diff --git a/go.mod b/go.mod index 961711e396..8debc511e6 100644 --- a/go.mod +++ b/go.mod @@ -26,7 +26,7 @@ require ( k8s.io/csi-translation-lib v0.27.0 k8s.io/klog/v2 v2.100.1 sigs.k8s.io/controller-runtime v0.14.6 - sigs.k8s.io/gateway-api v0.6.2 + sigs.k8s.io/gateway-api v0.7.1 sigs.k8s.io/sig-storage-lib-external-provisioner/v9 v9.0.2 ) @@ -86,7 +86,7 @@ require ( github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect - github.com/spf13/cobra v1.6.0 // indirect + github.com/spf13/cobra v1.6.1 // indirect github.com/stoewer/go-strcase v1.2.0 // indirect go.etcd.io/etcd/api/v3 v3.5.7 // indirect go.etcd.io/etcd/client/pkg/v3 v3.5.7 // indirect diff --git a/go.sum b/go.sum index 7d7a561562..70831f8a69 100644 --- a/go.sum +++ b/go.sum @@ -309,8 +309,8 @@ github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/soheilhy/cmux v0.1.5 h1:jjzc5WVemNEDTLwv9tlmemhC73tI08BNOIGwBOo10Js= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/cobra v1.6.0 h1:42a0n6jwCot1pUmomAp4T7DeMD+20LFv4Q54pxLf2LI= -github.com/spf13/cobra v1.6.0/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= +github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= +github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stoewer/go-strcase v1.2.0 h1:Z2iHWqGXH00XYgqDmNgQbIBxf3wrNq0F3feEy0ainaU= @@ -777,8 +777,8 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1 h1:MB1zkK+WMOmfLx sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.1.1/go.mod h1:/4NLd21PQY0B+H+X0aDZdwUiVXYJQl/2NXA5KVtDiP4= sigs.k8s.io/controller-runtime v0.14.6 h1:oxstGVvXGNnMvY7TAESYk+lzr6S3V5VFxQ6d92KcwQA= sigs.k8s.io/controller-runtime v0.14.6/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= -sigs.k8s.io/gateway-api v0.6.2 h1:583XHiX2M2bKEA0SAdkoxL1nY73W1+/M+IAm8LJvbEA= -sigs.k8s.io/gateway-api v0.6.2/go.mod h1:EYJT+jlPWTeNskjV0JTki/03WX1cyAnBhwBJfYHpV/0= +sigs.k8s.io/gateway-api v0.7.1 h1:Tts2jeepVkPA5rVG/iO+S43s9n7Vp7jCDhZDQYtPigQ= +sigs.k8s.io/gateway-api v0.7.1/go.mod h1:Xv0+ZMxX0lu1nSSDIIPEfbVztgNZ+3cfiYrJsa2Ooso= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/sig-storage-lib-external-provisioner/v9 v9.0.2 h1:Vabue8lDhHiI7mGPm+DH0F9o1Go8l4INE5xt12SuJfg= diff --git a/vendor/github.com/spf13/cobra/command.go b/vendor/github.com/spf13/cobra/command.go index 9d5e9cf5eb..6ff47dd5c3 100644 --- a/vendor/github.com/spf13/cobra/command.go +++ b/vendor/github.com/spf13/cobra/command.go @@ -998,6 +998,10 @@ func (c *Command) ExecuteC() (cmd *Command, err error) { // initialize completion at the last point to allow for user overriding c.InitDefaultCompletionCmd() + // Now that all commands have been created, let's make sure all groups + // are properly created also + c.checkCommandGroups() + args := c.args // Workaround FAIL with "go test -v" or "cobra.test -test.v", see #155 @@ -1092,6 +1096,19 @@ func (c *Command) ValidateRequiredFlags() error { return nil } +// checkCommandGroups checks if a command has been added to a group that does not exists. +// If so, we panic because it indicates a coding error that should be corrected. +func (c *Command) checkCommandGroups() { + for _, sub := range c.commands { + // if Group is not defined let the developer know right away + if sub.GroupID != "" && !c.ContainsGroup(sub.GroupID) { + panic(fmt.Sprintf("group id '%s' is not defined for subcommand '%s'", sub.GroupID, sub.CommandPath())) + } + + sub.checkCommandGroups() + } +} + // InitDefaultHelpFlag adds default help flag to c. // It is called automatically by executing the c or by calling help and usage. // If c already has help flag, it will do nothing. @@ -1218,10 +1235,6 @@ func (c *Command) AddCommand(cmds ...*Command) { panic("Command can't be a child of itself") } cmds[i].parent = c - // if Group is not defined let the developer know right away - if x.GroupID != "" && !c.ContainsGroup(x.GroupID) { - panic(fmt.Sprintf("Group id '%s' is not defined for subcommand '%s'", x.GroupID, cmds[i].CommandPath())) - } // update max lengths usageLen := len(x.Use) if usageLen > c.commandsMaxUseLen { diff --git a/vendor/github.com/spf13/cobra/user_guide.md b/vendor/github.com/spf13/cobra/user_guide.md index 977306aa8c..e55367e853 100644 --- a/vendor/github.com/spf13/cobra/user_guide.md +++ b/vendor/github.com/spf13/cobra/user_guide.md @@ -492,10 +492,11 @@ around it. In fact, you can provide your own if you want. ### Grouping commands in help -Cobra supports grouping of available commands. Groups must be explicitly defined by `AddGroup` and set by -the `GroupId` element of a subcommand. The groups will appear in the same order as they are defined. -If you use the generated `help` or `completion` commands, you can set the group ids by `SetHelpCommandGroupId` -and `SetCompletionCommandGroupId`, respectively. +Cobra supports grouping of available commands in the help output. To group commands, each group must be explicitly +defined using `AddGroup()` on the parent command. Then a subcommand can be added to a group using the `GroupID` element +of that subcommand. The groups will appear in the help output in the same order as they are defined using different +calls to `AddGroup()`. If you use the generated `help` or `completion` commands, you can set their group ids using +`SetHelpCommandGroupId()` and `SetCompletionCommandGroupId()` on the root command, respectively. ### Defining your own help diff --git a/vendor/modules.txt b/vendor/modules.txt index 415f64dc63..d2a7fa6fb1 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -280,7 +280,7 @@ github.com/prometheus/common/model github.com/prometheus/procfs github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util -# github.com/spf13/cobra v1.6.0 +# github.com/spf13/cobra v1.6.1 ## explicit; go 1.15 github.com/spf13/cobra # github.com/spf13/pflag v1.0.5 @@ -1405,8 +1405,8 @@ sigs.k8s.io/controller-runtime/pkg/client/fake sigs.k8s.io/controller-runtime/pkg/internal/field/selector sigs.k8s.io/controller-runtime/pkg/internal/objectutil sigs.k8s.io/controller-runtime/pkg/log -# sigs.k8s.io/gateway-api v0.6.2 -## explicit; go 1.18 +# sigs.k8s.io/gateway-api v0.7.1 +## explicit; go 1.19 sigs.k8s.io/gateway-api/apis/v1alpha2 sigs.k8s.io/gateway-api/apis/v1beta1 sigs.k8s.io/gateway-api/pkg/client/clientset/versioned diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go index 69d012d123..fe33b8ecd4 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/gatewayclass_types.go @@ -44,7 +44,7 @@ import ( // If implementations choose to propagate GatewayClass changes to existing // Gateways, that MUST be clearly documented by the implementation. // -// Whenever one or more Gateways are using a GatewayClass, implementations MUST +// Whenever one or more Gateways are using a GatewayClass, implementations SHOULD // add the `gateway-exists-finalizer.gateway.networking.k8s.io` finalizer on the // associated GatewayClass. This ensures that a GatewayClass associated with a // Gateway is not deleted while in use. diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/grpcroute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/grpcroute_types.go index dc5f558d99..f98a03aa3e 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/grpcroute_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/grpcroute_types.go @@ -18,6 +18,8 @@ package v1alpha2 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "sigs.k8s.io/gateway-api/apis/v1beta1" ) // +genclient @@ -149,7 +151,7 @@ type GRPCRouteSpec struct { Rules []GRPCRouteRule `json:"rules,omitempty"` } -// GRPCRouteRule defines the semantics for matching an gRPC request based on +// GRPCRouteRule defines the semantics for matching a gRPC request based on // conditions (matches), processing it (filters), and forwarding the request to // an API object (backendRefs). type GRPCRouteRule struct { @@ -205,7 +207,6 @@ type GRPCRouteRule struct { // // +optional // +kubebuilder:validation:MaxItems=8 - // +kubebuilder:default={{method: {type: "Exact"}}} Matches []GRPCRouteMatch `json:"matches,omitempty"` // Filters define the filters that are applied to requests that match @@ -286,7 +287,6 @@ type GRPCRouteMatch struct { // not specified, all services and methods will match. // // +optional - // +kubebuilder:default={type: "Exact"} Method *GRPCMethodMatch `json:"method,omitempty"` // Headers specifies gRPC request header matchers. Multiple match values are @@ -321,12 +321,8 @@ type GRPCMethodMatch struct { // // At least one of Service and Method MUST be a non-empty string. // - // A GRPC Service must be a valid Protobuf Type Name - // (https://protobuf.com/docs/language-spec#type-references). - // // +optional // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:Pattern=`^(?i)\.?[a-z_][a-z_0-9]*(\.[a-z_][a-z_0-9]*)*$` Service *string `json:"service,omitempty"` // Value of the method to match against. If left empty or omitted, will @@ -334,12 +330,8 @@ type GRPCMethodMatch struct { // // At least one of Service and Method MUST be a non-empty string. // - // A GRPC Method must be a valid Protobuf Method - // (https://protobuf.com/docs/language-spec#methods). - // // +optional // +kubebuilder:validation:MaxLength=1024 - // +kubebuilder:validation:Pattern=`^[A-Za-z_][A-Za-z_0-9]*$` Method *string `json:"method,omitempty"` } @@ -419,10 +411,7 @@ const ( GRPCHeaderMatchRegularExpression GRPCHeaderMatchType = "RegularExpression" ) -// +kubebuilder:validation:MinLength=1 -// +kubebuilder:validation:MaxLength=256 -// +kubebuilder:validation:Pattern=`^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$` -type GRPCHeaderName string +type GRPCHeaderName v1beta1.HeaderName // GRPCRouteFilterType identifies a type of GRPCRoute filter. type GRPCRouteFilterType string @@ -513,7 +502,6 @@ type GRPCRouteFilter struct { // Support: Extended // // +optional - // ResponseHeaderModifier *HTTPHeaderFilter `json:"responseHeaderModifier,omitempty"` // RequestMirror defines a schema for a filter that mirrors requests. @@ -562,6 +550,8 @@ type GRPCBackendRef struct { // // Support: Core for Kubernetes Service // + // Support: Extended for Kubernetes ServiceImport + // // Support: Implementation-specific for any other resource // // Support for weight: Core diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go index ac1e009cbb..8a32a075d8 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/httproute_types.go @@ -111,12 +111,8 @@ type HeaderMatchType = v1beta1.HeaderMatchType // headers are not currently supported by this type. // // * "/invalid" - "/" is an invalid character -// -// +kubebuilder:validation:MinLength=1 -// +kubebuilder:validation:MaxLength=256 -// +kubebuilder:validation:Pattern=`^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$` // +k8s:deepcopy-gen=false -type HTTPHeaderName = v1beta1.HTTPHeaderName +type HTTPHeaderName = v1beta1.HeaderName // HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request // headers. diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go index 80fdd522ce..f2798e597b 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/object_reference_types.go @@ -45,10 +45,10 @@ type SecretObjectReference = v1beta1.SecretObjectReference // specific to BackendRef. It includes a few additional fields and features // than a regular ObjectReference. // -// Note that when a namespace is specified, a ReferenceGrant object -// is required in the referent namespace to allow that namespace's -// owner to accept the reference. See the ReferenceGrant documentation -// for details. +// Note that when a namespace different than the local namespace is specified, a +// ReferenceGrant object is required in the referent namespace to allow that +// namespace's owner to accept the reference. See the ReferenceGrant +// documentation for details. // // The API object must be valid in the cluster; the Group and Kind must // be registered in the cluster for this reference to be valid. diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go index e759b5f454..bba8e95160 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/shared_types.go @@ -50,10 +50,10 @@ type PortNumber = v1beta1.PortNumber // BackendRef defines how a Route should forward a request to a Kubernetes // resource. // -// Note that when a namespace is specified, a ReferenceGrant object -// is required in the referent namespace to allow that namespace's -// owner to accept the reference. See the ReferenceGrant documentation -// for details. +// Note that when a namespace different than the local namespace is specified, a +// ReferenceGrant object is required in the referent namespace to allow that +// namespace's owner to accept the reference. See the ReferenceGrant +// documentation for details. // +k8s:deepcopy-gen=false type BackendRef = v1beta1.BackendRef diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go index f60677c1a7..fe927ab8d4 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tcproute_types.go @@ -68,6 +68,8 @@ type TCPRouteRule struct { // // Support: Core for Kubernetes Service // + // Support: Extended for Kubernetes ServiceImport + // // Support: Implementation-specific for any other resource // // Support for weight: Extended diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go index e5a4955354..afe34d82d6 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/tlsroute_types.go @@ -112,6 +112,8 @@ type TLSRouteRule struct { // // Support: Core for Kubernetes Service // + // Support: Extended for Kubernetes ServiceImport + // // Support: Implementation-specific for any other resource // // Support for weight: Extended diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go index eaa4f5c21a..9e3770c293 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1alpha2/udproute_types.go @@ -67,6 +67,9 @@ type UDPRouteRule struct { // the packets, then 80% of packets must be dropped instead. // // Support: Core for Kubernetes Service + // + // Support: Extended for Kubernetes ServiceImport + // // Support: Implementation-specific for any other resource // // Support for weight: Extended diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gateway_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gateway_types.go index 8f4d3ff70d..58c3598355 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gateway_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gateway_types.go @@ -41,7 +41,7 @@ type Gateway struct { // Status defines the current state of Gateway. // - // +kubebuilder:default={conditions: {{type: "Accepted", status: "Unknown", reason:"NotReconciled", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"}}} + // +kubebuilder:default={conditions: {{type: "Accepted", status: "Unknown", reason:"Pending", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"},{type: "Programmed", status: "Unknown", reason:"Pending", message:"Waiting for controller", lastTransitionTime: "1970-01-01T00:00:00Z"}}} Status GatewayStatus `json:"status,omitempty"` } @@ -488,6 +488,7 @@ type GatewayStatus struct { // Known condition types are: // // * "Accepted" + // * "Programmed" // * "Ready" // // +optional @@ -535,6 +536,8 @@ const ( // // * "Invalid" // * "Pending" + // * "NoResources" + // * "AddressNotAssigned" // // Possible reasons for this condition to be Unknown are: // @@ -549,9 +552,20 @@ const ( // true. GatewayReasonProgrammed GatewayConditionReason = "Programmed" - // This reason is used with the "Programmed" condition when the Listener is + // This reason is used with the "Programmed" and "Accepted" conditions when the Gateway is // syntactically or semantically invalid. GatewayReasonInvalid GatewayConditionReason = "Invalid" + + // This reason is used with the "Programmed" condition when the + // Gateway is not scheduled because insufficient infrastructure + // resources are available. + GatewayReasonNoResources GatewayConditionReason = "NoResources" + + // This reason is used with the "Programmed" condition when none of the requested + // addresses have been assigned to the Gateway. This reason can be used to + // express a range of circumstances, including (but not limited to) IPAM + // address exhaustion, address not yet allocated, or a named address not being found. + GatewayReasonAddressNotAssigned GatewayConditionReason = "AddressNotAssigned" ) const ( @@ -563,11 +577,14 @@ const ( // Possible reasons for this condition to be True are: // // * "Accepted" + // * "ListenersNotValid" // // Possible reasons for this condition to be False are: // + // * "Invalid" // * "NotReconciled" - // * "NoResources" + // * "UnsupportedAddress" + // * "ListenersNotValid" // // Possible reasons for this condition to be Unknown are: // @@ -578,76 +595,65 @@ const ( // interoperability. GatewayConditionAccepted GatewayConditionType = "Accepted" - // Deprecated: use "Accepted" instead. - GatewayConditionScheduled GatewayConditionType = "Scheduled" - // This reason is used with the "Accepted" condition when the condition is // True. GatewayReasonAccepted GatewayConditionReason = "Accepted" + // This reason is used with the "Accepted" condition when one or + // more Listeners have an invalid or unsupported configuration + // and cannot be configured on the Gateway. + // This can be the reason when "Accepted" is "True" or "False", depending on whether + // the listener being invalid causes the entire Gateway to not be accepted. + GatewayReasonListenersNotValid GatewayConditionReason = "ListenersNotValid" + + // This reason is used with the "Accepted" and "Programmed" + // conditions when the status is "Unknown" and no controller has reconciled + // the Gateway. + GatewayReasonPending GatewayConditionReason = "Pending" + + // This reason is used with the "Accepted" condition when the Gateway could not be configured + // because the requested address is not supported. This reason could be used in a number of + // instances, including: + // + // * The address is already in use. + // * The type of address is not supported by the implementation. + GatewaReasonUnsupportedAddress GatewayConditionReason = "UnsupportedAddress" +) + +const ( + // Deprecated: use "Accepted" instead. + GatewayConditionScheduled GatewayConditionType = "Scheduled" + // This reason is used with the "Scheduled" condition when the condition is // True. // // Deprecated: use the "Accepted" condition with reason "Accepted" instead. GatewayReasonScheduled GatewayConditionReason = "Scheduled" - // This reason is used with the "Accepted", "Programmed" and "Ready" - // conditions when the status is "Unknown" and no controller has reconciled - // the Gateway. - GatewayReasonPending GatewayConditionReason = "Pending" - // Deprecated: Use "Pending" instead. GatewayReasonNotReconciled GatewayConditionReason = "NotReconciled" - - // This reason is used with the "Accepted" condition when the - // Gateway is not scheduled because insufficient infrastructure - // resources are available. - GatewayReasonNoResources GatewayConditionReason = "NoResources" ) const ( - // Ready is an optional Condition that has Extended support. When it's set, - // the condition indicates whether the Gateway has been completely configured - // and traffic is ready to flow through the data plane immediately. + // "Ready" is a condition type reserved for future use. It should not be used by implementations. // - // If both the "ListenersNotValid" and "ListenersNotReady" - // reasons are true, the Gateway controller should prefer the - // "ListenersNotValid" reason. + // If used in the future, "Ready" will represent the final state where all configuration is confirmed good + // _and has completely propagated to the data plane_. That is, it is a _guarantee_ that, as soon as something + // sees the Condition as `true`, then connections will be correctly routed _immediately_. // - // Possible reasons for this condition to be true are: + // This is a very strong guarantee, and to date no implementation has satisfied it enough to implement it. + // This reservation can be discussed in the future if necessary. // - // * "Ready" - // - // Possible reasons for this condition to be False are: - // - // * "ListenersNotValid" - // * "ListenersNotReady" - // * "AddressNotAssigned" - // - // Controllers may raise this condition with other reasons, - // but should prefer to use the reasons listed above to improve - // interoperability. + // Note: This condition is not really "deprecated", but rather "reserved"; however, deprecated triggers Go linters + // to alert about usage. + // Deprecated: Ready is reserved for future use GatewayConditionReady GatewayConditionType = "Ready" - // This reason is used with the "Ready" condition when the condition is - // true. + // Deprecated: Ready is reserved for future use GatewayReasonReady GatewayConditionReason = "Ready" - // This reason is used with the "Ready" condition when one or - // more Listeners have an invalid or unsupported configuration - // and cannot be configured on the Gateway. - GatewayReasonListenersNotValid GatewayConditionReason = "ListenersNotValid" - - // This reason is used with the "Ready" condition when one or - // more Listeners are not ready to serve traffic. + // Deprecated: Ready is reserved for future use GatewayReasonListenersNotReady GatewayConditionReason = "ListenersNotReady" - - // This reason is used with the "Ready" condition when none of the requested - // addresses have been assigned to the Gateway. This reason can be used to - // express a range of circumstances, including (but not limited to) IPAM - // address exhaustion, invalid or unsupported address requests, or a named - // address not being found. - GatewayReasonAddressNotAssigned GatewayConditionReason = "AddressNotAssigned" ) // ListenerStatus is the status associated with a Listener. @@ -668,7 +674,7 @@ type ListenerStatus struct { // +kubebuilder:validation:MaxItems=8 SupportedKinds []RouteGroupKind `json:"supportedKinds"` - // AttachedRoutes represents the total number of Routes that have been + // AttachedRoutes represents the total number of accepted Routes that have been // successfully attached to this Listener. AttachedRoutes int32 `json:"attachedRoutes"` @@ -744,7 +750,6 @@ const ( // // * "PortUnavailable" // * "UnsupportedProtocol" - // * "UnsupportedAddress" // // Possible reasons for this condition to be Unknown are: // @@ -780,14 +785,6 @@ const ( // Listener could not be attached to be Gateway because its // protocol type is not supported. ListenerReasonUnsupportedProtocol ListenerConditionReason = "UnsupportedProtocol" - - // This reason is used with the "Accepted" condition when the Listener could - // not be attached to the Gateway because the requested address is not - // supported. This reason could be used in a number of instances, including: - // - // * The address is already in use. - // * The type of address is not supported by the implementation. - ListenerReasonUnsupportedAddress ListenerConditionReason = "UnsupportedAddress" ) const ( @@ -869,34 +866,6 @@ const ( // This reason is used with the "Programmed" condition when the condition is // true. ListenerReasonProgrammed ListenerConditionReason = "Programmed" -) - -const ( - // Ready is an optional Condition that has Extended support. When it's set, - // the condition indicates whether the Listener has been configured on the - // Gateway and traffic is ready to flow through the data plane immediately. - // - // Possible reasons for this condition to be True are: - // - // * "Ready" - // - // Possible reasons for this condition to be False are: - // - // * "Invalid" - // * "Pending" - // - // Possible reasons for this condition to be Unknown are: - // - // * "Pending" - // - // Controllers may raise this condition with other reasons, - // but should prefer to use the reasons listed above to improve - // interoperability. - ListenerConditionReady ListenerConditionType = "Ready" - - // This reason is used with the "Ready" condition when the condition is - // true. - ListenerReasonReady ListenerConditionReason = "Ready" // This reason is used with the "Ready" and "Programmed" conditions when the // Listener is syntactically or semantically invalid. @@ -907,3 +876,22 @@ const ( // online and ready to accept client traffic. ListenerReasonPending ListenerConditionReason = "Pending" ) + +const ( + // "Ready" is a condition type reserved for future use. It should not be used by implementations. + // Note: This condition is not really "deprecated", but rather "reserved"; however, deprecated triggers Go linters + // to alert about usage. + // + // If used in the future, "Ready" will represent the final state where all configuration is confirmed good + // _and has completely propagated to the data plane_. That is, it is a _guarantee_ that, as soon as something + // sees the Condition as `true`, then connections will be correctly routed _immediately_. + // + // This is a very strong guarantee, and to date no implementation has satisfied it enough to implement it. + // This reservation can be discussed in the future if necessary. + // + // Deprecated: Ready is reserved for future use + ListenerConditionReady ListenerConditionType = "Ready" + + // Deprecated: Ready is reserved for future use + ListenerReasonReady ListenerConditionReason = "Ready" +) diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gatewayclass_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gatewayclass_types.go index 9507e5a529..f20487bfa5 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gatewayclass_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/gatewayclass_types.go @@ -42,7 +42,7 @@ import ( // If implementations choose to propagate GatewayClass changes to existing // Gateways, that MUST be clearly documented by the implementation. // -// Whenever one or more Gateways are using a GatewayClass, implementations MUST +// Whenever one or more Gateways are using a GatewayClass, implementations SHOULD // add the `gateway-exists-finalizer.gateway.networking.k8s.io` finalizer on the // associated GatewayClass. This ensures that a GatewayClass associated with a // Gateway is not deleted while in use. diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/httproute_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/httproute_types.go index 1dc7e2ede0..77b480a71b 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/httproute_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/httproute_types.go @@ -56,9 +56,13 @@ type HTTPRouteList struct { type HTTPRouteSpec struct { CommonRouteSpec `json:",inline"` - // Hostnames defines a set of hostname that should match against the HTTP - // Host header to select a HTTPRoute to process the request. This matches - // the RFC 1123 definition of a hostname with 2 notable exceptions: + // Hostnames defines a set of hostname that should match against the HTTP Host + // header to select a HTTPRoute used to process the request. Implementations + // MUST ignore any port value specified in the HTTP Host header while + // performing a match. + // + // Valid values for Hostnames are determined by RFC 1123 definition of a + // hostname with 2 notable exceptions: // // 1. IPs are not allowed. // 2. A hostname may be prefixed with a wildcard label (`*.`). The wildcard @@ -154,11 +158,15 @@ type HTTPRouteRule struct { // Proxy or Load Balancer routing configuration generated from HTTPRoutes // MUST prioritize matches based on the following criteria, continuing on // ties. Across all rules specified on applicable Routes, precedence must be - // given to the match with the largest number of: + // given to the match having: + // + // * "Exact" path match. + // * "Prefix" path match with largest number of characters. + // * Method match. + // * Largest number of header matches. + // * Largest number of query param matches. // - // * Characters in a matching path. - // * Header matches. - // * Query param matches. + // Note: The precedence of RegularExpression path matches are implementation-specific. // // If ties still exist across multiple Routes, matching precedence MUST be // determined in order of the following criteria, continuing on ties: @@ -232,6 +240,8 @@ type HTTPRouteRule struct { // // Support: Core for Kubernetes Service // + // Support: Extended for Kubernetes ServiceImport + // // Support: Implementation-specific for any other resource // // Support for weight: Core @@ -264,7 +274,9 @@ type HTTPRouteRule struct { type PathMatchType string const ( - // Matches the URL path exactly and with case sensitivity. + // Matches the URL path exactly and with case sensitivity. This means that + // an exact path match on `/abc` will only match requests to `/abc`, NOT + // `/abc/`, `/Abc`, or `/abcd`. PathMatchExact PathMatchType = "Exact" // Matches based on a URL path prefix split by `/`. Matching is @@ -343,12 +355,8 @@ const ( // // - ":method" - ":" is an invalid character. This means that HTTP/2 pseudo // headers are not currently supported by this type. -// - "/invalid" - "/" is an invalid character -// -// +kubebuilder:validation:MinLength=1 -// +kubebuilder:validation:MaxLength=256 -// +kubebuilder:validation:Pattern=`^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$` -type HTTPHeaderName string +// - "/invalid" - "/ " is an invalid character +type HTTPHeaderName HeaderName // HTTPHeaderMatch describes how to select a HTTP route by matching HTTP request // headers. @@ -449,10 +457,7 @@ type HTTPQueryParamMatch struct { // // Users SHOULD NOT route traffic based on repeated query params to guard // themselves against potential differences in the implementations. - // - // +kubebuilder:validation:MinLength=1 - // +kubebuilder:validation:MaxLength=256 - Name string `json:"name"` + Name HTTPHeaderName `json:"name"` // Value is the value of HTTP query param to be matched. // @@ -587,8 +592,7 @@ type HTTPRouteFilter struct { // Reason of `UnsupportedValue`. // // +unionDiscriminator - // +kubebuilder:validation:Enum=RequestHeaderModifier;RequestMirror;RequestRedirect;ExtensionRef - // + // +kubebuilder:validation:Enum=RequestHeaderModifier;ResponseHeaderModifier;RequestMirror;RequestRedirect;URLRewrite;ExtensionRef Type HTTPRouteFilterType `json:"type"` // RequestHeaderModifier defines a schema for a filter that modifies request @@ -605,7 +609,6 @@ type HTTPRouteFilter struct { // Support: Extended // // +optional - // ResponseHeaderModifier *HTTPHeaderFilter `json:"responseHeaderModifier,omitempty"` // RequestMirror defines a schema for a filter that mirrors requests. @@ -629,7 +632,6 @@ type HTTPRouteFilter struct { // // Support: Extended // - // // +optional URLRewrite *HTTPURLRewriteFilter `json:"urlRewrite,omitempty"` @@ -662,7 +664,6 @@ const ( // Support in HTTPRouteRule: Extended // // Support in HTTPBackendRef: Extended - // HTTPRouteFilterResponseHeaderModifier HTTPRouteFilterType = "ResponseHeaderModifier" // HTTPRouteFilterRequestRedirect can be used to redirect a request to @@ -683,8 +684,6 @@ const ( // Support in HTTPRouteRule: Extended // // Support in HTTPBackendRef: Extended - // - // HTTPRouteFilterURLRewrite HTTPRouteFilterType = "URLRewrite" // HTTPRouteFilterRequestMirror can be used to mirror HTTP requests to a @@ -821,7 +820,6 @@ const ( ) // HTTPPathModifier defines configuration for path modifiers. -// type HTTPPathModifier struct { // Type defines the type of path modifier. Additional types may be // added in a future release of the API. @@ -833,14 +831,12 @@ type HTTPPathModifier struct { // Accepted Condition for the Route to `status: False`, with a // Reason of `UnsupportedValue`. // - // // +kubebuilder:validation:Enum=ReplaceFullPath;ReplacePrefixMatch Type HTTPPathModifierType `json:"type"` // ReplaceFullPath specifies the value with which to replace the full path // of a request during a rewrite or redirect. // - // // +kubebuilder:validation:MaxLength=1024 // +optional ReplaceFullPath *string `json:"replaceFullPath,omitempty"` @@ -855,7 +851,6 @@ type HTTPPathModifier struct { // ignored. For example, the paths `/abc`, `/abc/`, and `/abc/def` would all // match the prefix `/abc`, but the path `/abcd` would not. // - // // +kubebuilder:validation:MaxLength=1024 // +optional ReplacePrefixMatch *string `json:"replacePrefixMatch,omitempty"` @@ -867,6 +862,9 @@ type HTTPRequestRedirectFilter struct { // Scheme is the scheme to be used in the value of the `Location` header in // the response. When empty, the scheme of the request is used. // + // Scheme redirects can affect the port of the redirect, for more information, + // refer to the documentation for the port field of this filter. + // // Note that values may be added to this enum, implementations // must ensure that unknown values will not cause a crash. // @@ -882,7 +880,7 @@ type HTTPRequestRedirectFilter struct { // Hostname is the hostname to be used in the value of the `Location` // header in the response. - // When empty, the hostname of the request is used. + // When empty, the hostname in the `Host` header of the request is used. // // Support: Core // @@ -895,13 +893,29 @@ type HTTPRequestRedirectFilter struct { // // Support: Extended // - // // +optional Path *HTTPPathModifier `json:"path,omitempty"` // Port is the port to be used in the value of the `Location` // header in the response. - // When empty, port (if specified) of the request is used. + // + // If no port is specified, the redirect port MUST be derived using the + // following rules: + // + // * If redirect scheme is not-empty, the redirect port MUST be the well-known + // port associated with the redirect scheme. Specifically "http" to port 80 + // and "https" to port 443. If the redirect scheme does not have a + // well-known port, the listener port of the Gateway SHOULD be used. + // * If redirect scheme is empty, the redirect port MUST be the Gateway + // Listener port. + // + // Implementations SHOULD NOT add the port number in the 'Location' + // header in the following cases: + // + // * A Location header that will use HTTP (whether that is determined via + // the Listener protocol or the Scheme field) _and_ use port 80. + // * A Location header that will use HTTPS (whether that is determined via + // the Listener protocol or the Scheme field) _and_ use port 443. // // Support: Extended // @@ -930,15 +944,12 @@ type HTTPRequestRedirectFilter struct { // MUST NOT be used on the same Route rule as a HTTPRequestRedirect filter. // // Support: Extended -// -// type HTTPURLRewriteFilter struct { // Hostname is the value to be used to replace the Host header value during // forwarding. // // Support: Extended // - // // +optional Hostname *PreciseHostname `json:"hostname,omitempty"` @@ -946,7 +957,6 @@ type HTTPURLRewriteFilter struct { // // Support: Extended // - // // +optional Path *HTTPPathModifier `json:"path,omitempty"` } diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/object_reference_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/object_reference_types.go index f631e1ec70..229b27f38f 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/object_reference_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/object_reference_types.go @@ -53,7 +53,7 @@ type SecretObjectReference struct { // +kubebuilder:default="" Group *Group `json:"group"` - // Kind is kind of the referent. For example "HTTPRoute" or "Service". + // Kind is kind of the referent. For example "Secret". // // +optional // +kubebuilder:default=Secret @@ -65,10 +65,10 @@ type SecretObjectReference struct { // Namespace is the namespace of the backend. When unspecified, the local // namespace is inferred. // - // Note that when a namespace is specified, a ReferenceGrant object - // is required in the referent namespace to allow that namespace's - // owner to accept the reference. See the ReferenceGrant documentation - // for details. + // Note that when a namespace different than the local namespace is specified, + // a ReferenceGrant object is required in the referent namespace to allow that + // namespace's owner to accept the reference. See the ReferenceGrant + // documentation for details. // // Support: Core // @@ -80,10 +80,10 @@ type SecretObjectReference struct { // specific to BackendRef. It includes a few additional fields and features // than a regular ObjectReference. // -// Note that when a namespace is specified, a ReferenceGrant object -// is required in the referent namespace to allow that namespace's -// owner to accept the reference. See the ReferenceGrant documentation -// for details. +// Note that when a namespace different than the local namespace is specified, a +// ReferenceGrant object is required in the referent namespace to allow that +// namespace's owner to accept the reference. See the ReferenceGrant +// documentation for details. // // The API object must be valid in the cluster; the Group and Kind must // be registered in the cluster for this reference to be valid. @@ -99,9 +99,21 @@ type BackendObjectReference struct { // +kubebuilder:default="" Group *Group `json:"group,omitempty"` - // Kind is kind of the referent. For example "HTTPRoute" or "Service". + // Kind is the Kubernetes resource kind of the referent. For example + // "Service". + // // Defaults to "Service" when not specified. // + // ExternalName services can refer to CNAME DNS records that may live + // outside of the cluster and as such are difficult to reason about in + // terms of conformance. They also may not be safe to forward to (see + // CVE-2021-25740 for more information). Implementations SHOULD NOT + // support ExternalName Services. + // + // Support: Core (Services with a type other than ExternalName) + // + // Support: Implementation-specific (Services with type ExternalName) + // // +optional // +kubebuilder:default=Service Kind *Kind `json:"kind,omitempty"` @@ -112,10 +124,10 @@ type BackendObjectReference struct { // Namespace is the namespace of the backend. When unspecified, the local // namespace is inferred. // - // Note that when a namespace is specified, a ReferenceGrant object - // is required in the referent namespace to allow that namespace's - // owner to accept the reference. See the ReferenceGrant documentation - // for details. + // Note that when a namespace different than the local namespace is specified, + // a ReferenceGrant object is required in the referent namespace to allow that + // namespace's owner to accept the reference. See the ReferenceGrant + // documentation for details. // // Support: Core // diff --git a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/shared_types.go b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/shared_types.go index 2cd09f0832..7540cff627 100644 --- a/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/shared_types.go +++ b/vendor/sigs.k8s.io/gateway-api/apis/v1beta1/shared_types.go @@ -166,10 +166,10 @@ type PortNumber int32 // BackendRef defines how a Route should forward a request to a Kubernetes // resource. // -// Note that when a namespace is specified, a ReferenceGrant object -// is required in the referent namespace to allow that namespace's -// owner to accept the reference. See the ReferenceGrant documentation -// for details. +// Note that when a namespace different than the local namespace is specified, a +// ReferenceGrant object is required in the referent namespace to allow that +// namespace's owner to accept the reference. See the ReferenceGrant +// documentation for details. type BackendRef struct { // BackendObjectReference references a Kubernetes object. BackendObjectReference `json:",inline"` @@ -546,6 +546,14 @@ type AnnotationValue string // +kubebuilder:validation:Pattern=`^Hostname|IPAddress|NamedAddress|[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$` type AddressType string +// HeaderName is the name of a header or query parameter. +// +// +kubebuilder:validation:MinLength=1 +// +kubebuilder:validation:MaxLength=256 +// +kubebuilder:validation:Pattern=`^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$` +// +k8s:deepcopy-gen=false +type HeaderName string + const ( // A textual representation of a numeric IP address. IPv4 // addresses must be in dotted-decimal form. IPv6 addresses