Skip to content

Commit 8225cda

Browse files
mohamadaldawamnahmohamadaldawamnah
committed
Update CRDs to match API changes
1 parent 7029a77 commit 8225cda

5 files changed

+2078
-0
lines changed

nginx-ingress/crds/k8s.nginx.org_globalconfigurations.yaml

Lines changed: 66 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,66 @@
1+
---
2+
apiVersion: apiextensions.k8s.io/v1
3+
kind: CustomResourceDefinition
4+
metadata:
5+
annotations:
6+
controller-gen.kubebuilder.io/version: v0.17.3
7+
name: globalconfigurations.k8s.nginx.org
8+
spec:
9+
group: k8s.nginx.org
10+
names:
11+
kind: GlobalConfiguration
12+
listKind: GlobalConfigurationList
13+
plural: globalconfigurations
14+
shortNames:
15+
- gc
16+
singular: globalconfiguration
17+
scope: Namespaced
18+
versions:
19+
- name: v1
20+
schema:
21+
openAPIV3Schema:
22+
description: GlobalConfiguration defines the GlobalConfiguration resource.
23+
properties:
24+
apiVersion:
25+
description: |-
26+
APIVersion defines the versioned schema of this representation of an object.
27+
Servers should convert recognized schemas to the latest internal value, and
28+
may reject unrecognized values.
29+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
30+
type: string
31+
kind:
32+
description: |-
33+
Kind is a string value representing the REST resource this object represents.
34+
Servers may infer this from the endpoint the client submits requests to.
35+
Cannot be updated.
36+
In CamelCase.
37+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
38+
type: string
39+
metadata:
40+
type: object
41+
spec:
42+
description: GlobalConfigurationSpec is the spec of the GlobalConfiguration
43+
resource.
44+
properties:
45+
listeners:
46+
items:
47+
description: Listener defines a listener.
48+
properties:
49+
ipv4:
50+
type: string
51+
ipv6:
52+
type: string
53+
name:
54+
type: string
55+
port:
56+
type: integer
57+
protocol:
58+
type: string
59+
ssl:
60+
type: boolean
61+
type: object
62+
type: array
63+
type: object
64+
type: object
65+
served: true
66+
storage: true

nginx-ingress/crds/k8s.nginx.org_policies.yaml

Lines changed: 279 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,279 @@
1+
---
2+
apiVersion: apiextensions.k8s.io/v1
3+
kind: CustomResourceDefinition
4+
metadata:
5+
annotations:
6+
controller-gen.kubebuilder.io/version: v0.17.3
7+
name: policies.k8s.nginx.org
8+
spec:
9+
group: k8s.nginx.org
10+
names:
11+
kind: Policy
12+
listKind: PolicyList
13+
plural: policies
14+
shortNames:
15+
- pol
16+
singular: policy
17+
scope: Namespaced
18+
versions:
19+
- additionalPrinterColumns:
20+
- description: Current state of the Policy. If the resource has a valid status,
21+
it means it has been validated and accepted by the Ingress Controller.
22+
jsonPath: .status.state
23+
name: State
24+
type: string
25+
- jsonPath: .metadata.creationTimestamp
26+
name: Age
27+
type: date
28+
name: v1
29+
schema:
30+
openAPIV3Schema:
31+
description: Policy defines a Policy for VirtualServer and VirtualServerRoute
32+
resources.
33+
properties:
34+
apiVersion:
35+
description: |-
36+
APIVersion defines the versioned schema of this representation of an object.
37+
Servers should convert recognized schemas to the latest internal value, and
38+
may reject unrecognized values.
39+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
40+
type: string
41+
kind:
42+
description: |-
43+
Kind is a string value representing the REST resource this object represents.
44+
Servers may infer this from the endpoint the client submits requests to.
45+
Cannot be updated.
46+
In CamelCase.
47+
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
48+
type: string
49+
metadata:
50+
type: object
51+
spec:
52+
description: |-
53+
PolicySpec is the spec of the Policy resource.
54+
The spec includes multiple fields, where each field represents a different policy.
55+
Only one policy (field) is allowed.
56+
properties:
57+
accessControl:
58+
description: AccessControl defines an access policy based on the source
59+
IP of a request.
60+
properties:
61+
allow:
62+
items:
63+
type: string
64+
type: array
65+
deny:
66+
items:
67+
type: string
68+
type: array
69+
type: object
70+
apiKey:
71+
description: APIKey defines an API Key policy.
72+
properties:
73+
clientSecret:
74+
type: string
75+
suppliedIn:
76+
description: SuppliedIn defines the locations API Key should be
77+
supplied in.
78+
properties:
79+
header:
80+
items:
81+
type: string
82+
type: array
83+
query:
84+
items:
85+
type: string
86+
type: array
87+
type: object
88+
type: object
89+
basicAuth:
90+
description: BasicAuth holds HTTP Basic authentication configuration
91+
properties:
92+
realm:
93+
type: string
94+
secret:
95+
type: string
96+
type: object
97+
egressMTLS:
98+
description: EgressMTLS defines an Egress MTLS policy.
99+
properties:
100+
ciphers:
101+
type: string
102+
protocols:
103+
type: string
104+
serverName:
105+
type: boolean
106+
sessionReuse:
107+
type: boolean
108+
sslName:
109+
type: string
110+
tlsSecret:
111+
type: string
112+
trustedCertSecret:
113+
type: string
114+
verifyDepth:
115+
type: integer
116+
verifyServer:
117+
type: boolean
118+
type: object
119+
ingressClassName:
120+
type: string
121+
ingressMTLS:
122+
description: IngressMTLS defines an Ingress MTLS policy.
123+
properties:
124+
clientCertSecret:
125+
type: string
126+
crlFileName:
127+
type: string
128+
verifyClient:
129+
type: string
130+
verifyDepth:
131+
type: integer
132+
type: object
133+
jwt:
134+
description: JWTAuth holds JWT authentication configuration.
135+
properties:
136+
jwksURI:
137+
type: string
138+
keyCache:
139+
type: string
140+
realm:
141+
type: string
142+
secret:
143+
type: string
144+
token:
145+
type: string
146+
type: object
147+
oidc:
148+
description: OIDC defines an Open ID Connect policy.
149+
properties:
150+
accessTokenEnable:
151+
type: boolean
152+
authEndpoint:
153+
type: string
154+
authExtraArgs:
155+
items:
156+
type: string
157+
type: array
158+
clientID:
159+
type: string
160+
clientSecret:
161+
type: string
162+
endSessionEndpoint:
163+
type: string
164+
jwksURI:
165+
type: string
166+
postLogoutRedirectURI:
167+
type: string
168+
redirectURI:
169+
type: string
170+
scope:
171+
type: string
172+
tokenEndpoint:
173+
type: string
174+
zoneSyncLeeway:
175+
type: integer
176+
type: object
177+
rateLimit:
178+
description: RateLimit defines a rate limit policy.
179+
properties:
180+
burst:
181+
type: integer
182+
condition:
183+
description: RateLimitCondition defines a condition for a rate
184+
limit policy.
185+
properties:
186+
default:
187+
description: sets the rate limit in this policy to be the
188+
default if no conditions are met. In a group of policies
189+
with the same JWT condition, only one policy can be the
190+
default.
191+
type: boolean
192+
jwt:
193+
description: defines a JWT condition to rate limit against.
194+
properties:
195+
claim:
196+
description: the JWT claim to be rate limit by. Nested
197+
claims should be separated by "."
198+
pattern: ^([^$\s"'])*$
199+
type: string
200+
match:
201+
description: the value of the claim to match against.
202+
pattern: ^([^$\s."'])*$
203+
type: string
204+
required:
205+
- claim
206+
- match
207+
type: object
208+
type: object
209+
delay:
210+
type: integer
211+
dryRun:
212+
type: boolean
213+
key:
214+
type: string
215+
logLevel:
216+
type: string
217+
noDelay:
218+
type: boolean
219+
rate:
220+
type: string
221+
rejectCode:
222+
type: integer
223+
scale:
224+
type: boolean
225+
zoneSize:
226+
type: string
227+
type: object
228+
waf:
229+
description: WAF defines an WAF policy.
230+
properties:
231+
apBundle:
232+
type: string
233+
apPolicy:
234+
type: string
235+
enable:
236+
type: boolean
237+
securityLog:
238+
description: SecurityLog defines the security log of a WAF policy.
239+
properties:
240+
apLogBundle:
241+
type: string
242+
apLogConf:
243+
type: string
244+
enable:
245+
type: boolean
246+
logDest:
247+
type: string
248+
type: object
249+
securityLogs:
250+
items:
251+
description: SecurityLog defines the security log of a WAF policy.
252+
properties:
253+
apLogBundle:
254+
type: string
255+
apLogConf:
256+
type: string
257+
enable:
258+
type: boolean
259+
logDest:
260+
type: string
261+
type: object
262+
type: array
263+
type: object
264+
type: object
265+
status:
266+
description: PolicyStatus is the status of the policy resource
267+
properties:
268+
message:
269+
type: string
270+
reason:
271+
type: string
272+
state:
273+
type: string
274+
type: object
275+
type: object
276+
served: true
277+
storage: true
278+
subresources:
279+
status: {}

0 commit comments

Comments
 (0)