diff --git a/api/v1alpha1/consumer_types.go b/api/v1alpha1/consumer_types.go index 095ff8980..f1f4ab34a 100644 --- a/api/v1alpha1/consumer_types.go +++ b/api/v1alpha1/consumer_types.go @@ -16,8 +16,9 @@ type Consumer struct { } type ConsumerSpec struct { - GatewayRef GatewayRef `json:"gatewayRef,omitempty"` - Credentials []CredentialSpec `json:"credentials,omitempty"` + GatewayRef GatewayRef `json:"gatewayRef,omitempty"` + Credentials []Credential `json:"credentials,omitempty"` + Plugins []Plugin `json:"plugins,omitempty"` } type GatewayRef struct { @@ -27,8 +28,8 @@ type GatewayRef struct { Namespace *string `json:"namespace,omitempty"` } -// +kubebuilder:validation:XValidation:rule="has(self.config) != has(self.secretRef)" -type CredentialSpec struct { +type Credential struct { + // +kubebuilder:validation:Required // +kubebuilder:validation:Enum=jwt-auth;basic-auth;key-auth;hmac-auth; Type string `json:"type"` Config apiextensionsv1.JSON `json:"config,omitempty"` @@ -37,8 +38,8 @@ type CredentialSpec struct { } type SecretReference struct { - Name string `json:"name"` - Namespace string `json:"namespace,omitempty"` + Name string `json:"name"` + Namespace *string `json:"namespace,omitempty"` } type Status struct { diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 92f22606a..22efa4cab 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -91,7 +91,14 @@ func (in *ConsumerSpec) DeepCopyInto(out *ConsumerSpec) { in.GatewayRef.DeepCopyInto(&out.GatewayRef) if in.Credentials != nil { in, out := &in.Credentials, &out.Credentials - *out = make([]CredentialSpec, len(*in)) + *out = make([]Credential, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Plugins != nil { + in, out := &in.Plugins, &out.Plugins + *out = make([]Plugin, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } @@ -109,22 +116,22 @@ func (in *ConsumerSpec) DeepCopy() *ConsumerSpec { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *CredentialSpec) DeepCopyInto(out *CredentialSpec) { +func (in *Credential) DeepCopyInto(out *Credential) { *out = *in in.Config.DeepCopyInto(&out.Config) if in.SecretRef != nil { in, out := &in.SecretRef, &out.SecretRef *out = new(SecretReference) - **out = **in + (*in).DeepCopyInto(*out) } } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialSpec. -func (in *CredentialSpec) DeepCopy() *CredentialSpec { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Credential. +func (in *Credential) DeepCopy() *Credential { if in == nil { return nil } - out := new(CredentialSpec) + out := new(Credential) in.DeepCopyInto(out) return out } @@ -351,6 +358,11 @@ func (in *PluginConfigSpec) DeepCopy() *PluginConfigSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretReference) DeepCopyInto(out *SecretReference) { *out = *in + if in.Namespace != nil { + in, out := &in.Namespace, &out.Namespace + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference. diff --git a/config/crd/bases/gateway.apisix.io_consumers.yaml b/config/crd/bases/gateway.apisix.io_consumers.yaml index 06704b3b3..efbfff195 100644 --- a/config/crd/bases/gateway.apisix.io_consumers.yaml +++ b/config/crd/bases/gateway.apisix.io_consumers.yaml @@ -63,8 +63,6 @@ spec: required: - type type: object - x-kubernetes-validations: - - rule: has(self.config) != has(self.secretRef) type: array gatewayRef: properties: @@ -77,6 +75,20 @@ spec: namespace: type: string type: object + plugins: + items: + properties: + config: + description: Plugin configuration. + x-kubernetes-preserve-unknown-fields: true + name: + description: The plugin name. + type: string + required: + - config + - name + type: object + type: array type: object status: properties: diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 43d9b7eab..b5b680c22 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -4,9 +4,17 @@ resources: - bases/gateway.apisix.io_pluginconfigs.yaml - bases/gateway.apisix.io_gatewayproxies.yaml +- bases/gateway.apisix.io_consumers.yaml # +kubebuilder:scaffold:crdkustomizeresource patches: +- path: patches/consumer_credential_oneof.yaml + target: + kind: CustomResourceDefinition + name: consumers.gateway.apisix.io + group: apiextensions.k8s.io + version: v1 + # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD #- path: patches/webhook_in_gatewayproxies.yaml diff --git a/config/crd/patches/consumer_credential_oneof.yaml b/config/crd/patches/consumer_credential_oneof.yaml new file mode 100644 index 000000000..fd8e2039e --- /dev/null +++ b/config/crd/patches/consumer_credential_oneof.yaml @@ -0,0 +1,5 @@ +- op: add + path: /spec/versions/0/schema/openAPIV3Schema/properties/spec/properties/credentials/items/oneOf + value: + - required: [ config ] + - required: [ secretRef ] diff --git a/config/samples/gateway.apisix.io_v1alpha1_consumer.yaml b/config/samples/gateway.apisix.io_v1alpha1_consumer.yaml new file mode 100644 index 000000000..1a9e3c03b --- /dev/null +++ b/config/samples/gateway.apisix.io_v1alpha1_consumer.yaml @@ -0,0 +1,19 @@ +apiVersion: gateway.apisix.io/v1alpha1 +kind: Consumer +metadata: + name: consumer-sample +spec: + credentials: + - type: basic-auth + name: basic-auth-sample + secretRef: + name: basic-auth-sample + namespace: default + - type: key-auth + name: key-auth-sample + config: + key: sample-key + plugins: + - name: key-auth + config: + key: sample-key