Skip to content

Commit

Permalink
TEMP: pull in ReferencePolicies YAML directly
Browse files Browse the repository at this point in the history 
Signed-off-by: Steve Kriss <krisss@vmware.com>
  • Loading branch information
@skriss
skriss committed Jun 15, 2022
1 parent 6ea4cdb commit 80ce8ce
Show file tree
Hide file tree
Showing 4 changed files with 455 additions and 0 deletions.
2 changes: 2 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,8 @@ generate-crd-yaml:
generate-gateway-yaml:
@echo "Generating Gateway API CRD YAML documents..."
@kubectl kustomize -o examples/gateway/00-crds.yaml "github.com/kubernetes-sigs/gateway-api/config/crd/experimental?ref=${GATEWAY_API_VERSION}"
@echo "---" >> examples/gateway/00-crds.yaml
@curl -s https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${GATEWAY_API_VERSION}/config/crd/experimental/gateway.networking.k8s.io_referencepolicies.yaml >> examples/gateway/00-crds.yaml
@echo "Generating Gateway API webhook documents..."
@curl -s -o examples/gateway/01-admission_webhook.yaml https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${GATEWAY_API_VERSION}/config/webhook/admission_webhook.yaml
@curl -s -o examples/gateway/02-certificate_config.yaml https://raw.githubusercontent.com/kubernetes-sigs/gateway-api/${GATEWAY_API_VERSION}/config/webhook/certificate_config.yaml
Expand Down
151 changes: 151 additions & 0 deletions examples/gateway/00-crds.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6610,3 +6610,154 @@ status:
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1086
gateway.networking.k8s.io/bundle-version: v0.5.0-rc1
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: referencepolicies.gateway.networking.k8s.io
spec:
group: gateway.networking.k8s.io
names:
categories:
- gateway-api
kind: ReferencePolicy
listKind: ReferencePolicyList
plural: referencepolicies
shortNames:
- refpol
singular: referencepolicy
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
deprecated: true
deprecationWarning: ReferencePolicy has been renamed to ReferenceGrant. ReferencePolicy
will be removed in v0.6.0 in favor of the identical ReferenceGrant resource.
name: v1alpha2
schema:
openAPIV3Schema:
description: "ReferencePolicy identifies kinds of resources in other namespaces
that are trusted to reference the specified kinds of resources in the same
namespace as the policy. \n Note: This resource has been renamed to ReferenceGrant.
ReferencePolicy will be removed in v0.6.0 in favor of the identical ReferenceGrant
resource. \n Each ReferencePolicy can be used to represent a unique trust
relationship. Additional Reference Policies can be used to add to the set
of trusted sources of inbound references for the namespace they are defined
within. \n All cross-namespace references in Gateway API (with the exception
of cross-namespace Gateway-route attachment) require a ReferenceGrant. \n
Support: Core"
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec defines the desired state of ReferencePolicy.
properties:
from:
description: "From describes the trusted namespaces and kinds that
can reference the resources described in \"To\". Each entry in this
list must be considered to be an additional place that references
can be valid from, or to put this another way, entries must be combined
using OR. \n Support: Core"
items:
description: ReferenceGrantFrom describes trusted namespaces and
kinds.
properties:
group:
description: "Group is the group of the referent. When empty,
the Kubernetes core API group is inferred. \n Support: Core"
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: "Kind is the kind of the referent. Although implementations
may support additional resources, the following Route types
are part of the \"Core\" support level for this field: \n
* HTTPRoute * TCPRoute * TLSRoute * UDPRoute"
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
namespace:
description: "Namespace is the namespace of the referent. \n
Support: Core"
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- group
- kind
- namespace
type: object
maxItems: 16
minItems: 1
type: array
to:
description: "To describes the resources that may be referenced by
the resources described in \"From\". Each entry in this list must
be considered to be an additional place that references can be valid
to, or to put this another way, entries must be combined using OR.
\n Support: Core"
items:
description: ReferenceGrantTo describes what Kinds are allowed as
targets of the references.
properties:
group:
description: "Group is the group of the referent. When empty,
the Kubernetes core API group is inferred. \n Support: Core"
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: "Kind is the kind of the referent. Although implementations
may support additional resources, the following types are
part of the \"Core\" support level for this field: \n * Service"
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
name:
description: Name is the name of the referent. When unspecified,
this policy refers to all resources of the specified Group
and Kind in the local namespace.
maxLength: 253
minLength: 1
type: string
required:
- group
- kind
type: object
maxItems: 16
minItems: 1
type: array
required:
- from
- to
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
151 changes: 151 additions & 0 deletions examples/render/contour-gateway-provisioner.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11139,6 +11139,157 @@ status:
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1086
gateway.networking.k8s.io/bundle-version: v0.5.0-rc1
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: referencepolicies.gateway.networking.k8s.io
spec:
group: gateway.networking.k8s.io
names:
categories:
- gateway-api
kind: ReferencePolicy
listKind: ReferencePolicyList
plural: referencepolicies
shortNames:
- refpol
singular: referencepolicy
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
deprecated: true
deprecationWarning: ReferencePolicy has been renamed to ReferenceGrant. ReferencePolicy
will be removed in v0.6.0 in favor of the identical ReferenceGrant resource.
name: v1alpha2
schema:
openAPIV3Schema:
description: "ReferencePolicy identifies kinds of resources in other namespaces
that are trusted to reference the specified kinds of resources in the same
namespace as the policy. \n Note: This resource has been renamed to ReferenceGrant.
ReferencePolicy will be removed in v0.6.0 in favor of the identical ReferenceGrant
resource. \n Each ReferencePolicy can be used to represent a unique trust
relationship. Additional Reference Policies can be used to add to the set
of trusted sources of inbound references for the namespace they are defined
within. \n All cross-namespace references in Gateway API (with the exception
of cross-namespace Gateway-route attachment) require a ReferenceGrant. \n
Support: Core"
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec defines the desired state of ReferencePolicy.
properties:
from:
description: "From describes the trusted namespaces and kinds that
can reference the resources described in \"To\". Each entry in this
list must be considered to be an additional place that references
can be valid from, or to put this another way, entries must be combined
using OR. \n Support: Core"
items:
description: ReferenceGrantFrom describes trusted namespaces and
kinds.
properties:
group:
description: "Group is the group of the referent. When empty,
the Kubernetes core API group is inferred. \n Support: Core"
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: "Kind is the kind of the referent. Although implementations
may support additional resources, the following Route types
are part of the \"Core\" support level for this field: \n
* HTTPRoute * TCPRoute * TLSRoute * UDPRoute"
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
namespace:
description: "Namespace is the namespace of the referent. \n
Support: Core"
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- group
- kind
- namespace
type: object
maxItems: 16
minItems: 1
type: array
to:
description: "To describes the resources that may be referenced by
the resources described in \"From\". Each entry in this list must
be considered to be an additional place that references can be valid
to, or to put this another way, entries must be combined using OR.
\n Support: Core"
items:
description: ReferenceGrantTo describes what Kinds are allowed as
targets of the references.
properties:
group:
description: "Group is the group of the referent. When empty,
the Kubernetes core API group is inferred. \n Support: Core"
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: "Kind is the kind of the referent. Although implementations
may support additional resources, the following types are
part of the \"Core\" support level for this field: \n * Service"
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
name:
description: Name is the name of the referent. When unspecified,
this policy refers to all resources of the specified Group
and Kind in the local namespace.
maxLength: 253
minLength: 1
type: string
required:
- group
- kind
type: object
maxItems: 16
minItems: 1
type: array
required:
- from
- to
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

---
apiVersion: v1
Expand Down
Loading

0 comments on commit 80ce8ce

Please sign in to comment.