceRef + backendService: + description: The full or partial URL to the BackendService + resource being mirrored to. The backend service + configured for a mirroring policy must reference + backends that are of the same type as the original + backend service matched in the URL map. Serverless + NEG backends are not currently supported as + a mirrored backend service. + type: string type: object retryPolicy: description: Specifies the retry policy associated @@ -2244,167 +2686,184 @@ spec: properties: numRetries: description: Specifies the allowed number retries. - This number must be > 0. + This number must be > 0. If not specified, defaults + to 1. + format: int32 type: integer perTryTimeout: description: Specifies a non-zero timeout per - retry attempt. + retry attempt. If not specified, will use the + timeout set in the HttpRouteAction field. If + timeout in the HttpRouteAction field is not + set, this field uses the largest timeout among + all backend services associated with the route. + Not supported when the URL map is bound to a + target gRPC proxy that has the validateForProxyless + field set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 'seconds' field and a positive - 'nanos' field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction + of a second at nanosecond resolution. Durations + less than one second are represented with + a 0 `seconds` field and a positive `nanos` + field. Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - type: string - required: - - seconds + description: 'Span of time at a resolution + of a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer type: object retryConditions: - description: |- - Specifies one or more conditions when this retry rule applies. Valid values are: - - * 5xx: Loadbalancer will attempt a retry if the backend service responds with - any 5xx response code, or if the backend service does not respond at all, - example: disconnects, reset, read timeout, connection failure, and refused - streams. - * gateway-error: Similar to 5xx, but only applies to response codes - 502, 503 or 504. - * connect-failure: Loadbalancer will retry on failures - connecting to backend services, for example due to connection timeouts. - * retriable-4xx: Loadbalancer will retry for retriable 4xx response codes. - Currently the only retriable error supported is 409. - * refused-stream: Loadbalancer will retry if the backend service resets the stream with a - REFUSED_STREAM error code. This reset type indicates that it is safe to retry. - * cancelled: Loadbalancer will retry if the gRPC status code in the response - header is set to cancelled - * deadline-exceeded: Loadbalancer will retry if the - gRPC status code in the response header is set to deadline-exceeded - * resource-exhausted: Loadbalancer will retry if the gRPC status code in the response - header is set to resource-exhausted - * unavailable: Loadbalancer will retry if the gRPC status code in - the response header is set to unavailable. + description: 'Specifies one or more conditions + when this retry policy applies. Valid values + are: - 5xx: retry is attempted if the instance + or endpoint responds with any 5xx response code, + or if the instance or endpoint does not respond + at all. For example, disconnects, reset, read + timeout, connection failure, and refused streams. + - gateway-error: Similar to 5xx, but only applies + to response codes 502, 503 or 504. - connect-failure: + a retry is attempted on failures connecting + to the instance or endpoint. For example, connection + timeouts. - retriable-4xx: a retry is attempted + if the instance or endpoint responds with a + 4xx response code. The only error that you can + retry is error code 409. - refused-stream: a + retry is attempted if the instance or endpoint + resets the stream with a REFUSED_STREAM error + code. This reset type indicates that it is safe + to retry. - cancelled: a retry is attempted + if the gRPC status code in the response header + is set to cancelled. - deadline-exceeded: a + retry is attempted if the gRPC status code in + the response header is set to deadline-exceeded. + - internal: a retry is attempted if the gRPC + status code in the response header is set to + internal. - resource-exhausted: a retry is attempted + if the gRPC status code in the response header + is set to resource-exhausted. - unavailable: + a retry is attempted if the gRPC status code + in the response header is set to unavailable. + Only the following codes are supported when + the URL map is bound to target gRPC proxy that + has validateForProxyless field set to true. + - cancelled - deadline-exceeded - internal - + resource-exhausted - unavailable' items: type: string type: array - required: - - numRetries type: object timeout: - description: |- - Specifies the timeout for the selected route. Timeout is computed from the time - the request is has been fully processed (i.e. end-of-stream) up until the - response has been completely processed. Timeout includes all retries. If not - specified, the default value is 15 seconds. + description: Specifies the timeout for the selected + route. Timeout is computed from the time the request + has been fully processed (known as *end-of-stream*) + up until the response has been processed. Timeout + includes all retries. If not specified, this field + uses the largest timeout among all backend services + associated with the route. Not supported when the + URL map is bound to a target gRPC proxy that has + validateForProxyless field set to true. properties: nanos: - description: |- - Span of time that's a fraction of a second at nanosecond resolution. Durations - less than one second are represented with a 0 'seconds' field and a positive - 'nanos' field. Must be from 0 to 999,999,999 inclusive. + description: Span of time that's a fraction of + a second at nanosecond resolution. Durations + less than one second are represented with a + 0 `seconds` field and a positive `nanos` field. + Must be from 0 to 999,999,999 inclusive. + format: int32 type: integer seconds: - description: |- - Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 - inclusive. - type: string - required: - - seconds + description: 'Span of time at a resolution of + a second. Must be from 0 to 315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer type: object urlRewrite: - description: |- - The spec to modify the URL of the request, prior to forwarding the request to - the matched service. + description: The spec to modify the URL of the request, + before forwarding the request to the matched service. + urlRewrite is the only action supported in UrlMaps + for classic Application Load Balancers. Not supported + when the URL map is bound to a target gRPC proxy + that has the validateForProxyless field set to true. properties: hostRewrite: - description: |- - Prior to forwarding the request to the selected service, the request's host - header is replaced with contents of hostRewrite. The value must be between 1 and - 255 characters. + description: Before forwarding the request to + the selected service, the request's host header + is replaced with contents of hostRewrite. The + value must be from 1 to 255 characters. type: string pathPrefixRewrite: - description: |- - Prior to forwarding the request to the selected backend service, the matching - portion of the request's path is replaced by pathPrefixRewrite. The value must - be between 1 and 1024 characters. + description: Before forwarding the request to + the selected backend service, the matching portion + of the request's path is replaced by pathPrefixRewrite. + The value must be from 1 to 1024 characters. type: string pathTemplateRewrite: - description: |- - Prior to forwarding the request to the selected origin, if the - request matched a pathTemplateMatch, the matching portion of the - request's path is replaced re-written using the pattern specified - by pathTemplateRewrite. - - pathTemplateRewrite must be between 1 and 255 characters - (inclusive), must start with a '/', and must only use variables - captured by the route's pathTemplate matchers. - - pathTemplateRewrite may only be used when all of a route's - MatchRules specify pathTemplate. - - Only one of pathPrefixRewrite and pathTemplateRewrite may be - specified. + description: If specified, the pattern rewrites + the URL path (based on the :path header) using + the HTTP template syntax. A corresponding path_template_match + must be specified. Any template variables must + exist in the path_template_match field. - -At + least one variable must be specified in the + path_template_match field - You can omit variables + from the rewritten URL - The * and ** operators + cannot be matched unless they have a corresponding + variable name - e.g. {format=*} or {var=**}. + For example, a path_template_match of /static/{format=**} + could be rewritten as /static/content/{format} + to prefix /content to the URL. Variables can + also be re-ordered in a rewrite, so that /{country}/{format}/{suffix=**} + can be rewritten as /content/{format}/{country}/{suffix}. + At least one non-empty routeRules[].matchRules[].path_template_match + is required. Only one of path_prefix_rewrite + or path_template_rewrite may be specified. type: string type: object weightedBackendServices: - description: |- - A list of weighted backend services to send traffic to when a route match - occurs. The weights determine the fraction of traffic that flows to their - corresponding backend service. If all traffic needs to go to a single backend - service, there must be one weightedBackendService with weight set to a non 0 - number. Once a backendService is identified and before forwarding the request to - the backend service, advanced routing actions like Url rewrites and header - transformations are applied depending on additional settings specified in this - HttpRouteAction. + description: A list of weighted backend services to + send traffic to when a route match occurs. The weights + determine the fraction of traffic that flows to + their corresponding backend service. If all traffic + needs to go to a single backend service, there must + be one weightedBackendService with weight set to + a non-zero number. After a backend service is identified + and before forwarding the request to the backend + service, advanced routing actions such as URL rewrites + and header transformations are applied depending + on additional settings specified in this HttpRouteAction. items: properties: - backendServiceRef: - description: |- - Required. The default backend service resource. Before forwarding - the request to backendService, the loadbalancer applies any relevant - headerActions specified as part of this backendServiceWeight. - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` - field of a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. - More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object + backendService: + description: The full or partial URL to the + default BackendService resource. Before forwarding + the request to backendService, the load balancer + applies any relevant headerActions specified + as part of this backendServiceWeight. + type: string headerAction: - description: |- - Specifies changes to request and response headers that need to take effect for - the selected backendService. headerAction specified here take effect before - headerAction in the enclosing HttpRouteRule, PathMatcher and UrlMap. + description: Specifies changes to request and + response headers that need to take effect + for the selected backendService. headerAction + specified here take effect before headerAction + in the enclosing HttpRouteRule, PathMatcher + and UrlMap. headerAction is not supported + for load balancers that have their loadBalancingScheme + set to EXTERNAL. Not supported when the URL + map is bound to a target gRPC proxy that has + validateForProxyless field set to true. properties: requestHeadersToAdd: - description: |- - Headers to add to a matching request prior to forwarding the request to the - backendService. + description: Headers to add to a matching + request before forwarding the request + to the backendService. items: properties: headerName: @@ -2415,28 +2874,30 @@ spec: to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue + is appended to any values that already + exist for the header. If true, headerValue + is set for the header, discarding + any values that were set for that + header. The default value is true, + unless a variable is present in + headerValue, in which case the default + value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array requestHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the request - prior to forwarding the request to the backendService. + description: A list of header names for + headers that need to be removed from the + request before forwarding the request + to the backendService. items: type: string type: array responseHeadersToAdd: description: Headers to add the response - prior to sending the response back to - the client. + before sending the response back to the + client. items: properties: headerName: @@ -2447,222 +2908,225 @@ spec: to add. type: string replace: - description: |- - If false, headerValue is appended to any values that already exist for the - header. If true, headerValue is set for the header, discarding any values that - were set for that header. + description: If false, headerValue + is appended to any values that already + exist for the header. If true, headerValue + is set for the header, discarding + any values that were set for that + header. The default value is true, + unless a variable is present in + headerValue, in which case the default + value is false. . type: boolean - required: - - headerName - - headerValue - - replace type: object type: array responseHeadersToRemove: - description: |- - A list of header names for headers that need to be removed from the response - prior to sending the response back to the client. + description: A list of header names for + headers that need to be removed from the + response before sending the response back + to the client. items: type: string type: array type: object weight: - description: |- - Specifies the fraction of traffic sent to backendService, computed as weight / - (sum of all weightedBackendService weights in routeAction) . The selection of a - backend service is determined only for new traffic. Once a user's request has - been directed to a backendService, subsequent requests will be sent to the same - backendService as determined by the BackendService's session affinity policy. - The value must be between 0 and 1000. + description: Specifies the fraction of traffic + sent to a backend service, computed as weight + / (sum of all weightedBackendService weights + in routeAction) . The selection of a backend + service is determined only for new traffic. + Once a user's request has been directed to + a backend service, subsequent requests are + sent to the same backend service as determined + by the backend service's session affinity + policy. Don't configure session affinity if + you're using weighted traffic splitting. If + you do, the weighted traffic splitting configuration + takes precedence. The value must be from 0 + to 1000. + format: int32 type: integer - required: - - backendServiceRef - - weight type: object type: array type: object service: - description: |- - The region backend service resource to which traffic is - directed if this rule is matched. If routeAction is additionally specified, - advanced routing actions like URL Rewrites, etc. take effect prior to sending - the request to the backend. However, if service is specified, routeAction cannot - contain any weightedBackendService s. Conversely, if routeAction specifies any - weightedBackendServices, service must not be specified. Only one of urlRedirect, - service or routeAction.weightedBackendService must be set. + description: The full or partial URL of the backend service + resource to which traffic is directed if this rule is + matched. If routeAction is also specified, advanced + routing actions, such as URL rewrites, take effect before + sending the request to the backend. Only one of urlRedirect, + service or routeAction.weightedBackendService can be + set. type: string urlRedirect: - description: |- - When this rule is matched, the request is redirected to a URL specified by - urlRedirect. If urlRedirect is specified, service or routeAction must not be - set. + description: When this rule is matched, the request is + redirected to a URL specified by urlRedirect. Only one + of urlRedirect, service or routeAction.weightedBackendService + can be set. Not supported when the URL map is bound + to a target gRPC proxy. properties: hostRedirect: - description: |- - The host that will be used in the redirect response instead of the one - that was supplied in the request. The value must be between 1 and 255 - characters. + description: The host that is used in the redirect + response instead of the one that was supplied in + the request. The value must be from 1 to 255 characters. type: string httpsRedirect: - description: |- - If set to true, the URL scheme in the redirected request is set to https. - If set to false, the URL scheme of the redirected request will remain the - same as that of the request. This must only be set for UrlMaps used in - TargetHttpProxys. Setting this true for TargetHttpsProxy is not - permitted. The default is set to false. + description: If set to true, the URL scheme in the + redirected request is set to HTTPS. If set to false, + the URL scheme of the redirected request remains + the same as that of the request. This must only + be set for URL maps used in TargetHttpProxys. Setting + this true for TargetHttpsProxy is not permitted. + The default is set to false. type: boolean pathRedirect: - description: |- - The path that will be used in the redirect response instead of the one - that was supplied in the request. pathRedirect cannot be supplied - together with prefixRedirect. Supply one alone or neither. If neither is - supplied, the path of the original request will be used for the redirect. - The value must be between 1 and 1024 characters. + description: The path that is used in the redirect + response instead of the one that was supplied in + the request. pathRedirect cannot be supplied together + with prefixRedirect. Supply one alone or neither. + If neither is supplied, the path of the original + request is used for the redirect. The value must + be from 1 to 1024 characters. type: string prefixRedirect: - description: |- - The prefix that replaces the prefixMatch specified in the - HttpRouteRuleMatch, retaining the remaining portion of the URL before - redirecting the request. prefixRedirect cannot be supplied together with - pathRedirect. Supply one alone or neither. If neither is supplied, the - path of the original request will be used for the redirect. The value - must be between 1 and 1024 characters. + description: The prefix that replaces the prefixMatch + specified in the HttpRouteRuleMatch, retaining the + remaining portion of the URL before redirecting + the request. prefixRedirect cannot be supplied together + with pathRedirect. Supply one alone or neither. + If neither is supplied, the path of the original + request is used for the redirect. The value must + be from 1 to 1024 characters. type: string redirectResponseCode: - description: |- - The HTTP Status code to use for this RedirectAction. Supported values are: - - * MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301. - - * FOUND, which corresponds to 302. - - * SEE_OTHER which corresponds to 303. - - * TEMPORARY_REDIRECT, which corresponds to 307. In this case, the request method - will be retained. - - * PERMANENT_REDIRECT, which corresponds to 308. In this case, - the request method will be retained. Possible values: ["FOUND", "MOVED_PERMANENTLY_DEFAULT", "PERMANENT_REDIRECT", "SEE_OTHER", "TEMPORARY_REDIRECT"]. + description: 'The HTTP Status code to use for this + RedirectAction. Supported values are: - MOVED_PERMANENTLY_DEFAULT, + which is the default value and corresponds to 301. + - FOUND, which corresponds to 302. - SEE_OTHER which + corresponds to 303. - TEMPORARY_REDIRECT, which + corresponds to 307. In this case, the request method + is retained. - PERMANENT_REDIRECT, which corresponds + to 308. In this case, the request method is retained. + Check the RedirectResponseCode enum for the list + of possible values.' type: string stripQuery: - description: |- - If set to true, any accompanying query portion of the original URL is - removed prior to redirecting the request. If set to false, the query - portion of the original URL is retained. The default value is false. + description: If set to true, any accompanying query + portion of the original URL is removed before redirecting + the request. If set to false, the query portion + of the original URL is retained. The default is + set to false. type: boolean type: object - required: - - priority type: object type: array - required: - - name type: object type: array + projectRef: + description: The project that this resource belongs to. + oneOf: + - not: + required: + - external + required: + - name + - not: + anyOf: + - required: + - name + - required: + - namespace + required: + - external + properties: + external: + description: The `projectID` field of a project, when not managed + by Config Connector. + type: string + kind: + description: The kind of the Project resource; optional but must + be `Project` if provided. + type: string + name: + description: The `name` field of a `Project` resource. + type: string + namespace: + description: The `namespace` field of a `Project` resource. + type: string + type: object resourceID: - description: Immutable. Optional. The name of the resource. Used for - creation and acquisition. When unset, the value of `metadata.name` - is used as the default. + description: The ComputeURLMap name. If not given, the metadata.name + will be used. type: string - test: - description: |- - The list of expected URL mappings. Requests to update this UrlMap will - succeed only if all of the test cases pass. + tests: + description: The list of expected URL mappings. items: properties: description: description: Description of this test case. type: string + expectedOutputURL: + description: The expected output URL evaluated by the load balancer + containing the scheme, host, path and query parameters. For + rules that forward requests to backends, the test passes only + when expectedOutputUrl matches the request forwarded by the + load balancer to backends. For rules with urlRewrite, the + test verifies that the forwarded request matches hostRewrite + and pathPrefixRewrite in the urlRewrite action. When service + is specified, expectedOutputUrl`s scheme is ignored. For rules + with urlRedirect, the test passes only if expectedOutputUrl + matches the URL in the load balancer's redirect response. + If urlRedirect specifies https_redirect, the test passes only + if the scheme in expectedOutputUrl is also set to HTTPS. If + urlRedirect specifies strip_query, the test passes only if + expectedOutputUrl does not contain any query parameters. expectedOutputUrl + is optional when service is specified. + type: string + expectedRedirectResponseCode: + description: For rules with urlRedirect, the test passes only + if expectedRedirectResponseCode matches the HTTP status code + in load balancer's redirect response. expectedRedirectResponseCode + cannot be set when service is set. + format: int32 + type: integer + headers: + description: HTTP headers for this request. If headers contains + a host header, then host must also match the header value. + items: + properties: + name: + description: Header name. + type: string + value: + description: Header value. + type: string + type: object + type: array host: - description: Host portion of the URL. + description: Host portion of the URL. If headers contains a + host header, then host must also match the header value. type: string path: description: Path portion of the URL. type: string service: - description: |- - The backend service resource that should be matched by this test. - For the Global URL Map, it should be a reference to the backend - service or backend bucket. - For the Regional URL Map, it should be a reference to the backend - service. - oneOf: - - required: - - backendBucketRef - - required: - - backendServiceRef - properties: - backendBucketRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of - a `ComputeBackendBucket` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - backendServiceRef: - oneOf: - - not: - required: - - external - required: - - name - - not: - anyOf: - - required: - - name - - required: - - namespace - required: - - external - properties: - external: - description: 'Allowed value: The `selfLink` field of - a `ComputeBackendService` resource.' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - type: object - type: object - required: - - host - - path - - service + description: Expected BackendService or BackendBucket resource + the given URL should be mapped to. The service field cannot + be set if expectedRedirectResponseCode is set. + type: string type: object type: array required: - location + - projectRef type: object status: + description: ComputeURLMapStatus defines the config connector machine + state of ComputeURLMap properties: conditions: - description: Conditions represent the latest available observation - of the resource's current state. + description: Conditions represent the latest available observations + of the object's current state. items: properties: lastTransitionTime: @@ -2686,26 +3150,36 @@ spec: type: string type: object type: array - creationTimestamp: - description: Creation timestamp in RFC3339 text format. - type: string - fingerprint: - description: |- - Fingerprint of this resource. This field is used internally during - updates of this resource. + externalRef: + description: A unique specifier for the ComputeURLMap resource in + GCP. type: string - mapId: - description: The unique identifier for the resource. - type: integer observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. + format: int64 type: integer - selfLink: - type: string + observedState: + description: ObservedState is the state of the resource as most recently + observed in GCP. + properties: + creationTimestamp: + description: Creation timestamp in RFC3339 text format. + type: string + fingerprint: + description: Fingerprint used for optimistic locking. + type: string + selfLink: + description: The self-link for the resource. + type: string + urlMapId: + description: The unique identifier for the resource. + format: int64 + type: integer + type: object type: object required: - spec @@ -2714,9 +3188,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/docs/reports/crd_report.csv b/docs/reports/crd_report.csv index b597db90e92..bf7fe092e61 100644 --- a/docs/reports/crd_report.csv +++ b/docs/reports/crd_report.csv @@ -179,7 +179,7 @@ compute.cnrm.cloud.google.com,ComputeTargetPool,False,True,False,Terraform,False compute.cnrm.cloud.google.com,ComputeTargetSSLProxy,False,True,False,Terraform,False compute.cnrm.cloud.google.com,ComputeTargetTCPProxy,False,True,False,Terraform,True compute.cnrm.cloud.google.com,ComputeTargetVPNGateway,False,True,False,Terraform,False -compute.cnrm.cloud.google.com,ComputeURLMap,False,True,False,Terraform,False +compute.cnrm.cloud.google.com,ComputeURLMap,False,True,False,Terraform,True compute.cnrm.cloud.google.com,ComputeVPNGateway,False,True,False,Terraform,False compute.cnrm.cloud.google.com,ComputeVPNTunnel,False,True,False,Terraform,False configcontroller.cnrm.cloud.google.com,ConfigControllerInstance,False,True,False,DCL,False diff --git a/docs/reports/crd_report.md b/docs/reports/crd_report.md index d8aa6c8faed..19d3bcaa8d5 100644 --- a/docs/reports/crd_report.md +++ b/docs/reports/crd_report.md @@ -182,7 +182,7 @@ | compute.cnrm.cloud.google.com | ComputeTargetSSLProxy | False | True | False | Terraform | False | | compute.cnrm.cloud.google.com | ComputeTargetTCPProxy | False | True | False | Terraform | True | | compute.cnrm.cloud.google.com | ComputeTargetVPNGateway | False | True | False | Terraform | False | -| compute.cnrm.cloud.google.com | ComputeURLMap | False | True | False | Terraform | False | +| compute.cnrm.cloud.google.com | ComputeURLMap | False | True | False | Terraform | True | | compute.cnrm.cloud.google.com | ComputeVPNGateway | False | True | False | Terraform | False | | compute.cnrm.cloud.google.com | ComputeVPNTunnel | False | True | False | Terraform | False | | configcontroller.cnrm.cloud.google.com | ConfigControllerInstance | False | True | False | DCL | False | diff --git a/pkg/controller/direct/compute/client.go b/pkg/controller/direct/compute/client.go index 528c09ebe8e..fad33351639 100644 --- a/pkg/controller/direct/compute/client.go +++ b/pkg/controller/direct/compute/client.go @@ -117,3 +117,30 @@ func (m *gcpClient) newRegionalTargetTcpProxiesClient(ctx context.Context) (*com } return client, err } + +func (m *gcpClient) newUrlMapsClient(ctx context.Context) (*compute.UrlMapsClient, error) { + opts, err := m.config.RESTClientOptions() + if err != nil { + return nil, err + } + + client, err := compute.NewUrlMapsRESTClient(ctx, opts...) + if err != nil { + return nil, fmt.Errorf("building compute UrlMapsClient client: %w", err) + + } + return client, err +} + +func (m *gcpClient) newRegionalUrlMapsClient(ctx context.Context) (*compute.RegionUrlMapsClient, error) { + opts, err := m.config.RESTClientOptions() + if err != nil { + return nil, err + } + client, err := compute.NewRegionUrlMapsRESTClient(ctx, opts...) + if err != nil { + return nil, fmt.Errorf("building compute RegionalUrlMapsClient client: %w", err) + + } + return client, err +} diff --git a/pkg/controller/direct/compute/mapper.generated.go b/pkg/controller/direct/compute/mapper.generated.go index 7e1d688b3df..e10ecd011e4 100644 --- a/pkg/controller/direct/compute/mapper.generated.go +++ b/pkg/controller/direct/compute/mapper.generated.go @@ -263,6 +263,160 @@ func ComputeSubnetworkStatus_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm. // MISSING: SystemReservedInternalIPV6Ranges return out } +func ComputeURLMapObservedState_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.UrlMap) *krm.ComputeURLMapObservedState { + if in == nil { + return nil + } + out := &krm.ComputeURLMapObservedState{} + out.CreationTimestamp = in.CreationTimestamp + out.Fingerprint = in.Fingerprint + // MISSING: ID + // MISSING: Kind + // MISSING: Name + // MISSING: Region + out.SelfLink = in.SelfLink + return out +} +func ComputeURLMapObservedState_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.ComputeURLMapObservedState) *pb.UrlMap { + if in == nil { + return nil + } + out := &pb.UrlMap{} + out.CreationTimestamp = in.CreationTimestamp + out.Fingerprint = in.Fingerprint + // MISSING: ID + // MISSING: Kind + // MISSING: Name + // MISSING: Region + out.SelfLink = in.SelfLink + return out +} +func ComputeURLMapSpec_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.UrlMap) *krm.ComputeURLMapSpec { + if in == nil { + return nil + } + out := &krm.ComputeURLMapSpec{} + out.DefaultCustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_FromProto(mapCtx, in.GetDefaultCustomErrorResponsePolicy()) + out.DefaultRouteAction = HTTPRouteAction_v1beta1_FromProto(mapCtx, in.GetDefaultRouteAction()) + out.DefaultService = in.DefaultService + out.DefaultURLRedirect = HTTPRedirectAction_v1beta1_FromProto(mapCtx, in.GetDefaultUrlRedirect()) + out.Description = in.Description + out.HeaderAction = HTTPHeaderAction_v1beta1_FromProto(mapCtx, in.GetHeaderAction()) + out.HostRules = direct.Slice_FromProto(mapCtx, in.HostRules, HostRule_v1beta1_FromProto) + // MISSING: ID + // MISSING: Kind + // MISSING: Name + out.PathMatchers = direct.Slice_FromProto(mapCtx, in.PathMatchers, PathMatcher_v1beta1_FromProto) + // MISSING: Region + out.Tests = direct.Slice_FromProto(mapCtx, in.Tests, URLMapTest_v1beta1_FromProto) + return out +} +func ComputeURLMapSpec_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.ComputeURLMapSpec) *pb.UrlMap { + if in == nil { + return nil + } + out := &pb.UrlMap{} + out.DefaultCustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_ToProto(mapCtx, in.DefaultCustomErrorResponsePolicy) + out.DefaultRouteAction = HTTPRouteAction_v1beta1_ToProto(mapCtx, in.DefaultRouteAction) + out.DefaultService = in.DefaultService + out.DefaultUrlRedirect = HTTPRedirectAction_v1beta1_ToProto(mapCtx, in.DefaultURLRedirect) + out.Description = in.Description + out.HeaderAction = HTTPHeaderAction_v1beta1_ToProto(mapCtx, in.HeaderAction) + out.HostRules = direct.Slice_ToProto(mapCtx, in.HostRules, HostRule_v1beta1_ToProto) + // MISSING: ID + // MISSING: Kind + // MISSING: Name + out.PathMatchers = direct.Slice_ToProto(mapCtx, in.PathMatchers, PathMatcher_v1beta1_ToProto) + // MISSING: Region + out.Tests = direct.Slice_ToProto(mapCtx, in.Tests, URLMapTest_v1beta1_ToProto) + return out +} +func CorsPolicy_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.CorsPolicy) *krm.CorsPolicy { + if in == nil { + return nil + } + out := &krm.CorsPolicy{} + out.AllowCredentials = in.AllowCredentials + out.AllowHeaders = in.AllowHeaders + out.AllowMethods = in.AllowMethods + out.AllowOriginRegexes = in.AllowOriginRegexes + out.AllowOrigins = in.AllowOrigins + out.Disabled = in.Disabled + out.ExposeHeaders = in.ExposeHeaders + out.MaxAge = in.MaxAge + return out +} +func CorsPolicy_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.CorsPolicy) *pb.CorsPolicy { + if in == nil { + return nil + } + out := &pb.CorsPolicy{} + out.AllowCredentials = in.AllowCredentials + out.AllowHeaders = in.AllowHeaders + out.AllowMethods = in.AllowMethods + out.AllowOriginRegexes = in.AllowOriginRegexes + out.AllowOrigins = in.AllowOrigins + out.Disabled = in.Disabled + out.ExposeHeaders = in.ExposeHeaders + out.MaxAge = in.MaxAge + return out +} +func CustomErrorResponsePolicy_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.CustomErrorResponsePolicy) *krm.CustomErrorResponsePolicy { + if in == nil { + return nil + } + out := &krm.CustomErrorResponsePolicy{} + out.ErrorResponseRules = direct.Slice_FromProto(mapCtx, in.ErrorResponseRules, CustomErrorResponsePolicyCustomErrorResponseRule_v1beta1_FromProto) + out.ErrorService = in.ErrorService + return out +} +func CustomErrorResponsePolicy_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.CustomErrorResponsePolicy) *pb.CustomErrorResponsePolicy { + if in == nil { + return nil + } + out := &pb.CustomErrorResponsePolicy{} + out.ErrorResponseRules = direct.Slice_ToProto(mapCtx, in.ErrorResponseRules, CustomErrorResponsePolicyCustomErrorResponseRule_v1beta1_ToProto) + out.ErrorService = in.ErrorService + return out +} +func CustomErrorResponsePolicyCustomErrorResponseRule_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.CustomErrorResponsePolicyCustomErrorResponseRule) *krm.CustomErrorResponsePolicyCustomErrorResponseRule { + if in == nil { + return nil + } + out := &krm.CustomErrorResponsePolicyCustomErrorResponseRule{} + out.MatchResponseCodes = in.MatchResponseCodes + out.OverrideResponseCode = in.OverrideResponseCode + out.Path = in.Path + return out +} +func CustomErrorResponsePolicyCustomErrorResponseRule_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.CustomErrorResponsePolicyCustomErrorResponseRule) *pb.CustomErrorResponsePolicyCustomErrorResponseRule { + if in == nil { + return nil + } + out := &pb.CustomErrorResponsePolicyCustomErrorResponseRule{} + out.MatchResponseCodes = in.MatchResponseCodes + out.OverrideResponseCode = in.OverrideResponseCode + out.Path = in.Path + return out +} +func Duration_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.Duration) *krm.Duration { + if in == nil { + return nil + } + out := &krm.Duration{} + out.Nanos = in.Nanos + out.Seconds = in.Seconds + return out +} +func Duration_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.Duration) *pb.Duration { + if in == nil { + return nil + } + out := &pb.Duration{} + out.Nanos = in.Nanos + out.Seconds = in.Seconds + return out +} func Expr_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.Expr) *krm.Expr { if in == nil { return nil @@ -367,6 +521,328 @@ func ForwardingruleServiceDirectoryRegistrations_v1beta1_ToProto(mapCtx *direct. // MISSING: ServiceDirectoryRegion return out } +func HTTPFaultAbort_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpFaultAbort) *krm.HTTPFaultAbort { + if in == nil { + return nil + } + out := &krm.HTTPFaultAbort{} + out.HTTPStatus = in.HttpStatus + out.Percentage = in.Percentage + return out +} +func HTTPFaultAbort_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPFaultAbort) *pb.HttpFaultAbort { + if in == nil { + return nil + } + out := &pb.HttpFaultAbort{} + out.HttpStatus = in.HTTPStatus + out.Percentage = in.Percentage + return out +} +func HTTPFaultDelay_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpFaultDelay) *krm.HTTPFaultDelay { + if in == nil { + return nil + } + out := &krm.HTTPFaultDelay{} + out.FixedDelay = Duration_v1beta1_FromProto(mapCtx, in.GetFixedDelay()) + out.Percentage = in.Percentage + return out +} +func HTTPFaultDelay_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPFaultDelay) *pb.HttpFaultDelay { + if in == nil { + return nil + } + out := &pb.HttpFaultDelay{} + out.FixedDelay = Duration_v1beta1_ToProto(mapCtx, in.FixedDelay) + out.Percentage = in.Percentage + return out +} +func HTTPFaultInjection_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpFaultInjection) *krm.HTTPFaultInjection { + if in == nil { + return nil + } + out := &krm.HTTPFaultInjection{} + out.Abort = HTTPFaultAbort_v1beta1_FromProto(mapCtx, in.GetAbort()) + out.Delay = HTTPFaultDelay_v1beta1_FromProto(mapCtx, in.GetDelay()) + return out +} +func HTTPFaultInjection_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPFaultInjection) *pb.HttpFaultInjection { + if in == nil { + return nil + } + out := &pb.HttpFaultInjection{} + out.Abort = HTTPFaultAbort_v1beta1_ToProto(mapCtx, in.Abort) + out.Delay = HTTPFaultDelay_v1beta1_ToProto(mapCtx, in.Delay) + return out +} +func HTTPHeaderAction_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpHeaderAction) *krm.HTTPHeaderAction { + if in == nil { + return nil + } + out := &krm.HTTPHeaderAction{} + out.RequestHeadersToAdd = direct.Slice_FromProto(mapCtx, in.RequestHeadersToAdd, HTTPHeaderOption_v1beta1_FromProto) + out.RequestHeadersToRemove = in.RequestHeadersToRemove + out.ResponseHeadersToAdd = direct.Slice_FromProto(mapCtx, in.ResponseHeadersToAdd, HTTPHeaderOption_v1beta1_FromProto) + out.ResponseHeadersToRemove = in.ResponseHeadersToRemove + return out +} +func HTTPHeaderAction_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPHeaderAction) *pb.HttpHeaderAction { + if in == nil { + return nil + } + out := &pb.HttpHeaderAction{} + out.RequestHeadersToAdd = direct.Slice_ToProto(mapCtx, in.RequestHeadersToAdd, HTTPHeaderOption_v1beta1_ToProto) + out.RequestHeadersToRemove = in.RequestHeadersToRemove + out.ResponseHeadersToAdd = direct.Slice_ToProto(mapCtx, in.ResponseHeadersToAdd, HTTPHeaderOption_v1beta1_ToProto) + out.ResponseHeadersToRemove = in.ResponseHeadersToRemove + return out +} +func HTTPHeaderMatch_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpHeaderMatch) *krm.HTTPHeaderMatch { + if in == nil { + return nil + } + out := &krm.HTTPHeaderMatch{} + out.ExactMatch = in.ExactMatch + out.HeaderName = in.HeaderName + out.InvertMatch = in.InvertMatch + out.PrefixMatch = in.PrefixMatch + out.PresentMatch = in.PresentMatch + out.RangeMatch = Int64RangeMatch_v1beta1_FromProto(mapCtx, in.GetRangeMatch()) + out.RegexMatch = in.RegexMatch + out.SuffixMatch = in.SuffixMatch + return out +} +func HTTPHeaderMatch_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPHeaderMatch) *pb.HttpHeaderMatch { + if in == nil { + return nil + } + out := &pb.HttpHeaderMatch{} + out.ExactMatch = in.ExactMatch + out.HeaderName = in.HeaderName + out.InvertMatch = in.InvertMatch + out.PrefixMatch = in.PrefixMatch + out.PresentMatch = in.PresentMatch + out.RangeMatch = Int64RangeMatch_v1beta1_ToProto(mapCtx, in.RangeMatch) + out.RegexMatch = in.RegexMatch + out.SuffixMatch = in.SuffixMatch + return out +} +func HTTPHeaderOption_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpHeaderOption) *krm.HTTPHeaderOption { + if in == nil { + return nil + } + out := &krm.HTTPHeaderOption{} + out.HeaderName = in.HeaderName + out.HeaderValue = in.HeaderValue + out.Replace = in.Replace + return out +} +func HTTPHeaderOption_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPHeaderOption) *pb.HttpHeaderOption { + if in == nil { + return nil + } + out := &pb.HttpHeaderOption{} + out.HeaderName = in.HeaderName + out.HeaderValue = in.HeaderValue + out.Replace = in.Replace + return out +} +func HTTPQueryParameterMatch_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpQueryParameterMatch) *krm.HTTPQueryParameterMatch { + if in == nil { + return nil + } + out := &krm.HTTPQueryParameterMatch{} + out.ExactMatch = in.ExactMatch + out.Name = in.Name + out.PresentMatch = in.PresentMatch + out.RegexMatch = in.RegexMatch + return out +} +func HTTPQueryParameterMatch_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPQueryParameterMatch) *pb.HttpQueryParameterMatch { + if in == nil { + return nil + } + out := &pb.HttpQueryParameterMatch{} + out.ExactMatch = in.ExactMatch + out.Name = in.Name + out.PresentMatch = in.PresentMatch + out.RegexMatch = in.RegexMatch + return out +} +func HTTPRedirectAction_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpRedirectAction) *krm.HTTPRedirectAction { + if in == nil { + return nil + } + out := &krm.HTTPRedirectAction{} + out.HostRedirect = in.HostRedirect + out.HTTPSRedirect = in.HttpsRedirect + out.PathRedirect = in.PathRedirect + out.PrefixRedirect = in.PrefixRedirect + out.RedirectResponseCode = in.RedirectResponseCode + out.StripQuery = in.StripQuery + return out +} +func HTTPRedirectAction_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPRedirectAction) *pb.HttpRedirectAction { + if in == nil { + return nil + } + out := &pb.HttpRedirectAction{} + out.HostRedirect = in.HostRedirect + out.HttpsRedirect = in.HTTPSRedirect + out.PathRedirect = in.PathRedirect + out.PrefixRedirect = in.PrefixRedirect + out.RedirectResponseCode = in.RedirectResponseCode + out.StripQuery = in.StripQuery + return out +} +func HTTPRetryPolicy_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpRetryPolicy) *krm.HTTPRetryPolicy { + if in == nil { + return nil + } + out := &krm.HTTPRetryPolicy{} + out.NumRetries = in.NumRetries + out.PerTryTimeout = Duration_v1beta1_FromProto(mapCtx, in.GetPerTryTimeout()) + out.RetryConditions = in.RetryConditions + return out +} +func HTTPRetryPolicy_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPRetryPolicy) *pb.HttpRetryPolicy { + if in == nil { + return nil + } + out := &pb.HttpRetryPolicy{} + out.NumRetries = in.NumRetries + out.PerTryTimeout = Duration_v1beta1_ToProto(mapCtx, in.PerTryTimeout) + out.RetryConditions = in.RetryConditions + return out +} +func HTTPRouteAction_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpRouteAction) *krm.HTTPRouteAction { + if in == nil { + return nil + } + out := &krm.HTTPRouteAction{} + out.CorsPolicy = CorsPolicy_v1beta1_FromProto(mapCtx, in.GetCorsPolicy()) + out.FaultInjectionPolicy = HTTPFaultInjection_v1beta1_FromProto(mapCtx, in.GetFaultInjectionPolicy()) + out.MaxStreamDuration = Duration_v1beta1_FromProto(mapCtx, in.GetMaxStreamDuration()) + out.RequestMirrorPolicy = RequestMirrorPolicy_v1beta1_FromProto(mapCtx, in.GetRequestMirrorPolicy()) + out.RetryPolicy = HTTPRetryPolicy_v1beta1_FromProto(mapCtx, in.GetRetryPolicy()) + out.Timeout = Duration_v1beta1_FromProto(mapCtx, in.GetTimeout()) + out.URLRewrite = URLRewrite_v1beta1_FromProto(mapCtx, in.GetUrlRewrite()) + out.WeightedBackendServices = direct.Slice_FromProto(mapCtx, in.WeightedBackendServices, WeightedBackendService_v1beta1_FromProto) + return out +} +func HTTPRouteAction_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPRouteAction) *pb.HttpRouteAction { + if in == nil { + return nil + } + out := &pb.HttpRouteAction{} + out.CorsPolicy = CorsPolicy_v1beta1_ToProto(mapCtx, in.CorsPolicy) + out.FaultInjectionPolicy = HTTPFaultInjection_v1beta1_ToProto(mapCtx, in.FaultInjectionPolicy) + out.MaxStreamDuration = Duration_v1beta1_ToProto(mapCtx, in.MaxStreamDuration) + out.RequestMirrorPolicy = RequestMirrorPolicy_v1beta1_ToProto(mapCtx, in.RequestMirrorPolicy) + out.RetryPolicy = HTTPRetryPolicy_v1beta1_ToProto(mapCtx, in.RetryPolicy) + out.Timeout = Duration_v1beta1_ToProto(mapCtx, in.Timeout) + out.UrlRewrite = URLRewrite_v1beta1_ToProto(mapCtx, in.URLRewrite) + out.WeightedBackendServices = direct.Slice_ToProto(mapCtx, in.WeightedBackendServices, WeightedBackendService_v1beta1_ToProto) + return out +} +func HTTPRouteRule_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpRouteRule) *krm.HTTPRouteRule { + if in == nil { + return nil + } + out := &krm.HTTPRouteRule{} + out.CustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_FromProto(mapCtx, in.GetCustomErrorResponsePolicy()) + out.Description = in.Description + out.HeaderAction = HTTPHeaderAction_v1beta1_FromProto(mapCtx, in.GetHeaderAction()) + out.MatchRules = direct.Slice_FromProto(mapCtx, in.MatchRules, HTTPRouteRuleMatch_v1beta1_FromProto) + out.Priority = in.Priority + out.RouteAction = HTTPRouteAction_v1beta1_FromProto(mapCtx, in.GetRouteAction()) + out.Service = in.Service + out.URLRedirect = HTTPRedirectAction_v1beta1_FromProto(mapCtx, in.GetUrlRedirect()) + return out +} +func HTTPRouteRule_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPRouteRule) *pb.HttpRouteRule { + if in == nil { + return nil + } + out := &pb.HttpRouteRule{} + out.CustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_ToProto(mapCtx, in.CustomErrorResponsePolicy) + out.Description = in.Description + out.HeaderAction = HTTPHeaderAction_v1beta1_ToProto(mapCtx, in.HeaderAction) + out.MatchRules = direct.Slice_ToProto(mapCtx, in.MatchRules, HTTPRouteRuleMatch_v1beta1_ToProto) + out.Priority = in.Priority + out.RouteAction = HTTPRouteAction_v1beta1_ToProto(mapCtx, in.RouteAction) + out.Service = in.Service + out.UrlRedirect = HTTPRedirectAction_v1beta1_ToProto(mapCtx, in.URLRedirect) + return out +} +func HTTPRouteRuleMatch_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HttpRouteRuleMatch) *krm.HTTPRouteRuleMatch { + if in == nil { + return nil + } + out := &krm.HTTPRouteRuleMatch{} + out.FullPathMatch = in.FullPathMatch + out.HeaderMatches = direct.Slice_FromProto(mapCtx, in.HeaderMatches, HTTPHeaderMatch_v1beta1_FromProto) + out.IgnoreCase = in.IgnoreCase + out.MetadataFilters = direct.Slice_FromProto(mapCtx, in.MetadataFilters, MetadataFilter_v1beta1_FromProto) + out.PathTemplateMatch = in.PathTemplateMatch + out.PrefixMatch = in.PrefixMatch + out.QueryParameterMatches = direct.Slice_FromProto(mapCtx, in.QueryParameterMatches, HTTPQueryParameterMatch_v1beta1_FromProto) + out.RegexMatch = in.RegexMatch + return out +} +func HTTPRouteRuleMatch_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HTTPRouteRuleMatch) *pb.HttpRouteRuleMatch { + if in == nil { + return nil + } + out := &pb.HttpRouteRuleMatch{} + out.FullPathMatch = in.FullPathMatch + out.HeaderMatches = direct.Slice_ToProto(mapCtx, in.HeaderMatches, HTTPHeaderMatch_v1beta1_ToProto) + out.IgnoreCase = in.IgnoreCase + out.MetadataFilters = direct.Slice_ToProto(mapCtx, in.MetadataFilters, MetadataFilter_v1beta1_ToProto) + out.PathTemplateMatch = in.PathTemplateMatch + out.PrefixMatch = in.PrefixMatch + out.QueryParameterMatches = direct.Slice_ToProto(mapCtx, in.QueryParameterMatches, HTTPQueryParameterMatch_v1beta1_ToProto) + out.RegexMatch = in.RegexMatch + return out +} +func HostRule_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.HostRule) *krm.HostRule { + if in == nil { + return nil + } + out := &krm.HostRule{} + out.Description = in.Description + out.Hosts = in.Hosts + out.PathMatcher = in.PathMatcher + return out +} +func HostRule_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.HostRule) *pb.HostRule { + if in == nil { + return nil + } + out := &pb.HostRule{} + out.Description = in.Description + out.Hosts = in.Hosts + out.PathMatcher = in.PathMatcher + return out +} +func Int64RangeMatch_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.Int64RangeMatch) *krm.Int64RangeMatch { + if in == nil { + return nil + } + out := &krm.Int64RangeMatch{} + out.RangeEnd = in.RangeEnd + out.RangeStart = in.RangeStart + return out +} +func Int64RangeMatch_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.Int64RangeMatch) *pb.Int64RangeMatch { + if in == nil { + return nil + } + out := &pb.Int64RangeMatch{} + out.RangeEnd = in.RangeEnd + out.RangeStart = in.RangeStart + return out +} func InterconnectCircuitInfo_v1alpha1_FromProto(mapCtx *direct.MapContext, in *pb.InterconnectCircuitInfo) *krmcomputev1alpha1.InterconnectCircuitInfo { if in == nil { return nil @@ -517,6 +993,78 @@ func NetworkAttachmentConnectedEndpoint_v1alpha1_ToProto(mapCtx *direct.MapConte out.SubnetworkCidrRange = in.SubnetworkCIDRRange return out } +func PathMatcher_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.PathMatcher) *krm.PathMatcher { + if in == nil { + return nil + } + out := &krm.PathMatcher{} + out.DefaultCustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_FromProto(mapCtx, in.GetDefaultCustomErrorResponsePolicy()) + out.DefaultRouteAction = HTTPRouteAction_v1beta1_FromProto(mapCtx, in.GetDefaultRouteAction()) + out.DefaultService = in.DefaultService + out.DefaultURLRedirect = HTTPRedirectAction_v1beta1_FromProto(mapCtx, in.GetDefaultUrlRedirect()) + out.Description = in.Description + out.HeaderAction = HTTPHeaderAction_v1beta1_FromProto(mapCtx, in.GetHeaderAction()) + out.Name = in.Name + out.PathRules = direct.Slice_FromProto(mapCtx, in.PathRules, PathRule_v1beta1_FromProto) + out.RouteRules = direct.Slice_FromProto(mapCtx, in.RouteRules, HTTPRouteRule_v1beta1_FromProto) + return out +} +func PathMatcher_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.PathMatcher) *pb.PathMatcher { + if in == nil { + return nil + } + out := &pb.PathMatcher{} + out.DefaultCustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_ToProto(mapCtx, in.DefaultCustomErrorResponsePolicy) + out.DefaultRouteAction = HTTPRouteAction_v1beta1_ToProto(mapCtx, in.DefaultRouteAction) + out.DefaultService = in.DefaultService + out.DefaultUrlRedirect = HTTPRedirectAction_v1beta1_ToProto(mapCtx, in.DefaultURLRedirect) + out.Description = in.Description + out.HeaderAction = HTTPHeaderAction_v1beta1_ToProto(mapCtx, in.HeaderAction) + out.Name = in.Name + out.PathRules = direct.Slice_ToProto(mapCtx, in.PathRules, PathRule_v1beta1_ToProto) + out.RouteRules = direct.Slice_ToProto(mapCtx, in.RouteRules, HTTPRouteRule_v1beta1_ToProto) + return out +} +func PathRule_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.PathRule) *krm.PathRule { + if in == nil { + return nil + } + out := &krm.PathRule{} + out.CustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_FromProto(mapCtx, in.GetCustomErrorResponsePolicy()) + out.Paths = in.Paths + out.RouteAction = HTTPRouteAction_v1beta1_FromProto(mapCtx, in.GetRouteAction()) + out.Service = in.Service + out.URLRedirect = HTTPRedirectAction_v1beta1_FromProto(mapCtx, in.GetUrlRedirect()) + return out +} +func PathRule_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.PathRule) *pb.PathRule { + if in == nil { + return nil + } + out := &pb.PathRule{} + out.CustomErrorResponsePolicy = CustomErrorResponsePolicy_v1beta1_ToProto(mapCtx, in.CustomErrorResponsePolicy) + out.Paths = in.Paths + out.RouteAction = HTTPRouteAction_v1beta1_ToProto(mapCtx, in.RouteAction) + out.Service = in.Service + out.UrlRedirect = HTTPRedirectAction_v1beta1_ToProto(mapCtx, in.URLRedirect) + return out +} +func RequestMirrorPolicy_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.RequestMirrorPolicy) *krm.RequestMirrorPolicy { + if in == nil { + return nil + } + out := &krm.RequestMirrorPolicy{} + out.BackendService = in.BackendService + return out +} +func RequestMirrorPolicy_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.RequestMirrorPolicy) *pb.RequestMirrorPolicy { + if in == nil { + return nil + } + out := &pb.RequestMirrorPolicy{} + out.BackendService = in.BackendService + return out +} func SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig) *krm.SecurityPolicyAdaptiveProtectionConfigLayer7DdosDefenseConfigThresholdConfig { if in == nil { return nil @@ -985,3 +1533,89 @@ func SubnetworkSecondaryRange_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm // MISSING: ReservedInternalRange return out } +func URLMapTest_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.UrlMapTest) *krm.URLMapTest { + if in == nil { + return nil + } + out := &krm.URLMapTest{} + out.Description = in.Description + out.ExpectedOutputURL = in.ExpectedOutputUrl + out.ExpectedRedirectResponseCode = in.ExpectedRedirectResponseCode + out.Headers = direct.Slice_FromProto(mapCtx, in.Headers, URLMapTestHeader_v1beta1_FromProto) + out.Host = in.Host + out.Path = in.Path + out.Service = in.Service + return out +} +func URLMapTest_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.URLMapTest) *pb.UrlMapTest { + if in == nil { + return nil + } + out := &pb.UrlMapTest{} + out.Description = in.Description + out.ExpectedOutputUrl = in.ExpectedOutputURL + out.ExpectedRedirectResponseCode = in.ExpectedRedirectResponseCode + out.Headers = direct.Slice_ToProto(mapCtx, in.Headers, URLMapTestHeader_v1beta1_ToProto) + out.Host = in.Host + out.Path = in.Path + out.Service = in.Service + return out +} +func URLMapTestHeader_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.UrlMapTestHeader) *krm.URLMapTestHeader { + if in == nil { + return nil + } + out := &krm.URLMapTestHeader{} + out.Name = in.Name + out.Value = in.Value + return out +} +func URLMapTestHeader_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.URLMapTestHeader) *pb.UrlMapTestHeader { + if in == nil { + return nil + } + out := &pb.UrlMapTestHeader{} + out.Name = in.Name + out.Value = in.Value + return out +} +func URLRewrite_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.UrlRewrite) *krm.URLRewrite { + if in == nil { + return nil + } + out := &krm.URLRewrite{} + out.HostRewrite = in.HostRewrite + out.PathPrefixRewrite = in.PathPrefixRewrite + out.PathTemplateRewrite = in.PathTemplateRewrite + return out +} +func URLRewrite_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.URLRewrite) *pb.UrlRewrite { + if in == nil { + return nil + } + out := &pb.UrlRewrite{} + out.HostRewrite = in.HostRewrite + out.PathPrefixRewrite = in.PathPrefixRewrite + out.PathTemplateRewrite = in.PathTemplateRewrite + return out +} +func WeightedBackendService_v1beta1_FromProto(mapCtx *direct.MapContext, in *pb.WeightedBackendService) *krm.WeightedBackendService { + if in == nil { + return nil + } + out := &krm.WeightedBackendService{} + out.BackendService = in.BackendService + out.HeaderAction = HTTPHeaderAction_v1beta1_FromProto(mapCtx, in.GetHeaderAction()) + out.Weight = in.Weight + return out +} +func WeightedBackendService_v1beta1_ToProto(mapCtx *direct.MapContext, in *krm.WeightedBackendService) *pb.WeightedBackendService { + if in == nil { + return nil + } + out := &pb.WeightedBackendService{} + out.BackendService = in.BackendService + out.HeaderAction = HTTPHeaderAction_v1beta1_ToProto(mapCtx, in.HeaderAction) + out.Weight = in.Weight + return out +} diff --git a/pkg/controller/direct/compute/urlmap_controller.go b/pkg/controller/direct/compute/urlmap_controller.go new file mode 100644 index 00000000000..ff6ba85ca0d --- /dev/null +++ b/pkg/controller/direct/compute/urlmap_controller.go @@ -0,0 +1,181 @@ +// Copyright 2026 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package compute + +import ( + "context" + "fmt" + + gcp "cloud.google.com/go/compute/apiv1" + computepb "cloud.google.com/go/compute/apiv1/computepb" + krm "github.com/GoogleCloudPlatform/k8s-config-connector/apis/compute/v1beta1" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/config" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct/directbase" + "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/controller/direct/registry" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/klog/v2" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +func init() { + registry.RegisterModel(krm.ComputeURLMapGVK, NewURLMapModel) +} + +func NewURLMapModel(ctx context.Context, config *config.ControllerConfig) (directbase.Model, error) { + return &urlMapModel{config: config}, nil +} + +type urlMapModel struct { + config *config.ControllerConfig +} + +// model implements the Model interface. +var _ directbase.Model = &urlMapModel{} + +type urlMapAdapter struct { + id *krm.ComputeURLMapIdentity + urlMapsClient *gcp.UrlMapsClient + regionalUrlMapClient *gcp.RegionUrlMapsClient + desired *krm.ComputeURLMap + actual *computepb.UrlMap + reader client.Reader +} + +var _ directbase.Adapter = &urlMapAdapter{} + +func (m *urlMapModel) AdapterForObject(ctx context.Context, op *directbase.AdapterForObjectOperation) (directbase.Adapter, error) { + u := op.GetUnstructured() + reader := op.Reader + obj := &krm.ComputeURLMap{} + if err := runtime.DefaultUnstructuredConverter.FromUnstructured(u.Object, &obj); err != nil { + return nil, fmt.Errorf("error converting to %T: %w", obj, err) + } + + id, err := krm.NewComputeURLMapIdentity(ctx, reader, obj) + if err != nil { + return nil, err + } + + adapter := &urlMapAdapter{ + id: id, + desired: obj, + reader: reader, + } + + // Get location + location := id.Region + if location == "" { + location = "global" + } + + gcpClient, err := newGCPClient(m.config) + if err != nil { + return nil, fmt.Errorf("building gcp client: %w", err) + } + + if location == "global" { + client, err := gcpClient.newUrlMapsClient(ctx) + if err != nil { + return nil, err + } + adapter.urlMapsClient = client + } else { + client, err := gcpClient.newRegionalUrlMapsClient(ctx) + if err != nil { + return nil, err + } + adapter.regionalUrlMapClient = client + } + return adapter, nil +} + +func (m *urlMapModel) AdapterForURL(ctx context.Context, url string) (directbase.Adapter, error) { + // TODO: Support URLs + return nil, nil +} + +func (a *urlMapAdapter) Find(ctx context.Context) (bool, error) { + log := klog.FromContext(ctx) + log.V(2).Info("getting ComputeURLMap", "name", a.id) + + urlMap, err := a.get(ctx) + if err != nil { + if direct.IsNotFound(err) { + return false, nil + } + return false, fmt.Errorf("getting ComputeURLMap %q: %w", a.id, err) + } + a.actual = urlMap + return true, nil +} + +func (a *urlMapAdapter) Create(ctx context.Context, createOp *directbase.CreateOperation) error { + return fmt.Errorf("Create not implemented for ComputeURLMap (Direct controller is in development, use Terraform reconciler)") +} + +func (a *urlMapAdapter) Update(ctx context.Context, updateOp *directbase.UpdateOperation) error { + return fmt.Errorf("Update not implemented for ComputeURLMap (Direct controller is in development, use Terraform reconciler)") +} + +func (a *urlMapAdapter) Export(ctx context.Context) (*unstructured.Unstructured, error) { + if a.actual == nil { + return nil, fmt.Errorf("urlMap %s not found", a.id) + } + + mc := &direct.MapContext{} + spec := ComputeURLMapSpec_v1beta1_FromProto(mc, a.actual) + specObj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(spec) + if err != nil { + return nil, fmt.Errorf("error converting urlMap spec to unstructured: %w", err) + } + + u := &unstructured.Unstructured{ + Object: make(map[string]interface{}), + } + u.SetGroupVersionKind(krm.ComputeURLMapGVK) + + if err := unstructured.SetNestedField(u.Object, specObj, "spec"); err != nil { + return nil, fmt.Errorf("setting spec: %w", err) + } + + return u, nil +} + +func (a *urlMapAdapter) Delete(ctx context.Context, deleteOp *directbase.DeleteOperation) (bool, error) { + return false, fmt.Errorf("Delete not implemented for ComputeURLMap (Direct controller is in development, use Terraform reconciler)") +} + +func (a *urlMapAdapter) get(ctx context.Context) (*computepb.UrlMap, error) { + projectID := a.id.Project + location := a.id.Region + name := a.id.Name + + if location == "" { + getReq := &computepb.GetUrlMapRequest{ + Project: projectID, + UrlMap: name, + } + return a.urlMapsClient.Get(ctx, getReq) + } else { + getReq := &computepb.GetRegionUrlMapRequest{ + Project: projectID, + Region: location, + UrlMap: name, + } + return a.regionalUrlMapClient.Get(ctx, getReq) + } +} diff --git a/pkg/controller/resourceconfig/static_config.go b/pkg/controller/resourceconfig/static_config.go index 2ab9a95ebb7..c1dcf3a2a5f 100644 --- a/pkg/controller/resourceconfig/static_config.go +++ b/pkg/controller/resourceconfig/static_config.go @@ -184,7 +184,7 @@ var ControllerConfigStatic = ResourcesControllerMap{ {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeTargetSSLProxy"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeTerraform}}, {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeTargetTCPProxy"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeDirect, k8s.ReconcilerTypeTerraform}}, {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeTargetVPNGateway"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeTerraform}}, - {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeURLMap"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeTerraform}}, + {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeURLMap"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeDirect, k8s.ReconcilerTypeTerraform}}, {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeVPNGateway"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeTerraform}}, {Group: "compute.cnrm.cloud.google.com", Kind: "ComputeVPNTunnel"}: {DefaultController: k8s.ReconcilerTypeTerraform, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeTerraform}}, {Group: "configcontroller.cnrm.cloud.google.com", Kind: "ConfigControllerInstance"}: {DefaultController: k8s.ReconcilerTypeDCL, SupportedControllers: []k8s.ReconcilerType{k8s.ReconcilerTypeDCL}},