From 129e6fbec38b8bb14f363b21b1652b03f6c5e557 Mon Sep 17 00:00:00 2001 From: hongming Date: Tue, 31 Jan 2023 15:23:12 +0800 Subject: [PATCH] chore: Generating CRDs supports multiple versions (#5497) Generating CRDs supports multiple versions --- Makefile | 2 +- config/crds/app_v1beta1_application.yaml | 532 ---- .../devops.kubesphere.io_devopsprojects.yaml | 52 - .../crds/devops.kubesphere.io_pipelines.yaml | 300 --- .../devops.kubesphere.io_s2ibinaries.yaml | 81 - .../devops.kubesphere.io_s2ibuilders.yaml | 475 ---- ...ops.kubesphere.io_s2ibuildertemplates.yaml | 130 - config/crds/devops.kubesphere.io_s2iruns.yaml | 164 -- .../crds/gateway.kubesphere.io_nginxes.yaml | 44 - ...icemesh.kubesphere.io_servicepolicies.yaml | 1251 ---------- .../servicemesh.kubesphere.io_strategies.yaml | 911 ------- ....kubesphere.io_storageclasseraccessor.yaml | 180 -- config/ks-core/crds/.gitkeep | 0 ...rting.kubesphere.io_clusterrulegroups.yaml | 13 +- ...erting.kubesphere.io_globalrulegroups.yaml | 13 +- .../alerting.kubesphere.io_rulegroups.yaml | 9 +- .../ks-core/crds/app_v1beta1_application.yaml | 532 ++++ ...cation.kubesphere.io_helmapplications.yaml | 9 +- ...kubesphere.io_helmapplicationversions.yaml | 9 +- ...lication.kubesphere.io_helmcategories.yaml | 9 +- ...pplication.kubesphere.io_helmreleases.yaml | 9 +- .../application.kubesphere.io_helmrepos.yaml | 9 +- .../crds/cluster.kubesphere.io_clusters.yaml | 17 +- .../crds/gateway.kubesphere.io_gateways.yaml | 9 +- ...m.kubesphere.io_federatedrolebindings.yaml | 11 +- .../iam.kubesphere.io_federatedroles.yaml | 9 +- .../iam.kubesphere.io_federatedusers.yaml | 9 +- .../iam.kubesphere.io_globalrolebindings.yaml | 11 +- .../crds/iam.kubesphere.io_globalroles.yaml | 9 +- .../crds/iam.kubesphere.io_groupbindings.yaml | 9 +- .../crds/iam.kubesphere.io_groups.yaml | 9 +- .../crds/iam.kubesphere.io_loginrecords.yaml | 9 +- .../crds/iam.kubesphere.io_rolebases.yaml | 9 +- .../crds/iam.kubesphere.io_users.yaml | 9 +- ...m.kubesphere.io_workspacerolebindings.yaml | 11 +- .../iam.kubesphere.io_workspaceroles.yaml | 9 +- .../network.kubesphere.io_ipamblocks.yaml | 9 +- .../network.kubesphere.io_ipamhandles.yaml | 9 +- .../crds/network.kubesphere.io_ippools.yaml | 9 +- ...ubesphere.io_namespacenetworkpolicies.yaml | 9 +- .../quota.kubesphere.io_resourcequotas.yaml | 10 +- ...icemesh.kubesphere.io_servicepolicies.yaml | 2200 +++++++++++++++++ .../servicemesh.kubesphere.io_strategies.yaml | 1268 ++++++++++ ...kubesphere.io_provisionercapabilities.yaml | 9 +- ...ubesphere.io_storageclasscapabilities.yaml | 9 +- .../crds/tenant.kubesphere.io_workspaces.yaml | 9 +- ...nant.kubesphere.io_workspacetemplates.yaml | 10 +- hack/generate_manifests.sh | 19 +- .../application/application_suit_test.go | 2 +- pkg/controller/helm/helm_controller_test.go | 2 +- .../namespace_controller_suite_test.go | 2 +- .../helm_application_controller_suite_test.go | 2 +- .../helm_category_controller_suite_test.go | 2 +- .../helm_repo_controller_suite_test.go | 2 +- .../workspace_controller_suite_test.go | 2 +- .../workspacerole_controller_suite_test.go | 2 +- ...kspacerolebinding_controller_suite_test.go | 2 +- .../v1alpha3/application/applications_test.go | 2 +- 58 files changed, 4061 insertions(+), 4403 deletions(-) delete mode 100644 config/crds/app_v1beta1_application.yaml delete mode 100644 config/crds/devops.kubesphere.io_devopsprojects.yaml delete mode 100644 config/crds/devops.kubesphere.io_pipelines.yaml delete mode 100644 config/crds/devops.kubesphere.io_s2ibinaries.yaml delete mode 100644 config/crds/devops.kubesphere.io_s2ibuilders.yaml delete mode 100644 config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml delete mode 100644 config/crds/devops.kubesphere.io_s2iruns.yaml delete mode 100644 config/crds/gateway.kubesphere.io_nginxes.yaml delete mode 100644 config/crds/servicemesh.kubesphere.io_servicepolicies.yaml delete mode 100644 config/crds/servicemesh.kubesphere.io_strategies.yaml delete mode 100644 config/crds/storage.kubesphere.io_storageclasseraccessor.yaml delete mode 100644 config/ks-core/crds/.gitkeep rename config/{ => ks-core}/crds/alerting.kubesphere.io_clusterrulegroups.yaml (98%) rename config/{ => ks-core}/crds/alerting.kubesphere.io_globalrulegroups.yaml (98%) rename config/{ => ks-core}/crds/alerting.kubesphere.io_rulegroups.yaml (97%) create mode 100644 config/ks-core/crds/app_v1beta1_application.yaml rename config/{ => ks-core}/crds/application.kubesphere.io_helmapplications.yaml (96%) rename config/{ => ks-core}/crds/application.kubesphere.io_helmapplicationversions.yaml (98%) rename config/{ => ks-core}/crds/application.kubesphere.io_helmcategories.yaml (94%) rename config/{ => ks-core}/crds/application.kubesphere.io_helmreleases.yaml (97%) rename config/{ => ks-core}/crds/application.kubesphere.io_helmrepos.yaml (97%) rename config/{ => ks-core}/crds/cluster.kubesphere.io_clusters.yaml (96%) rename config/{ => ks-core}/crds/gateway.kubesphere.io_gateways.yaml (97%) rename config/{ => ks-core}/crds/iam.kubesphere.io_federatedrolebindings.yaml (96%) rename config/{ => ks-core}/crds/iam.kubesphere.io_federatedroles.yaml (97%) rename config/{ => ks-core}/crds/iam.kubesphere.io_federatedusers.yaml (97%) rename config/{ => ks-core}/crds/iam.kubesphere.io_globalrolebindings.yaml (96%) rename config/{ => ks-core}/crds/iam.kubesphere.io_globalroles.yaml (96%) rename config/{ => ks-core}/crds/iam.kubesphere.io_groupbindings.yaml (93%) rename config/{ => ks-core}/crds/iam.kubesphere.io_groups.yaml (92%) rename config/{ => ks-core}/crds/iam.kubesphere.io_loginrecords.yaml (95%) rename config/{ => ks-core}/crds/iam.kubesphere.io_rolebases.yaml (91%) rename config/{ => ks-core}/crds/iam.kubesphere.io_users.yaml (97%) rename config/{ => ks-core}/crds/iam.kubesphere.io_workspacerolebindings.yaml (96%) rename config/{ => ks-core}/crds/iam.kubesphere.io_workspaceroles.yaml (96%) rename config/{ => ks-core}/crds/network.kubesphere.io_ipamblocks.yaml (94%) rename config/{ => ks-core}/crds/network.kubesphere.io_ipamhandles.yaml (92%) rename config/{ => ks-core}/crds/network.kubesphere.io_ippools.yaml (96%) rename config/{ => ks-core}/crds/network.kubesphere.io_namespacenetworkpolicies.yaml (99%) rename config/{ => ks-core}/crds/quota.kubesphere.io_resourcequotas.yaml (98%) create mode 100644 config/ks-core/crds/servicemesh.kubesphere.io_servicepolicies.yaml create mode 100644 config/ks-core/crds/servicemesh.kubesphere.io_strategies.yaml rename config/{ => ks-core}/crds/storage.kubesphere.io_provisionercapabilities.yaml (96%) rename config/{ => ks-core}/crds/storage.kubesphere.io_storageclasscapabilities.yaml (96%) rename config/{ => ks-core}/crds/tenant.kubesphere.io_workspaces.yaml (92%) rename config/{ => ks-core}/crds/tenant.kubesphere.io_workspacetemplates.yaml (97%) diff --git a/Makefile b/Makefile index 81a6743bb..642ed49f7 100644 --- a/Makefile +++ b/Makefile @@ -7,7 +7,7 @@ CRD_OPTIONS ?= "crd:allowDangerousTypes=true" GV="network:v1alpha1 servicemesh:v1alpha2 tenant:v1alpha1 tenant:v1alpha2 devops:v1alpha1 iam:v1alpha2 devops:v1alpha3 cluster:v1alpha1 storage:v1alpha1 auditing:v1alpha1 types:v1beta1 types:v1beta2 quota:v1alpha2 application:v1alpha1 notification:v2beta1 notification:v2beta2 gateway:v1alpha1 alerting:v2beta1" -MANIFESTS="application/* cluster/* iam/* network/v1alpha1 quota/* storage/* tenant/* gateway/* alerting/*" +MANIFESTS="application/v1alpha1 cluster/v1alpha1 iam/v1alpha2 network/v1alpha1 quota/v1alpha2 storage/v1alpha1 tenant/... gateway/... alerting/..." # App Version APP_VERSION = v3.2.0 diff --git a/config/crds/app_v1beta1_application.yaml b/config/crds/app_v1beta1_application.yaml deleted file mode 100644 index 4a9f271ab..000000000 --- a/config/crds/app_v1beta1_application.yaml +++ /dev/null @@ -1,532 +0,0 @@ -# Copyright 2020 The Kubernetes Authors. -# SPDX-License-Identifier: Apache-2.0 - -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - api-approved.kubernetes.io: https://github.com/kubernetes-sigs/application/pull/2 - controller-gen.kubebuilder.io/version: v0.4.0 - creationTimestamp: null - name: applications.app.k8s.io -spec: - group: app.k8s.io - names: - categories: - - all - kind: Application - listKind: ApplicationList - plural: applications - shortNames: - - app - singular: application - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The type of the application - jsonPath: .spec.descriptor.type - name: Type - type: string - - description: The creation date - jsonPath: .spec.descriptor.version - name: Version - type: string - - description: The application object owns the matched resources - jsonPath: .spec.addOwnerRef - name: Owner - type: boolean - - description: Numbers of components ready - jsonPath: .status.componentsReady - name: Ready - type: string - - description: The creation date - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1beta1 - schema: - openAPIV3Schema: - description: Application is the Schema for the applications API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ApplicationSpec defines the specification for an Application. - properties: - addOwnerRef: - description: AddOwnerRef objects - flag to indicate if we need to - add OwnerRefs to matching objects Matching is done by using Selector - to query all ComponentGroupKinds - type: boolean - assemblyPhase: - description: AssemblyPhase represents the current phase of the application's - assembly. An empty value is equivalent to "Succeeded". - type: string - componentKinds: - description: ComponentGroupKinds is a list of Kinds for Application's - components (e.g. Deployments, Pods, Services, CRDs). It can be used - in conjunction with the Application's Selector to list or watch - the Applications components. - items: - description: GroupKind specifies a Group and a Kind, but does not - force a version. This is useful for identifying concepts during - lookup stages without having partially valid types - properties: - group: - type: string - kind: - type: string - required: - - group - - kind - type: object - type: array - descriptor: - description: Descriptor regroups information and metadata about an - application. - properties: - description: - description: Description is a brief string description of the - Application. - type: string - icons: - description: Icons is an optional list of icons for an application. - Icon information includes the source, size, and mime type. - items: - description: ImageSpec contains information about an image used - as an icon. - properties: - size: - description: (optional) The size of the image in pixels - (e.g., 25x25). - type: string - src: - description: The source for image represented as either - an absolute URL to the image or a Data URL containing - the image. Data URLs are defined in RFC 2397. - type: string - type: - description: (optional) The mine type of the image (e.g., - "image/png"). - type: string - required: - - src - type: object - type: array - keywords: - description: Keywords is an optional list of key words associated - with the application (e.g. MySQL, RDBMS, database). - items: - type: string - type: array - links: - description: Links are a list of descriptive URLs intended to - be used to surface additional documentation, dashboards, etc. - items: - description: Link contains information about an URL to surface - documentation, dashboards, etc. - properties: - description: - description: Description is human readable content explaining - the purpose of the link. - type: string - url: - description: Url typically points at a website address. - type: string - type: object - type: array - maintainers: - description: Maintainers is an optional list of maintainers of - the application. The maintainers in this list maintain the the - source code, images, and package for the application. - items: - description: ContactData contains information about an individual - or organization. - properties: - email: - description: Email is the email address. - type: string - name: - description: Name is the descriptive name. - type: string - url: - description: Url could typically be a website address. - type: string - type: object - type: array - notes: - description: Notes contain a human readable snippets intended - as a quick start for the users of the Application. CommonMark - markdown syntax may be used for rich text representation. - type: string - owners: - description: Owners is an optional list of the owners of the installed - application. The owners of the application should be contacted - in the event of a planned or unplanned disruption affecting - the application. - items: - description: ContactData contains information about an individual - or organization. - properties: - email: - description: Email is the email address. - type: string - name: - description: Name is the descriptive name. - type: string - url: - description: Url could typically be a website address. - type: string - type: object - type: array - type: - description: Type is the type of the application (e.g. WordPress, - MySQL, Cassandra). - type: string - version: - description: Version is an optional version indicator for the - Application. - type: string - type: object - info: - description: Info contains human readable key,value pairs for the - Application. - items: - description: InfoItem is a human readable key,value pair containing - important information about how to access the Application. - properties: - name: - description: Name is a human readable title for this piece of - information. - type: string - type: - description: Type of the value for this InfoItem. - type: string - value: - description: Value is human readable content. - type: string - valueFrom: - description: ValueFrom defines a reference to derive the value - from another source. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a - valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to - have some well-defined way of referencing a part of - an object. TODO: this design is not final and this - field is subject to change in the future.' - type: string - key: - description: The key to select. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - ingressRef: - description: Select an Ingress. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a - valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to - have some well-defined way of referencing a part of - an object. TODO: this design is not final and this - field is subject to change in the future.' - type: string - host: - description: The optional host to select. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - path: - description: The optional HTTP path. - type: string - protocol: - description: Protocol for the ingress - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - secretKeyRef: - description: Selects a key of a Secret. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a - valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to - have some well-defined way of referencing a part of - an object. TODO: this design is not final and this - field is subject to change in the future.' - type: string - key: - description: The key to select. - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - serviceRef: - description: Select a Service. - properties: - apiVersion: - description: API version of the referent. - type: string - fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a - valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container - that triggered the event) or if no container name - is specified "spec.containers[2]" (container with - index 2 in this pod). This syntax is chosen only to - have some well-defined way of referencing a part of - an object. TODO: this design is not final and this - field is subject to change in the future.' - type: string - kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Namespace of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' - type: string - path: - description: The optional HTTP path. - type: string - port: - description: The optional port to select. - format: int32 - type: integer - protocol: - description: Protocol for the service - type: string - resourceVersion: - description: 'Specific resourceVersion to which this - reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' - type: string - uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' - type: string - type: object - type: - description: Type of source. - type: string - type: object - type: object - type: array - selector: - description: 'Selector is a label query over kinds that created by - the application. It must match the component objects'' labels. More - info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that - contains values, a key, and an operator that relates the key - and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to - a set of values. Valid operators are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values is an array of string values. If the - operator is In or NotIn, the values array must be non-empty. - If the operator is Exists or DoesNotExist, the values - array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator - is "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - type: object - status: - description: ApplicationStatus defines controller's the observed state - of Application - properties: - components: - description: Object status array for all matching objects - items: - description: ObjectStatus is a generic status holder for objects - properties: - group: - description: Object group - type: string - kind: - description: Kind of object - type: string - link: - description: Link to object - type: string - name: - description: Name of object - type: string - status: - description: 'Status. Values: InProgress, Ready, Unknown' - type: string - type: object - type: array - componentsReady: - description: 'ComponentsReady: status of the components in the format - ready/total' - type: string - conditions: - description: Conditions represents the latest state of the object - items: - description: Condition describes the state of an object at a certain - point. - properties: - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - lastUpdateTime: - description: Last time the condition was probed - format: date-time - type: string - message: - description: A human readable message indicating details about - the transition. - type: string - reason: - description: The reason for the condition's last transition. - type: string - status: - description: Status of the condition, one of True, False, Unknown. - type: string - type: - description: Type of condition. - type: string - required: - - status - - type - type: object - type: array - observedGeneration: - description: ObservedGeneration is the most recent generation observed. - It corresponds to the Object's generation, which is updated on mutation - by the API Server. - format: int64 - type: integer - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_devopsprojects.yaml b/config/crds/devops.kubesphere.io_devopsprojects.yaml deleted file mode 100644 index b3258cd75..000000000 --- a/config/crds/devops.kubesphere.io_devopsprojects.yaml +++ /dev/null @@ -1,52 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: devopsprojects.devops.kubesphere.io -spec: - group: devops.kubesphere.io - names: - categories: - - devops - kind: DevOpsProject - listKind: DevOpsProjectList - plural: devopsprojects - singular: devopsproject - scope: Cluster - versions: - - name: v1alpha3 - schema: - openAPIV3Schema: - description: DevOpsProject is the Schema for the devopsprojects API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: DevOpsProjectSpec defines the desired state of DevOpsProject - type: object - status: - description: DevOpsProjectStatus defines the observed state of DevOpsProject - properties: - adminNamespace: - description: 'INSERT ADDITIONAL STATUS FIELD - define observed state of cluster Important: Run "make" to regenerate code after modifying this file' - type: string - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_pipelines.yaml b/config/crds/devops.kubesphere.io_pipelines.yaml deleted file mode 100644 index 8385dbd85..000000000 --- a/config/crds/devops.kubesphere.io_pipelines.yaml +++ /dev/null @@ -1,300 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: pipelines.devops.kubesphere.io -spec: - group: devops.kubesphere.io - names: - kind: Pipeline - listKind: PipelineList - plural: pipelines - singular: pipeline - scope: Namespaced - versions: - - name: v1alpha3 - schema: - openAPIV3Schema: - description: Pipeline is the Schema for the pipelines API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: PipelineSpec defines the desired state of Pipeline - properties: - multi_branch_pipeline: - properties: - bitbucket_server_source: - properties: - api_uri: - type: string - credential_id: - type: string - discover_branches: - type: integer - discover_pr_from_forks: - properties: - strategy: - type: integer - trust: - type: integer - type: object - discover_pr_from_origin: - type: integer - discover_tags: - type: boolean - git_clone_option: - properties: - depth: - type: integer - shallow: - type: boolean - timeout: - type: integer - type: object - owner: - type: string - regex_filter: - type: string - repo: - type: string - scm_id: - type: string - type: object - description: - type: string - discarder: - properties: - days_to_keep: - type: string - num_to_keep: - type: string - type: object - git_source: - properties: - credential_id: - type: string - discover_branches: - type: boolean - discover_tags: - type: boolean - git_clone_option: - properties: - depth: - type: integer - shallow: - type: boolean - timeout: - type: integer - type: object - regex_filter: - type: string - scm_id: - type: string - url: - type: string - type: object - github_source: - description: GithubSource and BitbucketServerSource have the same structure, but we don't use one due to crd errors - properties: - api_uri: - type: string - credential_id: - type: string - discover_branches: - type: integer - discover_pr_from_forks: - properties: - strategy: - type: integer - trust: - type: integer - type: object - discover_pr_from_origin: - type: integer - discover_tags: - type: boolean - git_clone_option: - properties: - depth: - type: integer - shallow: - type: boolean - timeout: - type: integer - type: object - owner: - type: string - regex_filter: - type: string - repo: - type: string - scm_id: - type: string - type: object - gitlab_source: - properties: - api_uri: - type: string - credential_id: - type: string - discover_branches: - type: integer - discover_pr_from_forks: - properties: - strategy: - type: integer - trust: - type: integer - type: object - discover_pr_from_origin: - type: integer - discover_tags: - type: boolean - git_clone_option: - properties: - depth: - type: integer - shallow: - type: boolean - timeout: - type: integer - type: object - owner: - type: string - regex_filter: - type: string - repo: - type: string - scm_id: - type: string - server_name: - type: string - type: object - multibranch_job_trigger: - properties: - create_action_job_to_trigger: - type: string - delete_action_job_to_trigger: - type: string - type: object - name: - type: string - script_path: - type: string - single_svn_source: - properties: - credential_id: - type: string - remote: - type: string - scm_id: - type: string - type: object - source_type: - type: string - svn_source: - properties: - credential_id: - type: string - excludes: - type: string - includes: - type: string - remote: - type: string - scm_id: - type: string - type: object - timer_trigger: - properties: - cron: - description: user in no scm job - type: string - interval: - description: use in multi-branch job - type: string - type: object - required: - - name - - script_path - - source_type - type: object - pipeline: - properties: - description: - type: string - disable_concurrent: - type: boolean - discarder: - properties: - days_to_keep: - type: string - num_to_keep: - type: string - type: object - jenkinsfile: - type: string - name: - type: string - parameters: - items: - properties: - default_value: - type: string - description: - type: string - name: - type: string - type: - type: string - required: - - name - - type - type: object - type: array - remote_trigger: - properties: - token: - type: string - type: object - timer_trigger: - properties: - cron: - description: user in no scm job - type: string - interval: - description: use in multi-branch job - type: string - type: object - required: - - name - type: object - type: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file' - type: string - required: - - type - type: object - status: - description: PipelineStatus defines the observed state of Pipeline - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_s2ibinaries.yaml b/config/crds/devops.kubesphere.io_s2ibinaries.yaml deleted file mode 100644 index d850b1eb1..000000000 --- a/config/crds/devops.kubesphere.io_s2ibinaries.yaml +++ /dev/null @@ -1,81 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: s2ibinaries.devops.kubesphere.io -spec: - group: devops.kubesphere.io - names: - kind: S2iBinary - listKind: S2iBinaryList - plural: s2ibinaries - singular: s2ibinary - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .spec.fileName - name: FileName - type: string - - jsonPath: .spec.md5 - name: MD5 - type: string - - jsonPath: .spec.size - name: Size - type: string - - jsonPath: .status.phase - name: Phase - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: S2iBinary is the Schema for the s2ibinaries API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: S2iBinarySpec defines the desired state of S2iBinary - properties: - downloadURL: - description: DownloadURL in KubeSphere - type: string - fileName: - description: FileName is filename of binary - type: string - md5: - description: MD5 is Binary's MD5 Hash - type: string - size: - description: Size is the file size of file - type: string - uploadTimeStamp: - description: UploadTime is last upload time - format: date-time - type: string - type: object - status: - description: S2iBinaryStatus defines the observed state of S2iBinary - properties: - phase: - description: Phase is status of S2iBinary . Possible value is "Ready","UnableToDownload" - type: string - type: object - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_s2ibuilders.yaml b/config/crds/devops.kubesphere.io_s2ibuilders.yaml deleted file mode 100644 index f4531ccee..000000000 --- a/config/crds/devops.kubesphere.io_s2ibuilders.yaml +++ /dev/null @@ -1,475 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: s2ibuilders.devops.kubesphere.io -spec: - group: devops.kubesphere.io - names: - kind: S2iBuilder - listKind: S2iBuilderList - plural: s2ibuilders - shortNames: - - s2ib - singular: s2ibuilder - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.runCount - name: RunCount - type: integer - - jsonPath: .status.lastRunState - name: LastRunState - type: string - - jsonPath: .status.lastRunName - name: LastRunName - type: string - - jsonPath: .status.lastRunStartTime - name: LastRunStartTime - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: S2iBuilder is the Schema for the s2ibuilders API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: S2iBuilderSpec defines the desired state of S2iBuilder - properties: - config: - description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster Important: Run "make" to regenerate code after modifying this file' - properties: - addHost: - description: AddHost Add a line to /etc/hosts for test purpose or private use in LAN. Its format is host:IP,multiple hosts can be added by using multiple --add-host - items: - type: string - type: array - asDockerfile: - description: AsDockerfile indicates the path where the Dockerfile should be written instead of building a new image. - type: string - assembleUser: - description: AssembleUser specifies the user to run the assemble script in container - type: string - blockOnBuild: - description: BlockOnBuild prevents s2i from performing a docker build operation if one is necessary to execute ONBUILD commands, or to layer source code into the container for images that don't have a tar binary available, if the image contains ONBUILD commands that would be executed. - type: boolean - branchExpression: - description: Regular expressions, ignoring names that do not match the provided regular expression - type: string - buildVolumes: - description: BuildVolumes specifies a list of volumes to mount to container running the build. - items: - type: string - type: array - builderBaseImageVersion: - description: BuilderBaseImageVersion provides optional version information about the builder base image. - type: string - builderImage: - description: BuilderImage describes which image is used for building the result images. - type: string - builderImageVersion: - description: BuilderImageVersion provides optional version information about the builder image. - type: string - builderPullPolicy: - description: BuilderPullPolicy specifies when to pull the builder image - type: string - callbackUrl: - description: CallbackURL is a URL which is called upon successful build to inform about that fact. - type: string - cgroupLimits: - description: CGroupLimits describes the cgroups limits that will be applied to any containers run by s2i. - properties: - cpuPeriod: - format: int64 - type: integer - cpuQuota: - format: int64 - type: integer - cpuShares: - format: int64 - type: integer - memoryLimitBytes: - format: int64 - type: integer - memorySwap: - format: int64 - type: integer - parent: - type: string - required: - - cpuPeriod - - cpuQuota - - cpuShares - - memoryLimitBytes - - memorySwap - - parent - type: object - contextDir: - description: Specify a relative directory inside the application repository that should be used as a root directory for the application. - type: string - description: - description: Description is a result image description label. The default is no description. - type: string - destination: - description: Destination specifies a location where the untar operation will place its artifacts. - type: string - displayName: - description: DisplayName is a result image display-name label. This defaults to the output image name. - type: string - dockerConfig: - description: DockerConfig describes how to access host docker daemon. - properties: - caFile: - description: CAFile is the certificate authority file path for a TLS connection - type: string - certFile: - description: CertFile is the certificate file path for a TLS connection - type: string - endPoint: - description: Endpoint is the docker network endpoint or socket - type: string - keyFile: - description: KeyFile is the key file path for a TLS connection - type: string - tlsVerify: - description: TLSVerify indicates if TLS peer must be verified - type: boolean - useTLS: - description: UseTLS indicates if TLS must be used - type: boolean - required: - - caFile - - certFile - - endPoint - - keyFile - - tlsVerify - - useTLS - type: object - dockerNetworkMode: - description: DockerNetworkMode is used to set the docker network setting to --net=container: when the builder is invoked from a container. - type: string - dropCapabilities: - description: DropCapabilities contains a list of capabilities to drop when executing containers - items: - type: string - type: array - environment: - description: Environment is a map of environment variables to be passed to the image. - items: - description: EnvironmentSpec specifies a single environment variable. - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - excludeRegExp: - description: ExcludeRegExp contains a string representation of the regular expression desired for deciding which files to exclude from the tar stream - type: string - export: - description: Export Push the result image to specify image registry in tag - type: boolean - gitSecretRef: - description: GitSecretRef is the BasicAuth Secret of Git Clone - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - hasOnBuild: - description: HasOnBuild will be set to true if the builder image contains ONBUILD instructions - type: boolean - imageName: - description: ImageName Contains the registry address and reponame, tag should set by field tag alone - type: string - imageScriptsUrl: - description: ImageScriptsURL is the default location to find the assemble/run scripts for a builder image. This url can be a reference within the builder image if the scheme is specified as image:// - type: string - imageWorkDir: - description: ImageWorkDir is the default working directory for the builder image. - type: string - incremental: - description: Incremental describes whether to try to perform incremental build. - type: boolean - incrementalAuthentication: - description: IncrementalAuthentication holds the authentication information for pulling the previous image from private repositories - properties: - email: - type: string - password: - type: string - secretRef: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - serverAddress: - type: string - username: - type: string - type: object - incrementalFromTag: - description: IncrementalFromTag sets an alternative image tag to look for existing artifacts. Tag is used by default if this is not set. - type: string - injections: - description: Injections specifies a list source/destination folders that are injected to the container that runs assemble. All files we inject will be truncated after the assemble script finishes. - items: - description: VolumeSpec represents a single volume mount point. - properties: - destination: - description: Destination is the path to mount the volume to - absolute or relative. - type: string - keep: - description: Keep indicates if the mounted data should be kept in the final image. - type: boolean - source: - description: Source is a reference to the volume source. - type: string - type: object - type: array - isBinaryURL: - description: IsBinaryURL explain the type of SourceURL. If it is IsBinaryURL, it will download the file directly without using git. - type: boolean - keepSymlinks: - description: KeepSymlinks indicates to copy symlinks as symlinks. Default behavior is to follow symlinks and copy files by content. - type: boolean - labelNamespace: - description: LabelNamespace provides the namespace under which the labels will be generated. - type: string - labels: - additionalProperties: - type: string - description: Labels specify labels and their values to be applied to the resulting image. Label keys must have non-zero length. The labels defined here override generated labels in case they have the same name. - type: object - layeredBuild: - description: LayeredBuild describes if this is build which layered scripts and sources on top of BuilderImage. - type: boolean - nodeAffinityKey: - description: The key of Node Affinity. - type: string - nodeAffinityValues: - description: The values of Node Affinity. - items: - type: string - type: array - outputBuildResult: - description: Whether output build result to status. - type: boolean - outputImageName: - description: OutputImageName is a result image name without tag, default is latest. tag will append to ImageName in the end - type: string - preserveWorkingDir: - description: PreserveWorkingDir describes if working directory should be left after processing. - type: boolean - previousImagePullPolicy: - description: PreviousImagePullPolicy specifies when to pull the previously build image when doing incremental build - type: string - pullAuthentication: - description: PullAuthentication holds the authentication information for pulling the Docker images from private repositories - properties: - email: - type: string - password: - type: string - secretRef: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - serverAddress: - type: string - username: - type: string - type: object - pushAuthentication: - description: PullAuthentication holds the authentication information for pulling the Docker images from private repositories - properties: - email: - type: string - password: - type: string - secretRef: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - serverAddress: - type: string - username: - type: string - type: object - removePreviousImage: - description: RemovePreviousImage describes if previous image should be removed after successful build. This applies only to incremental builds. - type: boolean - revisionId: - description: The RevisionId is a branch name or a SHA-1 hash of every important thing about the commit - type: string - runImage: - description: RunImage will trigger a "docker run ..." invocation of the produced image so the user can see if it operates as he would expect - type: boolean - runtimeArtifacts: - description: RuntimeArtifacts specifies a list of source/destination pairs that will be copied from builder to a runtime image. Source can be a file or directory. Destination must be a directory. Regardless whether it is an absolute or relative path, it will be placed into image's WORKDIR. Destination also can be empty or equals to ".", in this case it just refers to a root of WORKDIR. In case it's empty, S2I will try to get this list from io.openshift.s2i.assemble-input-files label on a RuntimeImage. - items: - description: VolumeSpec represents a single volume mount point. - properties: - destination: - description: Destination is the path to mount the volume to - absolute or relative. - type: string - keep: - description: Keep indicates if the mounted data should be kept in the final image. - type: boolean - source: - description: Source is a reference to the volume source. - type: string - type: object - type: array - runtimeAuthentication: - description: RuntimeAuthentication holds the authentication information for pulling the runtime Docker images from private repositories. - properties: - email: - type: string - password: - type: string - secretRef: - description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - serverAddress: - type: string - username: - type: string - type: object - runtimeImage: - description: RuntimeImage specifies the image that will be a base for resulting image and will be used for running an application. By default, BuilderImage is used for building and running, but the latter may be overridden. - type: string - runtimeImagePullPolicy: - description: RuntimeImagePullPolicy specifies when to pull a runtime image. - type: string - scriptDownloadProxyConfig: - description: ScriptDownloadProxyConfig optionally specifies the http and https proxy to use when downloading scripts - properties: - httpProxy: - type: string - httpsProxy: - type: string - type: object - scriptsUrl: - description: ScriptsURL is a URL describing where to fetch the S2I scripts from during build process. This url can be a reference within the builder image if the scheme is specified as image:// - type: string - secretCode: - description: SecretCode - type: string - securityOpt: - description: SecurityOpt are passed as options to the docker containers launched by s2i. - items: - type: string - type: array - sourceUrl: - description: SourceURL is url of the codes such as https://github.com/a/b.git - type: string - tag: - description: Tag is a result image tag name. - type: string - taintKey: - description: The name of taint. - type: string - usage: - description: Usage allows for properly shortcircuiting s2i logic when `s2i usage` is invoked - type: boolean - workingDir: - description: WorkingDir describes temporary directory used for downloading sources, scripts and tar operations. - type: string - workingSourceDir: - description: WorkingSourceDir describes the subdirectory off of WorkingDir set up during the repo download that is later used as the root for ignore processing - type: string - required: - - imageName - - sourceUrl - type: object - fromTemplate: - description: FromTemplate define some inputs from user - properties: - builderImage: - description: BaseImage specify which version of this template to use - type: string - name: - description: Name specify a template to use, so many fields in Config can left empty - type: string - parameters: - description: Parameters must use with `template`, fill some parameters which template will use - items: - properties: - defaultValue: - type: string - description: - type: string - key: - type: string - optValues: - items: - type: string - type: array - required: - type: boolean - type: - type: string - value: - type: string - type: object - type: array - type: object - type: object - status: - description: S2iBuilderStatus defines the observed state of S2iBuilder - properties: - lastRunName: - description: LastRunState return the name of the newest run of this builder - type: string - lastRunStartTime: - description: LastRunStartTime return the startTime of the newest run of this builder - format: date-time - type: string - lastRunState: - description: LastRunState return the state of the newest run of this builder - type: string - runCount: - description: RunCount represent the sum of s2irun of this builder - type: integer - required: - - runCount - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml b/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml deleted file mode 100644 index 547a3fece..000000000 --- a/config/crds/devops.kubesphere.io_s2ibuildertemplates.yaml +++ /dev/null @@ -1,130 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: s2ibuildertemplates.devops.kubesphere.io -spec: - group: devops.kubesphere.io - names: - categories: - - devops - kind: S2iBuilderTemplate - listKind: S2iBuilderTemplateList - plural: s2ibuildertemplates - shortNames: - - s2ibt - singular: s2ibuildertemplate - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.codeFramework - name: Framework - type: string - - jsonPath: .spec.defaultBaseImage - name: DefaultBaseImage - type: string - - jsonPath: .spec.version - name: Version - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: S2iBuilderTemplate is the Schema for the s2ibuildertemplates API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: S2iBuilderTemplateSpec defines the desired state of S2iBuilderTemplate - properties: - codeFramework: - description: CodeFramework means which language this template is designed for and which framework is using if has framework. Like Java, NodeJS etc - type: string - containerInfo: - description: Images are the images this template will use. - items: - properties: - buildVolumes: - description: BuildVolumes specifies a list of volumes to mount to container running the build. - items: - type: string - type: array - builderImage: - description: BaseImage are the images this template will use. - type: string - runtimeArtifacts: - items: - description: VolumeSpec represents a single volume mount point. - properties: - destination: - description: Destination is the path to mount the volume to - absolute or relative. - type: string - keep: - description: Keep indicates if the mounted data should be kept in the final image. - type: boolean - source: - description: Source is a reference to the volume source. - type: string - type: object - type: array - runtimeImage: - type: string - type: object - type: array - defaultBaseImage: - description: DefaultBaseImage is the image that will be used by default - type: string - description: - description: Description illustrate the purpose of this template - type: string - environment: - description: Parameters is a set of environment variables to be passed to the image. - items: - properties: - defaultValue: - type: string - description: - type: string - key: - type: string - optValues: - items: - type: string - type: array - required: - type: boolean - type: - type: string - value: - type: string - type: object - type: array - iconPath: - description: IconPath is used for frontend display - type: string - version: - description: Version of template - type: string - type: object - status: - description: S2iBuilderTemplateStatus defines the observed state of S2iBuilderTemplate - type: object - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/devops.kubesphere.io_s2iruns.yaml b/config/crds/devops.kubesphere.io_s2iruns.yaml deleted file mode 100644 index 1d380bc52..000000000 --- a/config/crds/devops.kubesphere.io_s2iruns.yaml +++ /dev/null @@ -1,164 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: s2iruns.devops.kubesphere.io -spec: - group: devops.kubesphere.io - names: - kind: S2iRun - listKind: S2iRunList - plural: s2iruns - shortNames: - - s2ir - singular: s2irun - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.runState - name: State - type: string - - jsonPath: .status.kubernetesJobName - name: K8sJobName - type: string - - jsonPath: .status.startTime - name: StartTime - type: date - - jsonPath: .status.completionTime - name: CompletionTime - type: date - - jsonPath: .status.s2iBuildResult.imageName - name: ImageName - type: string - name: v1alpha1 - schema: - openAPIV3Schema: - description: S2iRun is the Schema for the s2iruns API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: S2iRunSpec defines the desired state of S2iRun - properties: - backoffLimit: - description: BackoffLimit limits the restart count of each s2irun. Default is 0 - format: int32 - type: integer - builderName: - description: BuilderName specify the name of s2ibuilder, required - type: string - newRevisionId: - description: NewRevisionId override the default NewRevisionId in its s2ibuilder. - type: string - newSourceURL: - description: NewSourceURL is used to download new binary artifacts - type: string - newTag: - description: NewTag override the default tag in its s2ibuilder, image name cannot be changed. - type: string - secondsAfterFinished: - description: SecondsAfterFinished if is set and greater than zero, and the job created by s2irun become successful or failed , the job will be auto deleted after SecondsAfterFinished - format: int32 - type: integer - required: - - builderName - type: object - status: - description: S2iRunStatus defines the observed state of S2iRun - properties: - completionTime: - description: Represents time when the job was completed. It is not guaranteed to be set in happens-before order across separate operations. It is represented in RFC3339 form and is in UTC. - format: date-time - type: string - kubernetesJobName: - description: KubernetesJobName is the job name in k8s - type: string - logURL: - description: LogURL is uesd for external log handler to let user know where is log located in - type: string - runState: - description: RunState indicates whether this job is done or failed - type: string - s2iBuildResult: - description: S2i build result info. - properties: - commandPull: - description: Command for pull image. - type: string - imageCreated: - description: Image created time. - type: string - imageID: - description: Image ID. - type: string - imageName: - description: ImageName is the name of artifact - type: string - imageRepoTags: - description: image tags. - items: - type: string - type: array - imageSize: - description: The size in bytes of the image - format: int64 - type: integer - type: object - s2iBuildSource: - description: S2i build source info. - properties: - binaryName: - description: Binary file Name - type: string - binarySize: - description: Binary file Size - format: int64 - type: integer - builderImage: - description: // BuilderImage describes which image is used for building the result images. - type: string - commitID: - description: CommitID represents an arbitrary extended object reference in Git as SHA-1 - type: string - committerEmail: - description: CommitterEmail contains the e-mail of the committer - type: string - committerName: - description: CommitterName contains the name of the committer - type: string - description: - description: Description is a result image description label. The default is no description. - type: string - revisionId: - description: The RevisionId is a branch name or a SHA-1 hash of every important thing about the commit - type: string - sourceUrl: - description: SourceURL is url of the codes such as https://github.com/a/b.git - type: string - type: object - startTime: - description: StartTime represent when this run began - format: date-time - type: string - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/gateway.kubesphere.io_nginxes.yaml b/config/crds/gateway.kubesphere.io_nginxes.yaml deleted file mode 100644 index f2100ec27..000000000 --- a/config/crds/gateway.kubesphere.io_nginxes.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: nginxes.gateway.kubesphere.io -spec: - group: gateway.kubesphere.io - names: - kind: Nginx - listKind: NginxList - plural: nginxes - singular: nginx - scope: Namespaced - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: Nginx is the Schema for the nginxes API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Spec defines the desired state of Nginx - type: object - x-kubernetes-preserve-unknown-fields: true - status: - description: Status defines the observed state of Nginx - type: object - x-kubernetes-preserve-unknown-fields: true - type: object - served: true - storage: true - subresources: - status: {} diff --git a/config/crds/servicemesh.kubesphere.io_servicepolicies.yaml b/config/crds/servicemesh.kubesphere.io_servicepolicies.yaml deleted file mode 100644 index ace17e532..000000000 --- a/config/crds/servicemesh.kubesphere.io_servicepolicies.yaml +++ /dev/null @@ -1,1251 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: servicepolicies.servicemesh.kubesphere.io -spec: - group: servicemesh.kubesphere.io - names: - kind: ServicePolicy - listKind: ServicePolicyList - plural: servicepolicies - singular: servicepolicy - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - description: ServicePolicy is the Schema for the servicepolicies API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: ServicePolicySpec defines the desired state of ServicePolicy - properties: - selector: - description: Label selector for destination rules. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - template: - description: Template used to create a destination rule - properties: - metadata: - description: Metadata of the virtual services created from this template - type: object - spec: - description: 'Configuration affecting load balancing, outlier detection, - etc. See more details at: https://istio.io/docs/reference/config/networking/destination-rule.html' - properties: - exportTo: - description: A list of namespaces to which this destination rule is - exported. - items: - format: string - type: string - type: array - host: - description: The name of a service from the service registry. - format: string - type: string - subsets: - items: - properties: - labels: - additionalProperties: - format: string - type: string - type: object - name: - description: Name of the subset. - format: string - type: string - trafficPolicy: - description: Traffic policies that apply to this subset. - properties: - connectionPool: - properties: - http: - description: HTTP connection pool settings. - properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should - be upgraded to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests - to a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection - pool connections. - type: string - maxRequestsPerConnection: - description: Maximum number of requests per connection - to a backend. - format: int32 - type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol will - be preserved while initiating connection to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP upstream - connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on the - socket to enable TCP Keepalives. - properties: - interval: - description: The time duration between keep-alive - probes. - type: string - probes: - type: integer - time: - type: string - type: object - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. - format: string - type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query - parameter. - format: string - type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute or - failover can be set.' - items: - properties: - from: - description: Originating locality, '/' separated, - e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities to - traffic distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, this - is DestinationRule-level and will override mesh - wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute - can be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: - format: string - type: string - type: object - type: array - type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host is ejected - from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host - is ejected from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - portLevelSettings: - description: Traffic policies specific to individual ports. - items: - properties: - connectionPool: - properties: - http: - description: HTTP connection pool settings. - properties: - h2UpgradePolicy: - description: Specify if http1.1 connection - should be upgraded to http2 for the associated - destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP - requests to a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to - a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream - connection pool connections. - type: string - maxRequestsPerConnection: - description: Maximum number of requests per - connection to a backend. - format: int32 - type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol - will be preserved while initiating connection - to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and - TCP upstream connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP - connections to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE - on the socket to enable TCP Keepalives. - properties: - interval: - description: The time duration between - keep-alive probes. - type: string - probes: - type: integer - time: - type: string - type: object - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer - algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP - header. - format: string - type: string - httpQueryParameterName: - description: Hash based on a specific HTTP - query parameter. - format: string - type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute - or failover can be set.' - items: - properties: - from: - description: Originating locality, '/' - separated, e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities - to traffic distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, - this is DestinationRule-level and will override - mesh wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute - can be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: - format: string - type: string - type: object - type: array - type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host - is ejected from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a - host is ejected from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep - analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - port: - properties: - number: - type: integer - type: object - tls: - description: TLS related settings for connections - to the upstream service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server - during TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array - type: object - type: object - type: array - tls: - description: TLS related settings for connections to the - upstream service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server during - TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array - type: object - type: object - type: object - type: array - trafficPolicy: - properties: - connectionPool: - properties: - http: - description: HTTP connection pool settings. - properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should be upgraded - to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests to - a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection - pool connections. - type: string - maxRequestsPerConnection: - description: Maximum number of requests per connection - to a backend. - format: int32 - type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol will be preserved - while initiating connection to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP upstream - connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on the socket - to enable TCP Keepalives. - properties: - interval: - description: The time duration between keep-alive - probes. - type: string - probes: - type: integer - time: - type: string - type: object - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. - format: string - type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query parameter. - format: string - type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute or failover - can be set.' - items: - properties: - from: - description: Originating locality, '/' separated, - e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities to traffic - distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, this is DestinationRule-level - and will override mesh wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute can - be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: - format: string - type: string - type: object - type: array - type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host is ejected - from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host is ejected - from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - portLevelSettings: - description: Traffic policies specific to individual ports. - items: - properties: - connectionPool: - properties: - http: - description: HTTP connection pool settings. - properties: - h2UpgradePolicy: - description: Specify if http1.1 connection should - be upgraded to http2 for the associated destination. - enum: - - DEFAULT - - DO_NOT_UPGRADE - - UPGRADE - type: string - http1MaxPendingRequests: - description: Maximum number of pending HTTP requests - to a destination. - format: int32 - type: integer - http2MaxRequests: - description: Maximum number of requests to a backend. - format: int32 - type: integer - idleTimeout: - description: The idle timeout for upstream connection - pool connections. - type: string - maxRequestsPerConnection: - description: Maximum number of requests per connection - to a backend. - format: int32 - type: integer - maxRetries: - format: int32 - type: integer - useClientProtocol: - description: If set to true, client protocol will - be preserved while initiating connection to backend. - type: boolean - type: object - tcp: - description: Settings common to both HTTP and TCP upstream - connections. - properties: - connectTimeout: - description: TCP connection timeout. - type: string - maxConnections: - description: Maximum number of HTTP1 /TCP connections - to a destination host. - format: int32 - type: integer - tcpKeepalive: - description: If set then set SO_KEEPALIVE on the - socket to enable TCP Keepalives. - properties: - interval: - description: The time duration between keep-alive - probes. - type: string - probes: - type: integer - time: - type: string - type: object - type: object - type: object - loadBalancer: - description: Settings controlling the load balancer algorithms. - oneOf: - - not: - anyOf: - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - - required: - - simple - - properties: - consistentHash: - oneOf: - - not: - anyOf: - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - - required: - - httpHeaderName - - required: - - httpCookie - - required: - - useSourceIp - - required: - - httpQueryParameterName - required: - - consistentHash - properties: - consistentHash: - properties: - httpCookie: - description: Hash based on HTTP cookie. - properties: - name: - description: Name of the cookie. - format: string - type: string - path: - description: Path to set for the cookie. - format: string - type: string - ttl: - description: Lifetime of the cookie. - type: string - type: object - httpHeaderName: - description: Hash based on a specific HTTP header. - format: string - type: string - httpQueryParameterName: - description: Hash based on a specific HTTP query - parameter. - format: string - type: string - minimumRingSize: - type: integer - useSourceIp: - description: Hash based on the source IP address. - type: boolean - type: object - localityLbSetting: - properties: - distribute: - description: 'Optional: only one of distribute or - failover can be set.' - items: - properties: - from: - description: Originating locality, '/' separated, - e.g. - format: string - type: string - to: - additionalProperties: - type: integer - description: Map of upstream localities to - traffic distribution weights. - type: object - type: object - type: array - enabled: - description: enable locality load balancing, this - is DestinationRule-level and will override mesh - wide settings in entirety. - nullable: true - type: boolean - failover: - description: 'Optional: only failover or distribute - can be set.' - items: - properties: - from: - description: Originating region. - format: string - type: string - to: - format: string - type: string - type: object - type: array - type: object - simple: - enum: - - ROUND_ROBIN - - LEAST_CONN - - RANDOM - - PASSTHROUGH - type: string - type: object - outlierDetection: - properties: - baseEjectionTime: - description: Minimum ejection duration. - type: string - consecutive5xxErrors: - description: Number of 5xx errors before a host is ejected - from the connection pool. - nullable: true - type: integer - consecutiveErrors: - format: int32 - type: integer - consecutiveGatewayErrors: - description: Number of gateway errors before a host - is ejected from the connection pool. - nullable: true - type: integer - interval: - description: Time interval between ejection sweep analysis. - type: string - maxEjectionPercent: - format: int32 - type: integer - minHealthPercent: - format: int32 - type: integer - type: object - port: - properties: - number: - type: integer - type: object - tls: - description: TLS related settings for connections to the - upstream service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server during - TLS handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array - type: object - type: object - type: array - tls: - description: TLS related settings for connections to the upstream - service. - properties: - caCertificates: - format: string - type: string - clientCertificate: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - credentialName: - format: string - type: string - mode: - enum: - - DISABLE - - SIMPLE - - MUTUAL - - ISTIO_MUTUAL - type: string - privateKey: - description: REQUIRED if mode is `MUTUAL`. - format: string - type: string - sni: - description: SNI string to present to the server during TLS - handshake. - format: string - type: string - subjectAltNames: - items: - format: string - type: string - type: array - type: object - type: object - type: object - type: object - type: object - status: - description: ServicePolicyStatus defines the observed state of ServicePolicy - properties: - completionTime: - description: Represents time when the strategy was completed. It is represented in RFC3339 form and is in UTC. - format: date-time - type: string - conditions: - description: The latest available observations of an object's current state. - items: - description: StrategyCondition describes current state of a strategy. - properties: - lastProbeTime: - description: Last time the condition was checked. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transit from one status to another - format: date-time - type: string - message: - description: Human readable message indicating details about last transition. - type: string - reason: - description: reason for the condition's last transition - type: string - status: - description: Status of the condition, one of True, False, Unknown - type: string - type: - description: Type of strategy condition, Complete or Failed. - type: string - type: object - type: array - startTime: - description: Represents time when the strategy was acknowledged by the controller. It is represented in RFC3339 form and is in UTC. - format: date-time - type: string - type: object - type: object - served: true - storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/servicemesh.kubesphere.io_strategies.yaml b/config/crds/servicemesh.kubesphere.io_strategies.yaml deleted file mode 100644 index c3556d9a7..000000000 --- a/config/crds/servicemesh.kubesphere.io_strategies.yaml +++ /dev/null @@ -1,911 +0,0 @@ - ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: (devel) - creationTimestamp: null - name: strategies.servicemesh.kubesphere.io -spec: - group: servicemesh.kubesphere.io - names: - kind: Strategy - listKind: StrategyList - plural: strategies - singular: strategy - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: type of strategy - jsonPath: .spec.type - name: Type - type: string - - description: destination hosts - jsonPath: .spec.template.spec.hosts - name: Hosts - type: string - - description: 'CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha2 - schema: - openAPIV3Schema: - description: Strategy is the Schema for the strategies API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: StrategySpec defines the desired state of Strategy - properties: - governor: - description: Governor version, the version takes control of all incoming traffic label version value - type: string - principal: - description: Principal version, the one as reference version label version value - type: string - selector: - description: Label selector for virtual services. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - strategyPolicy: - description: strategy policy, how the strategy will be applied by the strategy controller - type: string - template: - description: Template describes the virtual service that will be created. - properties: - metadata: - description: Metadata of the virtual services created from this template - type: object - spec: - description: 'Configuration affecting label/content routing, sni routing, - etc. See more details at: https://istio.io/docs/reference/config/networking/virtual-service.html' - properties: - exportTo: - description: A list of namespaces to which this virtual service is - exported. - items: - format: string - type: string - type: array - gateways: - description: The names of gateways and sidecars that should apply - these routes. - items: - format: string - type: string - type: array - hosts: - description: The destination hosts to which traffic is being sent. - items: - format: string - type: string - type: array - http: - description: An ordered list of route rules for HTTP traffic. - items: - properties: - corsPolicy: - description: Cross-Origin Resource Sharing policy (CORS). - properties: - allowCredentials: - nullable: true - type: boolean - allowHeaders: - items: - format: string - type: string - type: array - allowMethods: - description: List of HTTP methods allowed to access the - resource. - items: - format: string - type: string - type: array - allowOrigin: - description: The list of origins that are allowed to perform - CORS requests. - items: - format: string - type: string - type: array - allowOrigins: - description: String patterns that match allowed origins. - items: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - type: array - exposeHeaders: - items: - format: string - type: string - type: array - maxAge: - type: string - type: object - delegate: - properties: - name: - description: Name specifies the name of the delegate VirtualService. - format: string - type: string - namespace: - description: Namespace specifies the namespace where the - delegate VirtualService resides. - format: string - type: string - type: object - fault: - description: Fault injection policy to apply on HTTP traffic - at the client side. - properties: - abort: - oneOf: - - not: - anyOf: - - required: - - httpStatus - - required: - - grpcStatus - - required: - - http2Error - - required: - - httpStatus - - required: - - grpcStatus - - required: - - http2Error - properties: - grpcStatus: - format: string - type: string - http2Error: - format: string - type: string - httpStatus: - description: HTTP status code to use to abort the Http - request. - format: int32 - type: integer - percentage: - description: Percentage of requests to be aborted with - the error code provided. - properties: - value: - format: double - type: number - type: object - type: object - delay: - oneOf: - - not: - anyOf: - - required: - - fixedDelay - - required: - - exponentialDelay - - required: - - fixedDelay - - required: - - exponentialDelay - properties: - exponentialDelay: - type: string - fixedDelay: - description: Add a fixed delay before forwarding the - request. - type: string - percent: - description: Percentage of requests on which the delay - will be injected (0-100). - format: int32 - type: integer - percentage: - description: Percentage of requests on which the delay - will be injected. - properties: - value: - format: double - type: number - type: object - type: object - type: object - headers: - properties: - request: - properties: - add: - additionalProperties: - format: string - type: string - type: object - remove: - items: - format: string - type: string - type: array - set: - additionalProperties: - format: string - type: string - type: object - type: object - response: - properties: - add: - additionalProperties: - format: string - type: string - type: object - remove: - items: - format: string - type: string - type: array - set: - additionalProperties: - format: string - type: string - type: object - type: object - type: object - match: - items: - properties: - authority: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - gateways: - description: Names of gateways where the rule should be - applied. - items: - format: string - type: string - type: array - headers: - additionalProperties: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - type: object - ignoreUriCase: - description: Flag to specify whether the URI matching - should be case-insensitive. - type: boolean - method: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - name: - description: The name assigned to a match. - format: string - type: string - port: - description: Specifies the ports on the host that is being - addressed. - type: integer - queryParams: - additionalProperties: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - description: Query parameters for matching. - type: object - scheme: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - sourceLabels: - additionalProperties: - format: string - type: string - type: object - sourceNamespace: - description: Source namespace constraining the applicability - of a rule to workloads in that namespace. - format: string - type: string - uri: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - withoutHeaders: - additionalProperties: - oneOf: - - not: - anyOf: - - required: - - exact - - required: - - prefix - - required: - - regex - - required: - - exact - - required: - - prefix - - required: - - regex - properties: - exact: - format: string - type: string - prefix: - format: string - type: string - regex: - description: RE2 style regex-based match (https://github.com/google/re2/wiki/Syntax). - format: string - type: string - type: object - description: withoutHeader has the same syntax with the - header, but has opposite meaning. - type: object - type: object - type: array - mirror: - properties: - host: - description: The name of a service from the service registry. - format: string - type: string - port: - description: Specifies the port on the host that is being - addressed. - properties: - number: - type: integer - type: object - subset: - description: The name of a subset within the service. - format: string - type: string - type: object - mirror_percent: - description: Percentage of the traffic to be mirrored by the - `mirror` field. - nullable: true - type: integer - mirrorPercent: - description: Percentage of the traffic to be mirrored by the - `mirror` field. - nullable: true - type: integer - mirrorPercentage: - description: Percentage of the traffic to be mirrored by the - `mirror` field. - properties: - value: - format: double - type: number - type: object - name: - description: The name assigned to the route for debugging purposes. - format: string - type: string - redirect: - description: A HTTP rule can either redirect or forward (default) - traffic. - properties: - authority: - format: string - type: string - redirectCode: - type: integer - uri: - format: string - type: string - type: object - retries: - description: Retry policy for HTTP requests. - properties: - attempts: - description: Number of retries to be allowed for a given - request. - format: int32 - type: integer - perTryTimeout: - description: Timeout per attempt for a given request, including - the initial call and any retries. - type: string - retryOn: - description: Specifies the conditions under which retry - takes place. - format: string - type: string - retryRemoteLocalities: - description: Flag to specify whether the retries should - retry to other localities. - nullable: true - type: boolean - type: object - rewrite: - description: Rewrite HTTP URIs and Authority headers. - properties: - authority: - description: rewrite the Authority/Host header with this - value. - format: string - type: string - uri: - format: string - type: string - type: object - route: - description: A HTTP rule can either redirect or forward (default) - traffic. - items: - properties: - destination: - properties: - host: - description: The name of a service from the service - registry. - format: string - type: string - port: - description: Specifies the port on the host that is - being addressed. - properties: - number: - type: integer - type: object - subset: - description: The name of a subset within the service. - format: string - type: string - type: object - headers: - properties: - request: - properties: - add: - additionalProperties: - format: string - type: string - type: object - remove: - items: - format: string - type: string - type: array - set: - additionalProperties: - format: string - type: string - type: object - type: object - response: - properties: - add: - additionalProperties: - format: string - type: string - type: object - remove: - items: - format: string - type: string - type: array - set: - additionalProperties: - format: string - type: string - type: object - type: object - type: object - weight: - format: int32 - type: integer - type: object - type: array - timeout: - description: Timeout for HTTP requests, default is disabled. - type: string - type: object - type: array - tcp: - description: An ordered list of route rules for opaque TCP traffic. - items: - properties: - match: - items: - properties: - destinationSubnets: - description: IPv4 or IPv6 ip addresses of destination - with optional subnet. - items: - format: string - type: string - type: array - gateways: - description: Names of gateways where the rule should be - applied. - items: - format: string - type: string - type: array - port: - description: Specifies the port on the host that is being - addressed. - type: integer - sourceLabels: - additionalProperties: - format: string - type: string - type: object - sourceNamespace: - description: Source namespace constraining the applicability - of a rule to workloads in that namespace. - format: string - type: string - sourceSubnet: - description: IPv4 or IPv6 ip address of source with optional - subnet. - format: string - type: string - type: object - type: array - route: - description: The destination to which the connection should - be forwarded to. - items: - properties: - destination: - properties: - host: - description: The name of a service from the service - registry. - format: string - type: string - port: - description: Specifies the port on the host that is - being addressed. - properties: - number: - type: integer - type: object - subset: - description: The name of a subset within the service. - format: string - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - type: object - type: array - tls: - items: - properties: - match: - items: - properties: - destinationSubnets: - description: IPv4 or IPv6 ip addresses of destination - with optional subnet. - items: - format: string - type: string - type: array - gateways: - description: Names of gateways where the rule should be - applied. - items: - format: string - type: string - type: array - port: - description: Specifies the port on the host that is being - addressed. - type: integer - sniHosts: - description: SNI (server name indicator) to match on. - items: - format: string - type: string - type: array - sourceLabels: - additionalProperties: - format: string - type: string - type: object - sourceNamespace: - description: Source namespace constraining the applicability - of a rule to workloads in that namespace. - format: string - type: string - type: object - type: array - route: - description: The destination to which the connection should - be forwarded to. - items: - properties: - destination: - properties: - host: - description: The name of a service from the service - registry. - format: string - type: string - port: - description: Specifies the port on the host that is - being addressed. - properties: - number: - type: integer - type: object - subset: - description: The name of a subset within the service. - format: string - type: string - type: object - weight: - format: int32 - type: integer - type: object - type: array - type: object - type: array - type: object - type: object - type: - description: Strategy type - type: string - type: object - status: - description: StrategyStatus defines the observed state of Strategy - properties: - completionTime: - description: Represents time when the strategy was completed. It is represented in RFC3339 form and is in UTC. - format: date-time - type: string - conditions: - description: The latest available observations of an object's current state. - items: - description: StrategyCondition describes current state of a strategy. - properties: - lastProbeTime: - description: Last time the condition was checked. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transit from one status to another - format: date-time - type: string - message: - description: Human readable message indicating details about last transition. - type: string - reason: - description: reason for the condition's last transition - type: string - status: - description: Status of the condition, one of True, False, Unknown - type: string - type: - description: Type of strategy condition, Complete or Failed. - type: string - type: object - type: array - startTime: - description: Represents time when the strategy was acknowledged by the controller. It is represented in RFC3339 form and is in UTC. - format: date-time - type: string - type: object - type: object - served: true - storage: true - subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/storage.kubesphere.io_storageclasseraccessor.yaml b/config/crds/storage.kubesphere.io_storageclasseraccessor.yaml deleted file mode 100644 index 6a601dd31..000000000 --- a/config/crds/storage.kubesphere.io_storageclasseraccessor.yaml +++ /dev/null @@ -1,180 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.4.1 - creationTimestamp: null - name: accessors.storage.kubesphere.io -spec: - group: storage.kubesphere.io - names: - kind: Accessor - listKind: AccessorList - plural: accessors - singular: accessor - scope: Cluster - versions: - - additionalPrinterColumns: - - jsonPath: .spec.storageClassName - name: StorageClass - type: string - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: Accessor is the Schema for the accessors API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: AccessorSpec defines the desired state of Accessor - properties: - namespaceSelector: - properties: - fieldSelector: - items: - properties: - fieldExpressions: - items: - properties: - field: - enum: - - Name - - Status - type: string - operator: - enum: - - In - - NotIn - type: string - values: - items: - type: string - type: array - required: - - field - - operator - - values - type: object - type: array - required: - - fieldExpressions - type: object - type: array - labelSelector: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - type: string - values: - items: - type: string - type: array - required: - - key - - operator - - values - type: object - type: array - required: - - matchExpressions - type: object - type: array - type: object - storageClassName: - type: string - workspaceSelector: - properties: - fieldSelector: - items: - properties: - fieldExpressions: - items: - properties: - field: - enum: - - Name - - Status - type: string - operator: - enum: - - In - - NotIn - type: string - values: - items: - type: string - type: array - required: - - field - - operator - - values - type: object - type: array - required: - - fieldExpressions - type: object - type: array - labelSelector: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - enum: - - In - - NotIn - type: string - values: - items: - type: string - type: array - required: - - key - - operator - - values - type: object - type: array - required: - - matchExpressions - type: object - type: array - type: object - required: - - storageClassName - type: object - type: object - served: true - storage: true - subresources: - status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/ks-core/crds/.gitkeep b/config/ks-core/crds/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/config/crds/alerting.kubesphere.io_clusterrulegroups.yaml b/config/ks-core/crds/alerting.kubesphere.io_clusterrulegroups.yaml similarity index 98% rename from config/crds/alerting.kubesphere.io_clusterrulegroups.yaml rename to config/ks-core/crds/alerting.kubesphere.io_clusterrulegroups.yaml index 31ed66f44..c5d83c3c6 100644 --- a/config/crds/alerting.kubesphere.io_clusterrulegroups.yaml +++ b/config/ks-core/crds/alerting.kubesphere.io_clusterrulegroups.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: clusterrulegroups.alerting.kubesphere.io spec: @@ -70,12 +69,12 @@ spec: cpu: description: Only one of its members may be specified. properties: + load5m: + type: number load15m: type: number load1m: type: number - load5m: - type: number utilization: type: number type: object @@ -166,9 +165,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/alerting.kubesphere.io_globalrulegroups.yaml b/config/ks-core/crds/alerting.kubesphere.io_globalrulegroups.yaml similarity index 98% rename from config/crds/alerting.kubesphere.io_globalrulegroups.yaml rename to config/ks-core/crds/alerting.kubesphere.io_globalrulegroups.yaml index 2e6f374c5..5900620e6 100644 --- a/config/crds/alerting.kubesphere.io_globalrulegroups.yaml +++ b/config/ks-core/crds/alerting.kubesphere.io_globalrulegroups.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: globalrulegroups.alerting.kubesphere.io spec: @@ -87,12 +86,12 @@ spec: cpu: description: Only one of its members may be specified. properties: + load15m: + type: number load1m: type: number load5m: type: number - load15m: - type: number utilization: type: number type: object @@ -280,9 +279,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/alerting.kubesphere.io_rulegroups.yaml b/config/ks-core/crds/alerting.kubesphere.io_rulegroups.yaml similarity index 97% rename from config/crds/alerting.kubesphere.io_rulegroups.yaml rename to config/ks-core/crds/alerting.kubesphere.io_rulegroups.yaml index ec27faf23..fe7058d7b 100644 --- a/config/crds/alerting.kubesphere.io_rulegroups.yaml +++ b/config/ks-core/crds/alerting.kubesphere.io_rulegroups.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: rulegroups.alerting.kubesphere.io spec: @@ -141,9 +140,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/ks-core/crds/app_v1beta1_application.yaml b/config/ks-core/crds/app_v1beta1_application.yaml new file mode 100644 index 000000000..47c191218 --- /dev/null +++ b/config/ks-core/crds/app_v1beta1_application.yaml @@ -0,0 +1,532 @@ +# Copyright 2020 The Kubernetes Authors. +# SPDX-License-Identifier: Apache-2.0 + +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + api-approved.kubernetes.io: https://github.com/kubernetes-sigs/application/pull/2 + controller-gen.kubebuilder.io/version: v0.4.0 + creationTimestamp: null + name: applications.app.k8s.io +spec: + group: app.k8s.io + names: + categories: + - all + kind: Application + listKind: ApplicationList + plural: applications + shortNames: + - app + singular: application + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The type of the application + jsonPath: .spec.descriptor.type + name: Type + type: string + - description: The creation date + jsonPath: .spec.descriptor.version + name: Version + type: string + - description: The application object owns the matched resources + jsonPath: .spec.addOwnerRef + name: Owner + type: boolean + - description: Numbers of components ready + jsonPath: .status.componentsReady + name: Ready + type: string + - description: The creation date + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: Application is the Schema for the applications API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ApplicationSpec defines the specification for an Application. + properties: + addOwnerRef: + description: AddOwnerRef objects - flag to indicate if we need to + add OwnerRefs to matching objects Matching is done by using Selector + to query all ComponentGroupKinds + type: boolean + assemblyPhase: + description: AssemblyPhase represents the current phase of the application's + assembly. An empty value is equivalent to "Succeeded". + type: string + componentKinds: + description: ComponentGroupKinds is a list of Kinds for Application's + components (e.g. Deployments, Pods, Services, CRDs). It can be used + in conjunction with the Application's Selector to list or watch + the Applications components. + items: + description: GroupKind specifies a Group and a Kind, but does not + force a version. This is useful for identifying concepts during + lookup stages without having partially valid types + properties: + group: + type: string + kind: + type: string + required: + - group + - kind + type: object + type: array + descriptor: + description: Descriptor regroups information and metadata about an + application. + properties: + description: + description: Description is a brief string description of the + Application. + type: string + icons: + description: Icons is an optional list of icons for an application. + Icon information includes the source, size, and mime type. + items: + description: ImageSpec contains information about an image used + as an icon. + properties: + size: + description: (optional) The size of the image in pixels + (e.g., 25x25). + type: string + src: + description: The source for image represented as either + an absolute URL to the image or a Data URL containing + the image. Data URLs are defined in RFC 2397. + type: string + type: + description: (optional) The mine type of the image (e.g., + "image/png"). + type: string + required: + - src + type: object + type: array + keywords: + description: Keywords is an optional list of key words associated + with the application (e.g. MySQL, RDBMS, database). + items: + type: string + type: array + links: + description: Links are a list of descriptive URLs intended to + be used to surface additional documentation, dashboards, etc. + items: + description: Link contains information about an URL to surface + documentation, dashboards, etc. + properties: + description: + description: Description is human readable content explaining + the purpose of the link. + type: string + url: + description: Url typically points at a website address. + type: string + type: object + type: array + maintainers: + description: Maintainers is an optional list of maintainers of + the application. The maintainers in this list maintain the the + source code, images, and package for the application. + items: + description: ContactData contains information about an individual + or organization. + properties: + email: + description: Email is the email address. + type: string + name: + description: Name is the descriptive name. + type: string + url: + description: Url could typically be a website address. + type: string + type: object + type: array + notes: + description: Notes contain a human readable snippets intended + as a quick start for the users of the Application. CommonMark + markdown syntax may be used for rich text representation. + type: string + owners: + description: Owners is an optional list of the owners of the installed + application. The owners of the application should be contacted + in the event of a planned or unplanned disruption affecting + the application. + items: + description: ContactData contains information about an individual + or organization. + properties: + email: + description: Email is the email address. + type: string + name: + description: Name is the descriptive name. + type: string + url: + description: Url could typically be a website address. + type: string + type: object + type: array + type: + description: Type is the type of the application (e.g. WordPress, + MySQL, Cassandra). + type: string + version: + description: Version is an optional version indicator for the + Application. + type: string + type: object + info: + description: Info contains human readable key,value pairs for the + Application. + items: + description: InfoItem is a human readable key,value pair containing + important information about how to access the Application. + properties: + name: + description: Name is a human readable title for this piece of + information. + type: string + type: + description: Type of the value for this InfoItem. + type: string + value: + description: Value is human readable content. + type: string + valueFrom: + description: ValueFrom defines a reference to derive the value + from another source. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + key: + description: The key to select. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + ingressRef: + description: Select an Ingress. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + host: + description: The optional host to select. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + path: + description: The optional HTTP path. + type: string + protocol: + description: Protocol for the ingress + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + secretKeyRef: + description: Selects a key of a Secret. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + key: + description: The key to select. + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + serviceRef: + description: Select a Service. + properties: + apiVersion: + description: API version of the referent. + type: string + fieldPath: + description: 'If referring to a piece of an object instead + of an entire object, this string should contain a + valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. + For example, if the object reference is to a container + within a pod, this would take on a value like: "spec.containers{name}" + (where "name" refers to the name of the container + that triggered the event) or if no container name + is specified "spec.containers[2]" (container with + index 2 in this pod). This syntax is chosen only to + have some well-defined way of referencing a part of + an object. TODO: this design is not final and this + field is subject to change in the future.' + type: string + kind: + description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + type: string + path: + description: The optional HTTP path. + type: string + port: + description: The optional port to select. + format: int32 + type: integer + protocol: + description: Protocol for the service + type: string + resourceVersion: + description: 'Specific resourceVersion to which this + reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + type: string + uid: + description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + type: string + type: object + type: + description: Type of source. + type: string + type: object + type: object + type: array + selector: + description: 'Selector is a label query over kinds that created by + the application. It must match the component objects'' labels. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + type: object + status: + description: ApplicationStatus defines controller's the observed state + of Application + properties: + components: + description: Object status array for all matching objects + items: + description: ObjectStatus is a generic status holder for objects + properties: + group: + description: Object group + type: string + kind: + description: Kind of object + type: string + link: + description: Link to object + type: string + name: + description: Name of object + type: string + status: + description: 'Status. Values: InProgress, Ready, Unknown' + type: string + type: object + type: array + componentsReady: + description: 'ComponentsReady: status of the components in the format + ready/total' + type: string + conditions: + description: Conditions represents the latest state of the object + items: + description: Condition describes the state of an object at a certain + point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + lastUpdateTime: + description: Last time the condition was probed + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of condition. + type: string + required: + - status + - type + type: object + type: array + observedGeneration: + description: ObservedGeneration is the most recent generation observed. + It corresponds to the Object's generation, which is updated on mutation + by the API Server. + format: int64 + type: integer + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/config/crds/application.kubesphere.io_helmapplications.yaml b/config/ks-core/crds/application.kubesphere.io_helmapplications.yaml similarity index 96% rename from config/crds/application.kubesphere.io_helmapplications.yaml rename to config/ks-core/crds/application.kubesphere.io_helmapplications.yaml index 5d2ab7cba..c1a938557 100644 --- a/config/crds/application.kubesphere.io_helmapplications.yaml +++ b/config/ks-core/crds/application.kubesphere.io_helmapplications.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: helmapplications.application.kubesphere.io spec: @@ -100,9 +99,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/application.kubesphere.io_helmapplicationversions.yaml b/config/ks-core/crds/application.kubesphere.io_helmapplicationversions.yaml similarity index 98% rename from config/crds/application.kubesphere.io_helmapplicationversions.yaml rename to config/ks-core/crds/application.kubesphere.io_helmapplicationversions.yaml index 53d0f25d8..77429a115 100644 --- a/config/crds/application.kubesphere.io_helmapplicationversions.yaml +++ b/config/ks-core/crds/application.kubesphere.io_helmapplicationversions.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: helmapplicationversions.application.kubesphere.io spec: @@ -220,9 +219,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/application.kubesphere.io_helmcategories.yaml b/config/ks-core/crds/application.kubesphere.io_helmcategories.yaml similarity index 94% rename from config/crds/application.kubesphere.io_helmcategories.yaml rename to config/ks-core/crds/application.kubesphere.io_helmcategories.yaml index 3389eef98..f31f2f8d3 100644 --- a/config/crds/application.kubesphere.io_helmcategories.yaml +++ b/config/ks-core/crds/application.kubesphere.io_helmcategories.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: helmcategories.application.kubesphere.io spec: @@ -72,9 +71,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/application.kubesphere.io_helmreleases.yaml b/config/ks-core/crds/application.kubesphere.io_helmreleases.yaml similarity index 97% rename from config/crds/application.kubesphere.io_helmreleases.yaml rename to config/ks-core/crds/application.kubesphere.io_helmreleases.yaml index 41db99147..768389bcc 100644 --- a/config/crds/application.kubesphere.io_helmreleases.yaml +++ b/config/ks-core/crds/application.kubesphere.io_helmreleases.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: helmreleases.application.kubesphere.io spec: @@ -147,9 +146,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/application.kubesphere.io_helmrepos.yaml b/config/ks-core/crds/application.kubesphere.io_helmrepos.yaml similarity index 97% rename from config/crds/application.kubesphere.io_helmrepos.yaml rename to config/ks-core/crds/application.kubesphere.io_helmrepos.yaml index d3d56ad9e..81b14c381 100644 --- a/config/crds/application.kubesphere.io_helmrepos.yaml +++ b/config/ks-core/crds/application.kubesphere.io_helmrepos.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: helmrepos.application.kubesphere.io spec: @@ -148,9 +147,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/cluster.kubesphere.io_clusters.yaml b/config/ks-core/crds/cluster.kubesphere.io_clusters.yaml similarity index 96% rename from config/crds/cluster.kubesphere.io_clusters.yaml rename to config/ks-core/crds/cluster.kubesphere.io_clusters.yaml index 1b21e77a8..5a26b37ed 100644 --- a/config/crds/cluster.kubesphere.io_clusters.yaml +++ b/config/ks-core/crds/cluster.kubesphere.io_clusters.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: clusters.cluster.kubesphere.io spec: @@ -90,10 +89,10 @@ spec: type: string type: description: type defines how host cluster will connect to host - cluster ConnectionTypeDirect means direct connection, this requires kubeconfig - and kubesphere apiserver endpoint provided ConnectionTypeProxy - means using kubesphere proxy, no kubeconfig or kubesphere - apiserver endpoint required + cluster ConnectionTypeDirect means direct connection, this requires + kubeconfig and kubesphere apiserver endpoint provided ConnectionTypeProxy + means using kubesphere proxy, no kubeconfig or kubesphere apiserver + endpoint required type: string type: object enable: @@ -182,9 +181,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/gateway.kubesphere.io_gateways.yaml b/config/ks-core/crds/gateway.kubesphere.io_gateways.yaml similarity index 97% rename from config/crds/gateway.kubesphere.io_gateways.yaml rename to config/ks-core/crds/gateway.kubesphere.io_gateways.yaml index 1c47bf297..976dee463 100644 --- a/config/crds/gateway.kubesphere.io_gateways.yaml +++ b/config/ks-core/crds/gateway.kubesphere.io_gateways.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: gateways.gateway.kubesphere.io spec: @@ -122,9 +121,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_federatedrolebindings.yaml b/config/ks-core/crds/iam.kubesphere.io_federatedrolebindings.yaml similarity index 96% rename from config/crds/iam.kubesphere.io_federatedrolebindings.yaml rename to config/ks-core/crds/iam.kubesphere.io_federatedrolebindings.yaml index 558db2351..6a3e96f05 100644 --- a/config/crds/iam.kubesphere.io_federatedrolebindings.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_federatedrolebindings.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: federatedrolebindings.iam.kubesphere.io spec: @@ -76,6 +75,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic subjects: items: description: Subject contains a reference to the object or user @@ -107,6 +107,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic type: array required: - roleRef @@ -120,9 +121,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_federatedroles.yaml b/config/ks-core/crds/iam.kubesphere.io_federatedroles.yaml similarity index 97% rename from config/crds/iam.kubesphere.io_federatedroles.yaml rename to config/ks-core/crds/iam.kubesphere.io_federatedroles.yaml index 1f14c67a8..c623e12f9 100644 --- a/config/crds/iam.kubesphere.io_federatedroles.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_federatedroles.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: federatedroles.iam.kubesphere.io spec: @@ -118,9 +117,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_federatedusers.yaml b/config/ks-core/crds/iam.kubesphere.io_federatedusers.yaml similarity index 97% rename from config/crds/iam.kubesphere.io_federatedusers.yaml rename to config/ks-core/crds/iam.kubesphere.io_federatedusers.yaml index ea0286c4b..378ebb22a 100644 --- a/config/crds/iam.kubesphere.io_federatedusers.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_federatedusers.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: federatedusers.iam.kubesphere.io spec: @@ -131,9 +130,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_globalrolebindings.yaml b/config/ks-core/crds/iam.kubesphere.io_globalrolebindings.yaml similarity index 96% rename from config/crds/iam.kubesphere.io_globalrolebindings.yaml rename to config/ks-core/crds/iam.kubesphere.io_globalrolebindings.yaml index 69e78b972..6ec33df79 100644 --- a/config/crds/iam.kubesphere.io_globalrolebindings.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_globalrolebindings.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: globalrolebindings.iam.kubesphere.io spec: @@ -53,6 +52,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic subjects: description: Subjects holds references to the objects the role applies to. @@ -84,15 +84,10 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic type: array required: - roleRef type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_globalroles.yaml b/config/ks-core/crds/iam.kubesphere.io_globalroles.yaml similarity index 96% rename from config/crds/iam.kubesphere.io_globalroles.yaml rename to config/ks-core/crds/iam.kubesphere.io_globalroles.yaml index ab326d732..cb653a2b4 100644 --- a/config/crds/iam.kubesphere.io_globalroles.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_globalroles.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: globalroles.iam.kubesphere.io spec: @@ -86,9 +85,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_groupbindings.yaml b/config/ks-core/crds/iam.kubesphere.io_groupbindings.yaml similarity index 93% rename from config/crds/iam.kubesphere.io_groupbindings.yaml rename to config/ks-core/crds/iam.kubesphere.io_groupbindings.yaml index 1a5207f5c..90c01f7db 100644 --- a/config/crds/iam.kubesphere.io_groupbindings.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_groupbindings.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: groupbindings.iam.kubesphere.io spec: @@ -60,9 +59,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_groups.yaml b/config/ks-core/crds/iam.kubesphere.io_groups.yaml similarity index 92% rename from config/crds/iam.kubesphere.io_groups.yaml rename to config/ks-core/crds/iam.kubesphere.io_groups.yaml index b28148c3c..32f15b897 100644 --- a/config/crds/iam.kubesphere.io_groups.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_groups.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: groups.iam.kubesphere.io spec: @@ -49,9 +48,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_loginrecords.yaml b/config/ks-core/crds/iam.kubesphere.io_loginrecords.yaml similarity index 95% rename from config/crds/iam.kubesphere.io_loginrecords.yaml rename to config/ks-core/crds/iam.kubesphere.io_loginrecords.yaml index f2b4a4a47..76cad7449 100644 --- a/config/crds/iam.kubesphere.io_loginrecords.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_loginrecords.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: loginrecords.iam.kubesphere.io spec: @@ -86,9 +85,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_rolebases.yaml b/config/ks-core/crds/iam.kubesphere.io_rolebases.yaml similarity index 91% rename from config/crds/iam.kubesphere.io_rolebases.yaml rename to config/ks-core/crds/iam.kubesphere.io_rolebases.yaml index 13c071f72..140d33555 100644 --- a/config/crds/iam.kubesphere.io_rolebases.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_rolebases.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: rolebases.iam.kubesphere.io spec: @@ -43,9 +42,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_users.yaml b/config/ks-core/crds/iam.kubesphere.io_users.yaml similarity index 97% rename from config/crds/iam.kubesphere.io_users.yaml rename to config/ks-core/crds/iam.kubesphere.io_users.yaml index d4c254292..03074c6bf 100644 --- a/config/crds/iam.kubesphere.io_users.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_users.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: users.iam.kubesphere.io spec: @@ -107,9 +106,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_workspacerolebindings.yaml b/config/ks-core/crds/iam.kubesphere.io_workspacerolebindings.yaml similarity index 96% rename from config/crds/iam.kubesphere.io_workspacerolebindings.yaml rename to config/ks-core/crds/iam.kubesphere.io_workspacerolebindings.yaml index 637ec8b3c..5660dc5ab 100644 --- a/config/crds/iam.kubesphere.io_workspacerolebindings.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_workspacerolebindings.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: workspacerolebindings.iam.kubesphere.io spec: @@ -58,6 +57,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic subjects: description: Subjects holds references to the objects the role applies to. @@ -89,6 +89,7 @@ spec: - kind - name type: object + x-kubernetes-map-type: atomic type: array required: - roleRef @@ -96,9 +97,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/iam.kubesphere.io_workspaceroles.yaml b/config/ks-core/crds/iam.kubesphere.io_workspaceroles.yaml similarity index 96% rename from config/crds/iam.kubesphere.io_workspaceroles.yaml rename to config/ks-core/crds/iam.kubesphere.io_workspaceroles.yaml index 93def5db0..9c187f34f 100644 --- a/config/crds/iam.kubesphere.io_workspaceroles.yaml +++ b/config/ks-core/crds/iam.kubesphere.io_workspaceroles.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: workspaceroles.iam.kubesphere.io spec: @@ -94,9 +93,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/network.kubesphere.io_ipamblocks.yaml b/config/ks-core/crds/network.kubesphere.io_ipamblocks.yaml similarity index 94% rename from config/crds/network.kubesphere.io_ipamblocks.yaml rename to config/ks-core/crds/network.kubesphere.io_ipamblocks.yaml index bbe0d29e7..4fe215c59 100644 --- a/config/crds/network.kubesphere.io_ipamblocks.yaml +++ b/config/ks-core/crds/network.kubesphere.io_ipamblocks.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: ipamblocks.network.kubesphere.io spec: @@ -72,9 +71,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/network.kubesphere.io_ipamhandles.yaml b/config/ks-core/crds/network.kubesphere.io_ipamhandles.yaml similarity index 92% rename from config/crds/network.kubesphere.io_ipamhandles.yaml rename to config/ks-core/crds/network.kubesphere.io_ipamhandles.yaml index 1e509227e..a343493d2 100644 --- a/config/crds/network.kubesphere.io_ipamhandles.yaml +++ b/config/ks-core/crds/network.kubesphere.io_ipamhandles.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: ipamhandles.network.kubesphere.io spec: @@ -51,9 +50,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/network.kubesphere.io_ippools.yaml b/config/ks-core/crds/network.kubesphere.io_ippools.yaml similarity index 96% rename from config/crds/network.kubesphere.io_ippools.yaml rename to config/ks-core/crds/network.kubesphere.io_ippools.yaml index ca24b12a8..31f177cda 100644 --- a/config/crds/network.kubesphere.io_ippools.yaml +++ b/config/ks-core/crds/network.kubesphere.io_ippools.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: ippools.network.kubesphere.io spec: @@ -128,9 +127,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml b/config/ks-core/crds/network.kubesphere.io_namespacenetworkpolicies.yaml similarity index 99% rename from config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml rename to config/ks-core/crds/network.kubesphere.io_namespacenetworkpolicies.yaml index ffcee646b..29f35d273 100644 --- a/config/crds/network.kubesphere.io_namespacenetworkpolicies.yaml +++ b/config/ks-core/crds/network.kubesphere.io_namespacenetworkpolicies.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: namespacenetworkpolicies.network.kubesphere.io spec: @@ -276,9 +275,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/quota.kubesphere.io_resourcequotas.yaml b/config/ks-core/crds/quota.kubesphere.io_resourcequotas.yaml similarity index 98% rename from config/crds/quota.kubesphere.io_resourcequotas.yaml rename to config/ks-core/crds/quota.kubesphere.io_resourcequotas.yaml index 42c4a6c13..9e5876eca 100644 --- a/config/crds/quota.kubesphere.io_resourcequotas.yaml +++ b/config/ks-core/crds/quota.kubesphere.io_resourcequotas.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: resourcequotas.quota.kubesphere.io spec: @@ -91,6 +90,7 @@ spec: type: object type: array type: object + x-kubernetes-map-type: atomic scopes: description: A collection of filters that must match each object tracked by a quota. If not specified, the quota matches all @@ -183,9 +183,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/ks-core/crds/servicemesh.kubesphere.io_servicepolicies.yaml b/config/ks-core/crds/servicemesh.kubesphere.io_servicepolicies.yaml new file mode 100644 index 000000000..b0cc5afb1 --- /dev/null +++ b/config/ks-core/crds/servicemesh.kubesphere.io_servicepolicies.yaml @@ -0,0 +1,2200 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (unknown) + creationTimestamp: null + name: servicepolicies.servicemesh.kubesphere.io +spec: + group: servicemesh.kubesphere.io + names: + kind: ServicePolicy + listKind: ServicePolicyList + plural: servicepolicies + singular: servicepolicy + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + description: ServicePolicy is the Schema for the servicepolicies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ServicePolicySpec defines the desired state of ServicePolicy + properties: + selector: + description: Label selector for destination rules. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + template: + description: Template used to create a destination rule + properties: + metadata: + description: Metadata of the virtual services created from this + template + type: object + spec: + description: Spec indicates the behavior of a destination rule. + properties: + export_to: + description: "A list of namespaces to which this destination + rule is exported. The resolution of a destination rule to + apply to a service occurs in the context of a hierarchy + of namespaces. Exporting a destination rule allows it to + be included in the resolution hierarchy for services in + other namespaces. This feature provides a mechanism for + service owners and mesh administrators to control the visibility + of destination rules across namespace boundaries. \n If + no namespaces are specified then the destination rule is + exported to all namespaces by default. \n The value \".\" + is reserved and defines an export to the same namespace + that the destination rule is declared in. Similarly, the + value \"*\" is reserved and defines an export to all namespaces. + \n NOTE: in the current release, the `exportTo` value is + restricted to \".\" or \"*\" (i.e., the current namespace + or all namespaces)." + items: + type: string + type: array + host: + description: "The name of a service from the service registry. + Service names are looked up from the platform's service + registry (e.g., Kubernetes services, Consul services, etc.) + and from the hosts declared by [ServiceEntries](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Rules defined for services that do not exist in the service + registry will be ignored. \n *Note for Kubernetes users*: + When short names are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based on the namespace + of the rule, not the service. A rule in the \"default\" + namespace containing a host \"reviews\" will be interpreted + as \"reviews.default.svc.cluster.local\", irrespective of + the actual namespace associated with the reviews service. + _To avoid potential misconfigurations, it is recommended + to always use fully qualified domain names over short names._ + \n Note that the host field applies to both HTTP and TCP + services." + type: string + subsets: + description: One or more named sets that represent individual + versions of a service. Traffic policies can be overridden + at subset level. + items: + description: "A subset of endpoints of a service. Subsets + can be used for scenarios like A/B testing, or routing + to a specific version of a service. Refer to [VirtualService](https://istio.io/docs/reference/config/networking/virtual-service/#VirtualService) + documentation for examples of using subsets in these scenarios. + In addition, traffic policies defined at the service-level + can be overridden at a subset-level. The following rule + uses a round robin load balancing policy for all traffic + going to a subset named testversion that is composed of + endpoints (e.g., pods) with labels (version:v3). \n {{}} {{}} ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: DestinationRule metadata: name: bookinfo-ratings + spec: host: ratings.prod.svc.cluster.local trafficPolicy: + loadBalancer: simple: LEAST_CONN subsets: - name: testversion + labels: version: v3 trafficPolicy: loadBalancer: simple: + ROUND_ROBIN ``` {{}} \n {{}} ```yaml apiVersion: networking.istio.io/v1beta1 + kind: DestinationRule metadata: name: bookinfo-ratings + spec: host: ratings.prod.svc.cluster.local trafficPolicy: + loadBalancer: simple: LEAST_CONN subsets: - name: testversion + labels: version: v3 trafficPolicy: loadBalancer: simple: + ROUND_ROBIN ``` {{}} {{}} \n **Note:** + Policies specified for subsets will not take effect until + a route rule explicitly sends traffic to this subset. + \n One or more labels are typically required to identify + the subset destination, however, when the corresponding + DestinationRule represents a host that supports multiple + SNI hosts (e.g., an egress gateway), a subset without + labels may be meaningful. In this case a traffic policy + with [ClientTLSSettings](#ClientTLSSettings) can be used + to identify a specific SNI host corresponding to the named + subset." + properties: + labels: + additionalProperties: + type: string + description: Labels apply a filter over the endpoints + of a service in the service registry. See route rules + for examples of usage. + type: object + name: + description: Name of the subset. The service name and + the subset name can be used for traffic splitting + in a route rule. + type: string + traffic_policy: + description: Traffic policies that apply to this subset. + Subsets inherit the traffic policies specified at + the DestinationRule level. Settings specified at the + subset level will override the corresponding settings + specified at the DestinationRule level. + properties: + connection_pool: + description: Settings controlling the volume of + connections to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection + should be upgraded to http2 for the associated + destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending HTTP + requests to a destination. Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests + to a backend. Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream + connection pool connections. The idle + timeout is defined as the period in which + there are no active requests. If not set, + the default is 1 hour. When the idle timeout + is reached the connection will be closed. + Note that request based timeouts mean + that HTTP/2 PINGs will not keep the connection + alive. Applies to both HTTP1.1 and HTTP2 + connections. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` + field and a positive or negative `nanos` + field. For durations of one second + or more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests + per connection to a backend. Setting this + parameter to 1 disables keep alive. Default + 0, meaning "unlimited", up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries that + can be outstanding to all hosts in a cluster + at a given time. Defaults to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP and + TCP upstream connections. + properties: + connect_timeout: + description: 'TCP connection timeout. format: + 1h/1m/1s/1ms. MUST BE >=1ms. Default is + 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` + field and a positive or negative `nanos` + field. For durations of one second + or more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 /TCP + connections to a destination host. Default + 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. Default is to use + the OS level configuration (unless + overridden, Linux defaults to 75s.) + properties: + nanos: + description: Signed fractions of + a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and a + positive or negative `nanos` field. + For durations of one second or + more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive + probes to send without response before + deciding the connection is dead. Default + is to use the OS level configuration + (unless overridden, Linux defaults + to 9.) + format: int32 + type: integer + time: + description: The time duration a connection + needs to be idle before keep-alive + probes start being sent. Default is + to use the OS level configuration + (unless overridden, Linux defaults + to 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions of + a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and a + positive or negative `nanos` field. + For durations of one second or + more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer + algorithms. + properties: + locality_lb_setting: + description: Locality load balancer settings, + this will override mesh wide settings in entirety, + meaning no merging would be performed between + this object and the object one in MeshConfig + properties: + distribute: + description: 'Optional: only one of distribute + or failover can be set. Explicitly specify + loadbalancing weight across different + zones and geographical locations. Refer + to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) + If empty, the locality weight is set according + to the endpoints number within it.' + items: + description: 'Describes how traffic originating + in the ''from'' zone or sub-zone is + distributed over a set of ''to'' zones. + Syntax for specifying a zone is {region}/{zone}/{sub-zone} + and terminal wildcards are allowed on + any segment of the specification. Examples: + * - matches all localities us-west/* + - all zones and sub-zones within the + us-west region us-west/zone-1/* - all + sub-zones within us-west/zone-1' + properties: + from: + description: Originating locality, + '/' separated, e.g. 'region/zone/sub_zone'. + type: string + to: + additionalProperties: + format: int32 + type: integer + description: Map of upstream localities + to traffic distribution weights. + The sum of all weights should be + == 100. Any locality not assigned + a weight will receive no traffic. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, + this is DestinationRule-level and will + override mesh wide settings in entirety. + e.g. true means that turn on locality + load balancing for this DestinationRule + no matter what mesh wide settings is. + properties: + value: + description: The bool value. + type: boolean + type: object + failover: + description: 'Optional: only failover or + distribute can be set. Explicitly specify + the region traffic will land on when endpoints + in local region becomes unhealthy. Should + be used together with OutlierDetection + to detect unhealthy endpoints. Note: if + no OutlierDetection specified, this will + not take effect.' + items: + description: Specify the traffic failover + policy across regions. Since zone and + sub-zone failover is supported by default + this only needs to be specified for + regions when the operator needs to constrain + traffic failover so that the default + behavior of failing over to any endpoint + globally does not apply. This is useful + when failing over traffic across regions + would not improve service health or + may need to be restricted for other + reasons like regulatory controls. + properties: + from: + description: Originating region. + type: string + to: + description: Destination region the + traffic will fail over to when endpoints + in the 'from' region becomes unhealthy. + type: string + type: object + type: array + type: object + type: object + outlier_detection: + description: Settings controlling eviction of unhealthy + hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. A host + will remain ejected for a period equal to + the product of minimum ejection duration and + the number of times the host has been ejected. + This technique allows the system to automatically + increase the ejection period for unhealthy + upstream servers. format: 1h/1m/1s/1ms. MUST + BE >=1ms. Default is 30s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. + For durations of one second or more, a + non-zero value for the `nanos` field must + be of the same sign as the `seconds` field. + Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * + 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + consecutive_5xx_errors: + description: "Number of 5xx errors before a + host is ejected from the connection pool. + When the upstream host is accessed over an + opaque TCP connection, connect timeouts, connection + error/failure and request failure events qualify + as a 5xx error. This feature defaults to 5 + but can be disabled by setting the value to + 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used separately + or together. Because the errors counted by + consecutive_gateway_errors are also included + in consecutive_5xx_errors, if the value of + consecutive_gateway_errors is greater than + or equal to the value of consecutive_5xx_errors, + consecutive_gateway_errors will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host + is ejected from the connection pool. Defaults + to 5. When the upstream host is accessed over + HTTP, a 502, 503, or 504 return code qualifies + as an error. When the upstream host is accessed + over an opaque TCP connection, connect timeouts + and connection error/failure events qualify + as an error. $hide_from_docs + format: int32 + type: integer + consecutive_gateway_errors: + description: "Number of gateway errors before + a host is ejected from the connection pool. + When the upstream host is accessed over HTTP, + a 502, 503, or 504 return code qualifies as + a gateway error. When the upstream host is + accessed over an opaque TCP connection, connect + timeouts and connection error/failure events + qualify as a gateway error. This feature is + disabled by default or when set to the value + 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used separately + or together. Because the errors counted by + consecutive_gateway_errors are also included + in consecutive_5xx_errors, if the value of + consecutive_gateway_errors is greater than + or equal to the value of consecutive_5xx_errors, + consecutive_gateway_errors will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + interval: + description: 'Time interval between ejection + sweep analysis. format: 1h/1m/1s/1ms. MUST + BE >=1ms. Default is 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. + For durations of one second or more, a + non-zero value for the `nanos` field must + be of the same sign as the `seconds` field. + Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * + 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load + balancing pool for the upstream service that + can be ejected. Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled + as long as the associated load balancing pool + has at least min_health_percent hosts in healthy + mode. When the percentage of healthy hosts + in the load balancing pool drops below this + threshold, outlier detection will be disabled + and the proxy will load balance across all + hosts in the pool (healthy and unhealthy). + The threshold can be disabled by setting it + to 0%. The default is 0% as it's not typically + applicable in k8s environments with few pods + per service. + format: int32 + type: integer + type: object + port_level_settings: + description: Traffic policies specific to individual + ports. Note that port level settings will override + the destination-level settings. Traffic settings + specified at the destination-level will not be + inherited when overridden by port-level settings, + i.e. default values will be applied to fields + omitted in port-level traffic policies. + items: + description: Traffic policies that apply to specific + ports of the service + properties: + connection_pool: + description: Settings controlling the volume + of connections to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection + should be upgraded to http2 for + the associated destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending + HTTP requests to a destination. + Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests + to a backend. Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for + upstream connection pool connections. + The idle timeout is defined as the + period in which there are no active + requests. If not set, the default + is 1 hour. When the idle timeout + is reached the connection will be + closed. Note that request based + timeouts mean that HTTP/2 PINGs + will not keep the connection alive. + Applies to both HTTP1.1 and HTTP2 + connections. + properties: + nanos: + description: Signed fractions + of a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and + a positive or negative `nanos` + field. For durations of one + second or more, a non-zero value + for the `nanos` field must be + of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests + per connection to a backend. Setting + this parameter to 1 disables keep + alive. Default 0, meaning "unlimited", + up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries + that can be outstanding to all hosts + in a cluster at a given time. Defaults + to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP + and TCP upstream connections. + properties: + connect_timeout: + description: 'TCP connection timeout. + format: 1h/1m/1s/1ms. MUST BE >=1ms. + Default is 10s.' + properties: + nanos: + description: Signed fractions + of a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and + a positive or negative `nanos` + field. For durations of one + second or more, a non-zero value + for the `nanos` field must be + of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 + /TCP connections to a destination + host. Default 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration + between keep-alive probes. Default + is to use the OS level configuration + (unless overridden, Linux defaults + to 75s.) + properties: + nanos: + description: Signed fractions + of a second at nanosecond + resolution of the span of + time. Durations less than + one second are represented + with a 0 `seconds` field + and a positive or negative + `nanos` field. For durations + of one second or more, a + non-zero value for the `nanos` + field must be of the same + sign as the `seconds` field. + Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds + of the span of time. Must + be from -315,576,000,000 + to +315,576,000,000 inclusive. + Note: these bounds are computed + from: 60 sec/min * 60 min/hr + * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of + keepalive probes to send without + response before deciding the + connection is dead. Default + is to use the OS level configuration + (unless overridden, Linux defaults + to 9.) + format: int32 + type: integer + time: + description: The time duration + a connection needs to be idle + before keep-alive probes start + being sent. Default is to use + the OS level configuration (unless + overridden, Linux defaults to + 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions + of a second at nanosecond + resolution of the span of + time. Durations less than + one second are represented + with a 0 `seconds` field + and a positive or negative + `nanos` field. For durations + of one second or more, a + non-zero value for the `nanos` + field must be of the same + sign as the `seconds` field. + Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds + of the span of time. Must + be from -315,576,000,000 + to +315,576,000,000 inclusive. + Note: these bounds are computed + from: 60 sec/min * 60 min/hr + * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load + balancer algorithms. + properties: + locality_lb_setting: + description: Locality load balancer settings, + this will override mesh wide settings + in entirety, meaning no merging would + be performed between this object and + the object one in MeshConfig + properties: + distribute: + description: 'Optional: only one of + distribute or failover can be set. + Explicitly specify loadbalancing + weight across different zones and + geographical locations. Refer to + [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) + If empty, the locality weight is + set according to the endpoints number + within it.' + items: + description: 'Describes how traffic + originating in the ''from'' zone + or sub-zone is distributed over + a set of ''to'' zones. Syntax + for specifying a zone is {region}/{zone}/{sub-zone} + and terminal wildcards are allowed + on any segment of the specification. + Examples: * - matches all localities + us-west/* - all zones and sub-zones + within the us-west region us-west/zone-1/* + - all sub-zones within us-west/zone-1' + properties: + from: + description: Originating locality, + '/' separated, e.g. 'region/zone/sub_zone'. + type: string + to: + additionalProperties: + format: int32 + type: integer + description: Map of upstream + localities to traffic distribution + weights. The sum of all weights + should be == 100. Any locality + not assigned a weight will + receive no traffic. + type: object + type: object + type: array + enabled: + description: enable locality load + balancing, this is DestinationRule-level + and will override mesh wide settings + in entirety. e.g. true means that + turn on locality load balancing + for this DestinationRule no matter + what mesh wide settings is. + properties: + value: + description: The bool value. + type: boolean + type: object + failover: + description: 'Optional: only failover + or distribute can be set. Explicitly + specify the region traffic will + land on when endpoints in local + region becomes unhealthy. Should + be used together with OutlierDetection + to detect unhealthy endpoints. Note: + if no OutlierDetection specified, + this will not take effect.' + items: + description: Specify the traffic + failover policy across regions. + Since zone and sub-zone failover + is supported by default this only + needs to be specified for regions + when the operator needs to constrain + traffic failover so that the default + behavior of failing over to any + endpoint globally does not apply. + This is useful when failing over + traffic across regions would not + improve service health or may + need to be restricted for other + reasons like regulatory controls. + properties: + from: + description: Originating region. + type: string + to: + description: Destination region + the traffic will fail over + to when endpoints in the 'from' + region becomes unhealthy. + type: string + type: object + type: array + type: object + type: object + outlier_detection: + description: Settings controlling eviction + of unhealthy hosts from the load balancing + pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. + A host will remain ejected for a period + equal to the product of minimum ejection + duration and the number of times the + host has been ejected. This technique + allows the system to automatically increase + the ejection period for unhealthy upstream + servers. format: 1h/1m/1s/1ms. MUST + BE >=1ms. Default is 30s.' + properties: + nanos: + description: Signed fractions of a + second at nanosecond resolution + of the span of time. Durations less + than one second are represented + with a 0 `seconds` field and a positive + or negative `nanos` field. For durations + of one second or more, a non-zero + value for the `nanos` field must + be of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + consecutive_5xx_errors: + description: "Number of 5xx errors before + a host is ejected from the connection + pool. When the upstream host is accessed + over an opaque TCP connection, connect + timeouts, connection error/failure and + request failure events qualify as a + 5xx error. This feature defaults to + 5 but can be disabled by setting the + value to 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used + separately or together. Because the + errors counted by consecutive_gateway_errors + are also included in consecutive_5xx_errors, + if the value of consecutive_gateway_errors + is greater than or equal to the value + of consecutive_5xx_errors, consecutive_gateway_errors + will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + consecutive_errors: + description: Number of errors before a + host is ejected from the connection + pool. Defaults to 5. When the upstream + host is accessed over HTTP, a 502, 503, + or 504 return code qualifies as an error. + When the upstream host is accessed over + an opaque TCP connection, connect timeouts + and connection error/failure events + qualify as an error. $hide_from_docs + format: int32 + type: integer + consecutive_gateway_errors: + description: "Number of gateway errors + before a host is ejected from the connection + pool. When the upstream host is accessed + over HTTP, a 502, 503, or 504 return + code qualifies as a gateway error. When + the upstream host is accessed over an + opaque TCP connection, connect timeouts + and connection error/failure events + qualify as a gateway error. This feature + is disabled by default or when set to + the value 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used + separately or together. Because the + errors counted by consecutive_gateway_errors + are also included in consecutive_5xx_errors, + if the value of consecutive_gateway_errors + is greater than or equal to the value + of consecutive_5xx_errors, consecutive_gateway_errors + will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + interval: + description: 'Time interval between ejection + sweep analysis. format: 1h/1m/1s/1ms. + MUST BE >=1ms. Default is 10s.' + properties: + nanos: + description: Signed fractions of a + second at nanosecond resolution + of the span of time. Durations less + than one second are represented + with a 0 `seconds` field and a positive + or negative `nanos` field. For durations + of one second or more, a non-zero + value for the `nanos` field must + be of the same sign as the `seconds` + field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the + load balancing pool for the upstream + service that can be ejected. Defaults + to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be + enabled as long as the associated load + balancing pool has at least min_health_percent + hosts in healthy mode. When the percentage + of healthy hosts in the load balancing + pool drops below this threshold, outlier + detection will be disabled and the proxy + will load balance across all hosts in + the pool (healthy and unhealthy). The + threshold can be disabled by setting + it to 0%. The default is 0% as it's + not typically applicable in k8s environments + with few pods per service. + format: int32 + type: integer + type: object + port: + description: Specifies the number of a port + on the destination service on which this + policy is being applied. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + tls: + description: TLS related settings for connections + to the upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the + file containing certificate authority + certificates to use in verifying a presented + server certificate. If omitted, the + proxy will not verify the server''s + certificate. Should be empty if mode + is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. + The path to the file holding the client-side + TLS certificate to use. Should be empty + if mode is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections + to this port should be secured using + TLS. The value of this field determines + how TLS is enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. + The path to the file holding the client's + private key. Should be empty if mode + is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to + the server during TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names + to verify the subject identity in the + certificate. If specified, the proxy + will verify that the server certificate's + subject alt name matches one of the + specified values. If specified, this + list overrides the value of subject_alt_names + from the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections + to the upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the file + containing certificate authority certificates + to use in verifying a presented server certificate. + If omitted, the proxy will not verify the + server''s certificate. Should be empty if + mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client-side TLS + certificate to use. Should be empty if mode + is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections to + this port should be secured using TLS. The + value of this field determines how TLS is + enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client's private + key. Should be empty if mode is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to verify + the subject identity in the certificate. If + specified, the proxy will verify that the + server certificate's subject alt name matches + one of the specified values. If specified, + this list overrides the value of subject_alt_names + from the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: object + type: array + traffic_policy: + description: Traffic policies to apply (load balancing policy, + connection pool sizes, outlier detection). + properties: + connection_pool: + description: Settings controlling the volume of connections + to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection should + be upgraded to http2 for the associated destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending HTTP requests + to a destination. Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests to a backend. + Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream connection + pool connections. The idle timeout is defined + as the period in which there are no active requests. + If not set, the default is 1 hour. When the + idle timeout is reached the connection will + be closed. Note that request based timeouts + mean that HTTP/2 PINGs will not keep the connection + alive. Applies to both HTTP1.1 and HTTP2 connections. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. For + durations of one second or more, a non-zero + value for the `nanos` field must be of the + same sign as the `seconds` field. Must be + from -999,999,999 to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests per connection + to a backend. Setting this parameter to 1 disables + keep alive. Default 0, meaning "unlimited", + up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries that can + be outstanding to all hosts in a cluster at + a given time. Defaults to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP and TCP + upstream connections. + properties: + connect_timeout: + description: 'TCP connection timeout. format: + 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. For + durations of one second or more, a non-zero + value for the `nanos` field must be of the + same sign as the `seconds` field. Must be + from -999,999,999 to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day + * 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 /TCP connections + to a destination host. Default 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE on the + socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between keep-alive + probes. Default is to use the OS level configuration + (unless overridden, Linux defaults to 75s.) + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` field + and a positive or negative `nanos` field. + For durations of one second or more, + a non-zero value for the `nanos` field + must be of the same sign as the `seconds` + field. Must be from -999,999,999 to + +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive probes + to send without response before deciding + the connection is dead. Default is to use + the OS level configuration (unless overridden, + Linux defaults to 9.) + format: int32 + type: integer + time: + description: The time duration a connection + needs to be idle before keep-alive probes + start being sent. Default is to use the + OS level configuration (unless overridden, + Linux defaults to 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` field + and a positive or negative `nanos` field. + For durations of one second or more, + a non-zero value for the `nanos` field + must be of the same sign as the `seconds` + field. Must be from -999,999,999 to + +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer algorithms. + properties: + locality_lb_setting: + description: Locality load balancer settings, this + will override mesh wide settings in entirety, meaning + no merging would be performed between this object + and the object one in MeshConfig + properties: + distribute: + description: 'Optional: only one of distribute + or failover can be set. Explicitly specify loadbalancing + weight across different zones and geographical + locations. Refer to [Locality weighted load + balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) + If empty, the locality weight is set according + to the endpoints number within it.' + items: + description: 'Describes how traffic originating + in the ''from'' zone or sub-zone is distributed + over a set of ''to'' zones. Syntax for specifying + a zone is {region}/{zone}/{sub-zone} and terminal + wildcards are allowed on any segment of the + specification. Examples: * - matches all localities + us-west/* - all zones and sub-zones within + the us-west region us-west/zone-1/* - all + sub-zones within us-west/zone-1' + properties: + from: + description: Originating locality, '/' separated, + e.g. 'region/zone/sub_zone'. + type: string + to: + additionalProperties: + format: int32 + type: integer + description: Map of upstream localities + to traffic distribution weights. The sum + of all weights should be == 100. Any locality + not assigned a weight will receive no + traffic. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, this + is DestinationRule-level and will override mesh + wide settings in entirety. e.g. true means that + turn on locality load balancing for this DestinationRule + no matter what mesh wide settings is. + properties: + value: + description: The bool value. + type: boolean + type: object + failover: + description: 'Optional: only failover or distribute + can be set. Explicitly specify the region traffic + will land on when endpoints in local region + becomes unhealthy. Should be used together with + OutlierDetection to detect unhealthy endpoints. + Note: if no OutlierDetection specified, this + will not take effect.' + items: + description: Specify the traffic failover policy + across regions. Since zone and sub-zone failover + is supported by default this only needs to + be specified for regions when the operator + needs to constrain traffic failover so that + the default behavior of failing over to any + endpoint globally does not apply. This is + useful when failing over traffic across regions + would not improve service health or may need + to be restricted for other reasons like regulatory + controls. + properties: + from: + description: Originating region. + type: string + to: + description: Destination region the traffic + will fail over to when endpoints in the + 'from' region becomes unhealthy. + type: string + type: object + type: array + type: object + type: object + outlier_detection: + description: Settings controlling eviction of unhealthy + hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. A host will + remain ejected for a period equal to the product + of minimum ejection duration and the number of times + the host has been ejected. This technique allows + the system to automatically increase the ejection + period for unhealthy upstream servers. format: 1h/1m/1s/1ms. + MUST BE >=1ms. Default is 30s.' + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + consecutive_5xx_errors: + description: "Number of 5xx errors before a host is + ejected from the connection pool. When the upstream + host is accessed over an opaque TCP connection, + connect timeouts, connection error/failure and request + failure events qualify as a 5xx error. This feature + defaults to 5 but can be disabled by setting the + value to 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used separately + or together. Because the errors counted by consecutive_gateway_errors + are also included in consecutive_5xx_errors, if + the value of consecutive_gateway_errors is greater + than or equal to the value of consecutive_5xx_errors, + consecutive_gateway_errors will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host is ejected + from the connection pool. Defaults to 5. When the + upstream host is accessed over HTTP, a 502, 503, + or 504 return code qualifies as an error. When the + upstream host is accessed over an opaque TCP connection, + connect timeouts and connection error/failure events + qualify as an error. $hide_from_docs + format: int32 + type: integer + consecutive_gateway_errors: + description: "Number of gateway errors before a host + is ejected from the connection pool. When the upstream + host is accessed over HTTP, a 502, 503, or 504 return + code qualifies as a gateway error. When the upstream + host is accessed over an opaque TCP connection, + connect timeouts and connection error/failure events + qualify as a gateway error. This feature is disabled + by default or when set to the value 0. \n Note that + consecutive_gateway_errors and consecutive_5xx_errors + can be used separately or together. Because the + errors counted by consecutive_gateway_errors are + also included in consecutive_5xx_errors, if the + value of consecutive_gateway_errors is greater than + or equal to the value of consecutive_5xx_errors, + consecutive_gateway_errors will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + interval: + description: 'Time interval between ejection sweep + analysis. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default + is 10s.' + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load balancing + pool for the upstream service that can be ejected. + Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled as + long as the associated load balancing pool has at + least min_health_percent hosts in healthy mode. + When the percentage of healthy hosts in the load + balancing pool drops below this threshold, outlier + detection will be disabled and the proxy will load + balance across all hosts in the pool (healthy and + unhealthy). The threshold can be disabled by setting + it to 0%. The default is 0% as it's not typically + applicable in k8s environments with few pods per + service. + format: int32 + type: integer + type: object + port_level_settings: + description: Traffic policies specific to individual ports. + Note that port level settings will override the destination-level + settings. Traffic settings specified at the destination-level + will not be inherited when overridden by port-level + settings, i.e. default values will be applied to fields + omitted in port-level traffic policies. + items: + description: Traffic policies that apply to specific + ports of the service + properties: + connection_pool: + description: Settings controlling the volume of + connections to an upstream service + properties: + http: + description: HTTP connection pool settings. + properties: + h2_upgrade_policy: + description: Specify if http1.1 connection + should be upgraded to http2 for the associated + destination. + format: int32 + type: integer + http1_max_pending_requests: + description: Maximum number of pending HTTP + requests to a destination. Default 2^32-1. + format: int32 + type: integer + http2_max_requests: + description: Maximum number of requests + to a backend. Default 2^32-1. + format: int32 + type: integer + idle_timeout: + description: The idle timeout for upstream + connection pool connections. The idle + timeout is defined as the period in which + there are no active requests. If not set, + the default is 1 hour. When the idle timeout + is reached the connection will be closed. + Note that request based timeouts mean + that HTTP/2 PINGs will not keep the connection + alive. Applies to both HTTP1.1 and HTTP2 + connections. + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` + field and a positive or negative `nanos` + field. For durations of one second + or more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_requests_per_connection: + description: Maximum number of requests + per connection to a backend. Setting this + parameter to 1 disables keep alive. Default + 0, meaning "unlimited", up to 2^29. + format: int32 + type: integer + max_retries: + description: Maximum number of retries that + can be outstanding to all hosts in a cluster + at a given time. Defaults to 2^32-1. + format: int32 + type: integer + type: object + tcp: + description: Settings common to both HTTP and + TCP upstream connections. + properties: + connect_timeout: + description: 'TCP connection timeout. format: + 1h/1m/1s/1ms. MUST BE >=1ms. Default is + 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span + of time. Durations less than one second + are represented with a 0 `seconds` + field and a positive or negative `nanos` + field. For durations of one second + or more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the + span of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: + these bounds are computed from: 60 + sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + max_connections: + description: Maximum number of HTTP1 /TCP + connections to a destination host. Default + 2^32-1. + format: int32 + type: integer + tcp_keepalive: + description: If set then set SO_KEEPALIVE + on the socket to enable TCP Keepalives. + properties: + interval: + description: The time duration between + keep-alive probes. Default is to use + the OS level configuration (unless + overridden, Linux defaults to 75s.) + properties: + nanos: + description: Signed fractions of + a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and a + positive or negative `nanos` field. + For durations of one second or + more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + probes: + description: Maximum number of keepalive + probes to send without response before + deciding the connection is dead. Default + is to use the OS level configuration + (unless overridden, Linux defaults + to 9.) + format: int32 + type: integer + time: + description: The time duration a connection + needs to be idle before keep-alive + probes start being sent. Default is + to use the OS level configuration + (unless overridden, Linux defaults + to 7200s (ie 2 hours.) + properties: + nanos: + description: Signed fractions of + a second at nanosecond resolution + of the span of time. Durations + less than one second are represented + with a 0 `seconds` field and a + positive or negative `nanos` field. + For durations of one second or + more, a non-zero value for the + `nanos` field must be of the same + sign as the `seconds` field. Must + be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of + the span of time. Must be from + -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds + are computed from: 60 sec/min + * 60 min/hr * 24 hr/day * 365.25 + days/year * 10000 years' + format: int64 + type: integer + type: object + type: object + type: object + type: object + load_balancer: + description: Settings controlling the load balancer + algorithms. + properties: + locality_lb_setting: + description: Locality load balancer settings, + this will override mesh wide settings in entirety, + meaning no merging would be performed between + this object and the object one in MeshConfig + properties: + distribute: + description: 'Optional: only one of distribute + or failover can be set. Explicitly specify + loadbalancing weight across different + zones and geographical locations. Refer + to [Locality weighted load balancing](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/load_balancing/locality_weight) + If empty, the locality weight is set according + to the endpoints number within it.' + items: + description: 'Describes how traffic originating + in the ''from'' zone or sub-zone is + distributed over a set of ''to'' zones. + Syntax for specifying a zone is {region}/{zone}/{sub-zone} + and terminal wildcards are allowed on + any segment of the specification. Examples: + * - matches all localities us-west/* + - all zones and sub-zones within the + us-west region us-west/zone-1/* - all + sub-zones within us-west/zone-1' + properties: + from: + description: Originating locality, + '/' separated, e.g. 'region/zone/sub_zone'. + type: string + to: + additionalProperties: + format: int32 + type: integer + description: Map of upstream localities + to traffic distribution weights. + The sum of all weights should be + == 100. Any locality not assigned + a weight will receive no traffic. + type: object + type: object + type: array + enabled: + description: enable locality load balancing, + this is DestinationRule-level and will + override mesh wide settings in entirety. + e.g. true means that turn on locality + load balancing for this DestinationRule + no matter what mesh wide settings is. + properties: + value: + description: The bool value. + type: boolean + type: object + failover: + description: 'Optional: only failover or + distribute can be set. Explicitly specify + the region traffic will land on when endpoints + in local region becomes unhealthy. Should + be used together with OutlierDetection + to detect unhealthy endpoints. Note: if + no OutlierDetection specified, this will + not take effect.' + items: + description: Specify the traffic failover + policy across regions. Since zone and + sub-zone failover is supported by default + this only needs to be specified for + regions when the operator needs to constrain + traffic failover so that the default + behavior of failing over to any endpoint + globally does not apply. This is useful + when failing over traffic across regions + would not improve service health or + may need to be restricted for other + reasons like regulatory controls. + properties: + from: + description: Originating region. + type: string + to: + description: Destination region the + traffic will fail over to when endpoints + in the 'from' region becomes unhealthy. + type: string + type: object + type: array + type: object + type: object + outlier_detection: + description: Settings controlling eviction of unhealthy + hosts from the load balancing pool + properties: + base_ejection_time: + description: 'Minimum ejection duration. A host + will remain ejected for a period equal to + the product of minimum ejection duration and + the number of times the host has been ejected. + This technique allows the system to automatically + increase the ejection period for unhealthy + upstream servers. format: 1h/1m/1s/1ms. MUST + BE >=1ms. Default is 30s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. + For durations of one second or more, a + non-zero value for the `nanos` field must + be of the same sign as the `seconds` field. + Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * + 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + consecutive_5xx_errors: + description: "Number of 5xx errors before a + host is ejected from the connection pool. + When the upstream host is accessed over an + opaque TCP connection, connect timeouts, connection + error/failure and request failure events qualify + as a 5xx error. This feature defaults to 5 + but can be disabled by setting the value to + 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used separately + or together. Because the errors counted by + consecutive_gateway_errors are also included + in consecutive_5xx_errors, if the value of + consecutive_gateway_errors is greater than + or equal to the value of consecutive_5xx_errors, + consecutive_gateway_errors will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + consecutive_errors: + description: Number of errors before a host + is ejected from the connection pool. Defaults + to 5. When the upstream host is accessed over + HTTP, a 502, 503, or 504 return code qualifies + as an error. When the upstream host is accessed + over an opaque TCP connection, connect timeouts + and connection error/failure events qualify + as an error. $hide_from_docs + format: int32 + type: integer + consecutive_gateway_errors: + description: "Number of gateway errors before + a host is ejected from the connection pool. + When the upstream host is accessed over HTTP, + a 502, 503, or 504 return code qualifies as + a gateway error. When the upstream host is + accessed over an opaque TCP connection, connect + timeouts and connection error/failure events + qualify as a gateway error. This feature is + disabled by default or when set to the value + 0. \n Note that consecutive_gateway_errors + and consecutive_5xx_errors can be used separately + or together. Because the errors counted by + consecutive_gateway_errors are also included + in consecutive_5xx_errors, if the value of + consecutive_gateway_errors is greater than + or equal to the value of consecutive_5xx_errors, + consecutive_gateway_errors will have no effect." + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + interval: + description: 'Time interval between ejection + sweep analysis. format: 1h/1m/1s/1ms. MUST + BE >=1ms. Default is 10s.' + properties: + nanos: + description: Signed fractions of a second + at nanosecond resolution of the span of + time. Durations less than one second are + represented with a 0 `seconds` field and + a positive or negative `nanos` field. + For durations of one second or more, a + non-zero value for the `nanos` field must + be of the same sign as the `seconds` field. + Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span + of time. Must be from -315,576,000,000 + to +315,576,000,000 inclusive. Note: these + bounds are computed from: 60 sec/min * + 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + max_ejection_percent: + description: Maximum % of hosts in the load + balancing pool for the upstream service that + can be ejected. Defaults to 10%. + format: int32 + type: integer + min_health_percent: + description: Outlier detection will be enabled + as long as the associated load balancing pool + has at least min_health_percent hosts in healthy + mode. When the percentage of healthy hosts + in the load balancing pool drops below this + threshold, outlier detection will be disabled + and the proxy will load balance across all + hosts in the pool (healthy and unhealthy). + The threshold can be disabled by setting it + to 0%. The default is 0% as it's not typically + applicable in k8s environments with few pods + per service. + format: int32 + type: integer + type: object + port: + description: Specifies the number of a port on the + destination service on which this policy is being + applied. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + tls: + description: TLS related settings for connections + to the upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the file + containing certificate authority certificates + to use in verifying a presented server certificate. + If omitted, the proxy will not verify the + server''s certificate. Should be empty if + mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client-side TLS + certificate to use. Should be empty if mode + is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections to + this port should be secured using TLS. The + value of this field determines how TLS is + enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. The + path to the file holding the client's private + key. Should be empty if mode is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the server + during TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to verify + the subject identity in the certificate. If + specified, the proxy will verify that the + server certificate's subject alt name matches + one of the specified values. If specified, + this list overrides the value of subject_alt_names + from the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: array + tls: + description: TLS related settings for connections to the + upstream service. + properties: + ca_certificates: + description: 'OPTIONAL: The path to the file containing + certificate authority certificates to use in verifying + a presented server certificate. If omitted, the + proxy will not verify the server''s certificate. + Should be empty if mode is `ISTIO_MUTUAL`.' + type: string + client_certificate: + description: REQUIRED if mode is `MUTUAL`. The path + to the file holding the client-side TLS certificate + to use. Should be empty if mode is `ISTIO_MUTUAL`. + type: string + mode: + description: Indicates whether connections to this + port should be secured using TLS. The value of this + field determines how TLS is enforced. + format: int32 + type: integer + private_key: + description: REQUIRED if mode is `MUTUAL`. The path + to the file holding the client's private key. Should + be empty if mode is `ISTIO_MUTUAL`. + type: string + sni: + description: SNI string to present to the server during + TLS handshake. + type: string + subject_alt_names: + description: A list of alternate names to verify the + subject identity in the certificate. If specified, + the proxy will verify that the server certificate's + subject alt name matches one of the specified values. + If specified, this list overrides the value of subject_alt_names + from the ServiceEntry. + items: + type: string + type: array + type: object + type: object + type: object + type: object + type: object + status: + description: ServicePolicyStatus defines the observed state of ServicePolicy + properties: + completionTime: + description: Represents time when the strategy was completed. It is + represented in RFC3339 form and is in UTC. + format: date-time + type: string + conditions: + description: The latest available observations of an object's current + state. + items: + description: StrategyCondition describes current state of a strategy. + properties: + lastProbeTime: + description: Last time the condition was checked. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status + to another + format: date-time + type: string + message: + description: Human readable message indicating details about + last transition. + type: string + reason: + description: reason for the condition's last transition + type: string + status: + description: Status of the condition, one of True, False, Unknown + type: string + type: + description: Type of strategy condition, Complete or Failed. + type: string + type: object + type: array + startTime: + description: Represents time when the strategy was acknowledged by + the controller. It is represented in RFC3339 form and is in UTC. + format: date-time + type: string + type: object + type: object + served: true + storage: true diff --git a/config/ks-core/crds/servicemesh.kubesphere.io_strategies.yaml b/config/ks-core/crds/servicemesh.kubesphere.io_strategies.yaml new file mode 100644 index 000000000..6cac5b90d --- /dev/null +++ b/config/ks-core/crds/servicemesh.kubesphere.io_strategies.yaml @@ -0,0 +1,1268 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: (unknown) + creationTimestamp: null + name: strategies.servicemesh.kubesphere.io +spec: + group: servicemesh.kubesphere.io + names: + kind: Strategy + listKind: StrategyList + plural: strategies + singular: strategy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: type of strategy + jsonPath: .spec.type + name: Type + type: string + - description: destination hosts + jsonPath: .spec.template.spec.hosts + name: Hosts + type: string + - description: 'CreationTimestamp is a timestamp representing the server time + when this object was created. It is not guaranteed to be set in happens-before + order across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for + lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata' + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha2 + schema: + openAPIV3Schema: + description: Strategy is the Schema for the strategies API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: StrategySpec defines the desired state of Strategy + properties: + governor: + description: Governor version, the version takes control of all incoming + traffic label version value + type: string + principal: + description: Principal version, the one as reference version label + version value + type: string + selector: + description: Label selector for virtual services. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that + contains values, a key, and an operator that relates the key + and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to + a set of values. Valid operators are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values is an array of string values. If the + operator is In or NotIn, the values array must be non-empty. + If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator + is "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + strategyPolicy: + description: strategy policy, how the strategy will be applied by + the strategy controller + type: string + template: + description: Template describes the virtual service that will be created. + properties: + metadata: + description: Metadata of the virtual services created from this + template + type: object + spec: + description: Spec indicates the behavior of a virtual service. + properties: + export_to: + description: "A list of namespaces to which this virtual service + is exported. Exporting a virtual service allows it to be + used by sidecars and gateways defined in other namespaces. + This feature provides a mechanism for service owners and + mesh administrators to control the visibility of virtual + services across namespace boundaries. \n If no namespaces + are specified then the virtual service is exported to all + namespaces by default. \n The value \".\" is reserved and + defines an export to the same namespace that the virtual + service is declared in. Similarly the value \"*\" is reserved + and defines an export to all namespaces. \n NOTE: in the + current release, the `exportTo` value is restricted to \".\" + or \"*\" (i.e., the current namespace or all namespaces)." + items: + type: string + type: array + gateways: + description: The names of gateways and sidecars that should + apply these routes. Gateways in other namespaces may be + referred to by `/`; specifying + a gateway with no namespace qualifier is the same as specifying + the VirtualService's namespace. A single VirtualService + is used for sidecars inside the mesh as well as for one + or more gateways. The selection condition imposed by this + field can be overridden using the source field in the match + conditions of protocol-specific routes. The reserved word + `mesh` is used to imply all the sidecars in the mesh. When + this field is omitted, the default gateway (`mesh`) will + be used, which would apply the rule to all sidecars in the + mesh. If a list of gateway names is provided, the rules + will apply only to the gateways. To apply the rules to both + gateways and sidecars, specify `mesh` as one of the gateway + names. + items: + type: string + type: array + hosts: + description: "The destination hosts to which traffic is being + sent. Could be a DNS name with wildcard prefix or an IP + address. Depending on the platform, short-names can also + be used instead of a FQDN (i.e. has no dots in the name). + In such a scenario, the FQDN of the host would be derived + based on the underlying platform. \n A single VirtualService + can be used to describe all the traffic properties of the + corresponding hosts, including those for multiple HTTP and + TCP ports. Alternatively, the traffic properties of a host + can be defined using more than one VirtualService, with + certain caveats. Refer to the [Operations Guide](https://istio.io/docs/ops/best-practices/traffic-management/#split-virtual-services) + for details. \n *Note for Kubernetes users*: When short + names are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based on the namespace + of the rule, not the service. A rule in the \"default\" + namespace containing a host \"reviews\" will be interpreted + as \"reviews.default.svc.cluster.local\", irrespective of + the actual namespace associated with the reviews service. + _To avoid potential misconfigurations, it is recommended + to always use fully qualified domain names over short names._ + \n The hosts field applies to both HTTP and TCP services. + Service inside the mesh, i.e., those found in the service + registry, must always be referred to using their alphanumeric + names. IP addresses are allowed only for services defined + via the Gateway. \n *Note*: It must be empty for a delegate + VirtualService." + items: + type: string + type: array + http: + description: An ordered list of route rules for HTTP traffic. + HTTP routes will be applied to platform service ports named + 'http-*'/'http2-*'/'grpc-*', gateway ports with protocol + HTTP/HTTP2/GRPC/ TLS-terminated-HTTPS and service entry + ports using HTTP/HTTP2/GRPC protocols. The first rule matching + an incoming request is used. + items: + description: Describes match conditions and actions for + routing HTTP/1.1, HTTP2, and gRPC traffic. See VirtualService + for usage examples. + properties: + cors_policy: + description: Cross-Origin Resource Sharing policy (CORS). + Refer to [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) + for further details about cross origin resource sharing. + properties: + allow_credentials: + description: Indicates whether the caller is allowed + to send the actual request (not the preflight) + using credentials. Translates to `Access-Control-Allow-Credentials` + header. + properties: + value: + description: The bool value. + type: boolean + type: object + allow_headers: + description: List of HTTP headers that can be used + when requesting the resource. Serialized to Access-Control-Allow-Headers + header. + items: + type: string + type: array + allow_methods: + description: List of HTTP methods allowed to access + the resource. The content will be serialized into + the Access-Control-Allow-Methods header. + items: + type: string + type: array + allow_origin: + description: The list of origins that are allowed + to perform CORS requests. The content will be + serialized into the Access-Control-Allow-Origin + header. Wildcard * will allow all origins. $hide_from_docs + items: + type: string + type: array + allow_origins: + description: String patterns that match allowed + origins. An origin is allowed if any of the string + matchers match. If a match is found, then the + outgoing Access-Control-Allow-Origin would be + set to the origin as provided by the client. + items: + description: Describes how to match a given string + in HTTP headers. Match is case-sensitive. + type: object + type: array + expose_headers: + description: A white list of HTTP headers that the + browsers are allowed to access. Serialized into + Access-Control-Expose-Headers header. + items: + type: string + type: array + max_age: + description: Specifies how long the results of a + preflight request can be cached. Translates to + the `Access-Control-Max-Age` header. + properties: + nanos: + description: Signed fractions of a second at + nanosecond resolution of the span of time. + Durations less than one second are represented + with a 0 `seconds` field and a positive or + negative `nanos` field. For durations of one + second or more, a non-zero value for the `nanos` + field must be of the same sign as the `seconds` + field. Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + type: object + delegate: + description: 'Delegate is used to specify the particular + VirtualService which can be used to define delegate + HTTPRoute. It can be set only when `Route` and `Redirect` + are empty, and the route rules of the delegate VirtualService + will be merged with that in the current one. **NOTE**: + 1. Only one level delegation is supported. 2. The + delegate''s HTTPMatchRequest must be a strict subset + of the root''s, otherwise there is a conflict and + the HTTPRoute will not take effect.' + properties: + name: + description: Name specifies the name of the delegate + VirtualService. + type: string + namespace: + description: Namespace specifies the namespace where + the delegate VirtualService resides. By default, + it is same to the root's. + type: string + type: object + fault: + description: Fault injection policy to apply on HTTP + traffic at the client side. Note that timeouts or + retries will not be enabled when faults are enabled + on the client side. + properties: + abort: + description: Abort Http request attempts and return + error codes back to downstream service, giving + the impression that the upstream service is faulty. + properties: + percentage: + description: Percentage of requests to be aborted + with the error code provided. + properties: + value: + type: number + type: object + type: object + delay: + description: Delay requests before forwarding, emulating + various failures such as network issues, overloaded + upstream service, etc. + properties: + percent: + description: Percentage of requests on which + the delay will be injected (0-100). Use of + integer `percent` value is deprecated. Use + the double `percentage` field instead. + format: int32 + type: integer + percentage: + description: Percentage of requests on which + the delay will be injected. + properties: + value: + type: number + type: object + type: object + type: object + headers: + description: Header manipulation rules + properties: + request: + description: Header manipulation rules to apply + before forwarding a request to the destination + service + properties: + add: + additionalProperties: + type: string + description: Append the given values to the + headers specified by keys (will create a comma-separated + list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified + by key with the given values + type: object + type: object + response: + description: Header manipulation rules to apply + before returning a response to the caller + properties: + add: + additionalProperties: + type: string + description: Append the given values to the + headers specified by keys (will create a comma-separated + list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified + by key with the given values + type: object + type: object + type: object + match: + description: Match conditions to be satisfied for the + rule to be activated. All conditions inside a single + match block have AND semantics, while the list of + match blocks have OR semantics. The rule is matched + if any one of the match blocks succeed. + items: + description: "HttpMatchRequest specifies a set of + criterion to be met in order for the rule to be + applied to the HTTP request. For example, the following + restricts the rule to match only requests where + the URL path starts with /ratings/v2/ and the request + contains a custom `end-user` header with value `jason`. + \n {{}} {{}} + ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: VirtualService metadata: name: ratings-route + spec: hosts: - ratings.prod.svc.cluster.local http: + - match: - headers: end-user: exact: jason uri: + prefix: \"/ratings/v2/\" ignoreUriCase: true route: + - destination: host: ratings.prod.svc.cluster.local + ``` {{}} \n {{}} + ```yaml apiVersion: networking.istio.io/v1beta1 + kind: VirtualService metadata: name: ratings-route + spec: hosts: - ratings.prod.svc.cluster.local http: + - match: - headers: end-user: exact: jason uri: + prefix: \"/ratings/v2/\" ignoreUriCase: true route: + - destination: host: ratings.prod.svc.cluster.local + ``` {{}} {{}} \n HTTPMatchRequest + CANNOT be empty. **Note:** No regex string match + can be set when delegate VirtualService is specified." + properties: + authority: + description: "HTTP Authority values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match" + type: object + gateways: + description: Names of gateways where the rule + should be applied. Gateway names in the top-level + `gateways` field of the VirtualService (if any) + are overridden. The gateway match is independent + of sourceLabels. + items: + type: string + type: array + headers: + additionalProperties: + description: Describes how to match a given + string in HTTP headers. Match is case-sensitive. + type: object + description: "The header keys must be lowercase + and use hyphen as the separator, e.g. _x-request-id_. + \n Header values are case-sensitive and formatted + as follows: \n - `exact: \"value\"` for exact + string match \n - `prefix: \"value\"` for prefix-based + match \n - `regex: \"value\"` for ECMAscript + style regex-based match \n If the value is empty + and only the name of header is specfied, presence + of the header is checked. **Note:** The keys + `uri`, `scheme`, `method`, and `authority` will + be ignored." + type: object + ignore_uri_case: + description: "Flag to specify whether the URI + matching should be case-insensitive. \n **Note:** + The case will be ignored only in the case of + `exact` and `prefix` URI matches." + type: boolean + method: + description: "HTTP Method values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match" + type: object + name: + description: The name assigned to a match. The + match's name will be concatenated with the parent + route's name and will be logged in the access + logs for requests matching this route. + type: string + port: + description: Specifies the ports on the host that + is being addressed. Many services only expose + a single port or label ports with the protocols + they support, in these cases it is not required + to explicitly select the port. + format: int32 + type: integer + query_params: + additionalProperties: + description: Describes how to match a given + string in HTTP headers. Match is case-sensitive. + type: object + description: "Query parameters for matching. \n + Ex: - For a query parameter like \"?key=true\", + the map key would be \"key\" and the string + match could be defined as `exact: \"true\"`. + - For a query parameter like \"?key\", the map + key would be \"key\" and the string match could + be defined as `exact: \"\"`. - For a query parameter + like \"?key=123\", the map key would be \"key\" + and the string match could be defined as `regex: + \"\\d+$\"`. Note that this configuration will + only match values like \"123\" but not \"a123\" + or \"123a\". \n **Note:** `prefix` matching + is currently not supported." + type: object + scheme: + description: "URI Scheme values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match" + type: object + source_labels: + additionalProperties: + type: string + description: One or more labels that constrain + the applicability of a rule to workloads with + the given labels. If the VirtualService has + a list of gateways specified in the top-level + `gateways` field, it must include the reserved + gateway `mesh` for this field to be applicable. + type: object + source_namespace: + description: Source namespace constraining the + applicability of a rule to workloads in that + namespace. If the VirtualService has a list + of gateways specified in the top-level `gateways` + field, it must include the reserved gateway + `mesh` for this field to be applicable. + type: string + uri: + description: "URI to match values are case-sensitive + and formatted as follows: \n - `exact: \"value\"` + for exact string match \n - `prefix: \"value\"` + for prefix-based match \n - `regex: \"value\"` + for ECMAscript style regex-based match \n **Note:** + Case-insensitive matching could be enabled via + the `ignore_uri_case` flag." + type: object + without_headers: + additionalProperties: + description: Describes how to match a given + string in HTTP headers. Match is case-sensitive. + type: object + description: withoutHeader has the same syntax + with the header, but has opposite meaning. If + a header is matched with a matching rule among + withoutHeader, the traffic becomes not matched + one. + type: object + type: object + type: array + mirror: + description: Mirror HTTP traffic to a another destination + in addition to forwarding the requests to the intended + destination. Mirrored traffic is on a best effort + basis where the sidecar/gateway will not wait for + the mirrored cluster to respond before returning the + response from the original destination. Statistics + will be generated for the mirrored destination. + properties: + host: + description: "The name of a service from the service + registry. Service names are looked up from the + platform's service registry (e.g., Kubernetes + services, Consul services, etc.) and from the + hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are not + found in either of the two, will be dropped. \n + *Note for Kubernetes users*: When short names + are used (e.g. \"reviews\" instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based on the + namespace of the rule, not the service. A rule + in the \"default\" namespace containing a host + \"reviews will be interpreted as \"reviews.default.svc.cluster.local\", + irrespective of the actual namespace associated + with the reviews service. To avoid potential misconfiguration, + it is recommended to always use fully qualified + domain names over short names." + type: string + port: + description: Specifies the port on the host that + is being addressed. If a service exposes only + a single port it is not required to explicitly + select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the service. + Applicable only to services within the mesh. The + subset must be defined in a corresponding DestinationRule. + type: string + type: object + mirror_percent: + description: Percentage of the traffic to be mirrored + by the `mirror` field. Use of integer `mirror_percent` + value is deprecated. Use the double `mirror_percentage` + field instead + properties: + value: + description: The uint32 value. + format: int32 + type: integer + type: object + mirror_percentage: + description: Percentage of the traffic to be mirrored + by the `mirror` field. If this field is absent, all + the traffic (100%) will be mirrored. Max value is + 100. + properties: + value: + type: number + type: object + name: + description: The name assigned to the route for debugging + purposes. The route's name will be concatenated with + the match's name and will be logged in the access + logs for requests matching this route/match. + type: string + redirect: + description: A HTTP rule can either redirect or forward + (default) traffic. If traffic passthrough option is + specified in the rule, route/redirect will be ignored. + The redirect primitive can be used to send a HTTP + 301 redirect to a different URI or Authority. + properties: + authority: + description: On a redirect, overwrite the Authority/Host + portion of the URL with this value. + type: string + redirect_code: + description: On a redirect, Specifies the HTTP status + code to use in the redirect response. The default + response code is MOVED_PERMANENTLY (301). + format: int32 + type: integer + uri: + description: On a redirect, overwrite the Path portion + of the URL with this value. Note that the entire + path will be replaced, irrespective of the request + URI being matched as an exact path or prefix. + type: string + type: object + retries: + description: Retry policy for HTTP requests. + properties: + attempts: + description: Number of retries for a given request. + The interval between retries will be determined + automatically (25ms+). Actual number of retries + attempted depends on the request `timeout` of + the [HTTP route](https://istio.io/docs/reference/config/networking/virtual-service/#HTTPRoute). + format: int32 + type: integer + per_try_timeout: + description: 'Timeout per retry attempt for a given + request. format: 1h/1m/1s/1ms. MUST BE >=1ms.' + properties: + nanos: + description: Signed fractions of a second at + nanosecond resolution of the span of time. + Durations less than one second are represented + with a 0 `seconds` field and a positive or + negative `nanos` field. For durations of one + second or more, a non-zero value for the `nanos` + field must be of the same sign as the `seconds` + field. Must be from -999,999,999 to +999,999,999 + inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of + time. Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed + from: 60 sec/min * 60 min/hr * 24 hr/day * + 365.25 days/year * 10000 years' + format: int64 + type: integer + type: object + retry_on: + description: Specifies the conditions under which + retry takes place. One or more policies can be + specified using a ‘,’ delimited list. See the + [retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-on) + and [gRPC retry policies](https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/router_filter#x-envoy-retry-grpc-on) + for more details. + type: string + retry_remote_localities: + description: Flag to specify whether the retries + should retry to other localities. See the [retry + plugin configuration](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/http_connection_management#retry-plugin-configuration) + for more details. + properties: + value: + description: The bool value. + type: boolean + type: object + type: object + rewrite: + description: Rewrite HTTP URIs and Authority headers. + Rewrite cannot be used with Redirect primitive. Rewrite + will be performed before forwarding. + properties: + authority: + description: rewrite the Authority/Host header with + this value. + type: string + uri: + description: rewrite the path (or the prefix) portion + of the URI with this value. If the original URI + was matched based on prefix, the value provided + in this field will replace the corresponding matched + prefix. + type: string + type: object + route: + description: A HTTP rule can either redirect or forward + (default) traffic. The forwarding target can be one + of several versions of a service (see glossary in + beginning of document). Weights associated with the + service version determine the proportion of traffic + it receives. + items: + description: "Each routing rule is associated with + one or more service versions (see glossary in beginning + of document). Weights associated with the version + determine the proportion of traffic it receives. + For example, the following rule will route 25% of + traffic for the \"reviews\" service to instances + with the \"v2\" tag and the remaining traffic (i.e., + 75%) to \"v1\". \n {{}} + {{}} + ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: VirtualService metadata: name: reviews-route + spec: hosts: - reviews.prod.svc.cluster.local http: + - route: - destination: host: reviews.prod.svc.cluster.local + subset: v2 weight: 25 - destination: host: reviews.prod.svc.cluster.local + subset: v1 weight: 75 ``` {{}} \n {{}} ```yaml apiVersion: + networking.istio.io/v1beta1 kind: VirtualService + metadata: name: reviews-route spec: hosts: - reviews.prod.svc.cluster.local + http: - route: - destination: host: reviews.prod.svc.cluster.local + subset: v2 weight: 25 - destination: host: reviews.prod.svc.cluster.local + subset: v1 weight: 75 ``` {{}} {{}} + \n And the associated DestinationRule \n {{}} {{}} ```yaml apiVersion: + networking.istio.io/v1alpha3 kind: DestinationRule + metadata: name: reviews-destination spec: host: + reviews.prod.svc.cluster.local subsets: - name: + v1 labels: version: v1 - name: v2 labels: version: + v2 ``` {{}} \n {{}} + ```yaml apiVersion: networking.istio.io/v1beta1 + kind: DestinationRule metadata: name: reviews-destination + spec: host: reviews.prod.svc.cluster.local subsets: + - name: v1 labels: version: v1 - name: v2 labels: + version: v2 ``` {{}} {{}} \n Traffic + can also be split across two entirely different + services without having to define new subsets. For + example, the following rule forwards 25% of traffic + to reviews.com to dev.reviews.com \n {{}} + {{}} + ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: VirtualService metadata: name: reviews-route-two-domains + spec: hosts: - reviews.com http: - route: - destination: + host: dev.reviews.com weight: 25 - destination: + host: reviews.com weight: 75 ``` {{}} \n {{}} ```yaml + apiVersion: networking.istio.io/v1beta1 kind: VirtualService + metadata: name: reviews-route-two-domains spec: + hosts: - reviews.com http: - route: - destination: + host: dev.reviews.com weight: 25 - destination: + host: reviews.com weight: 75 ``` {{}} {{}}" + properties: + destination: + description: Destination uniquely identifies the + instances of a service to which the request/connection + should be forwarded to. + properties: + host: + description: "The name of a service from the + service registry. Service names are looked + up from the platform's service registry + (e.g., Kubernetes services, Consul services, + etc.) and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are + not found in either of the two, will be + dropped. \n *Note for Kubernetes users*: + When short names are used (e.g. \"reviews\" + instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based + on the namespace of the rule, not the service. + A rule in the \"default\" namespace containing + a host \"reviews will be interpreted as + \"reviews.default.svc.cluster.local\", irrespective + of the actual namespace associated with + the reviews service. To avoid potential + misconfiguration, it is recommended to always + use fully qualified domain names over short + names." + type: string + port: + description: Specifies the port on the host + that is being addressed. If a service exposes + only a single port it is not required to + explicitly select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the + service. Applicable only to services within + the mesh. The subset must be defined in + a corresponding DestinationRule. + type: string + type: object + headers: + description: Header manipulation rules + properties: + request: + description: Header manipulation rules to + apply before forwarding a request to the + destination service + properties: + add: + additionalProperties: + type: string + description: Append the given values to + the headers specified by keys (will + create a comma-separated list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified + by key with the given values + type: object + type: object + response: + description: Header manipulation rules to + apply before returning a response to the + caller + properties: + add: + additionalProperties: + type: string + description: Append the given values to + the headers specified by keys (will + create a comma-separated list of values) + type: object + remove: + description: Remove a the specified headers + items: + type: string + type: array + set: + additionalProperties: + type: string + description: Overwrite the headers specified + by key with the given values + type: object + type: object + type: object + weight: + description: The proportion of traffic to be forwarded + to the service version. (0-100). Sum of weights + across destinations SHOULD BE == 100. If there + is only one destination in a rule, the weight + value is assumed to be 100. + format: int32 + type: integer + type: object + type: array + timeout: + description: Timeout for HTTP requests. + properties: + nanos: + description: Signed fractions of a second at nanosecond + resolution of the span of time. Durations less + than one second are represented with a 0 `seconds` + field and a positive or negative `nanos` field. + For durations of one second or more, a non-zero + value for the `nanos` field must be of the same + sign as the `seconds` field. Must be from -999,999,999 + to +999,999,999 inclusive. + format: int32 + type: integer + seconds: + description: 'Signed seconds of the span of time. + Must be from -315,576,000,000 to +315,576,000,000 + inclusive. Note: these bounds are computed from: + 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year + * 10000 years' + format: int64 + type: integer + type: object + type: object + type: array + tcp: + description: An ordered list of route rules for opaque TCP + traffic. TCP routes will be applied to any port that is + not a HTTP or TLS port. The first rule matching an incoming + request is used. + items: + description: "Describes match conditions and actions for + routing TCP traffic. The following routing rule forwards + traffic arriving at port 27017 for mongo.prod.svc.cluster.local + to another Mongo server on port 5555. \n {{}} + {{}} + ```yaml apiVersion: networking.istio.io/v1alpha3 kind: + VirtualService metadata: name: bookinfo-Mongo spec: hosts: + - mongo.prod.svc.cluster.local tcp: - match: - port: 27017 + route: - destination: host: mongo.backup.svc.cluster.local + port: number: 5555 ``` {{}} \n {{}} ```yaml apiVersion: networking.istio.io/v1beta1 + kind: VirtualService metadata: name: bookinfo-Mongo spec: + hosts: - mongo.prod.svc.cluster.local tcp: - match: - + port: 27017 route: - destination: host: mongo.backup.svc.cluster.local + port: number: 5555 ``` {{}} {{}}" + properties: + match: + description: Match conditions to be satisfied for the + rule to be activated. All conditions inside a single + match block have AND semantics, while the list of + match blocks have OR semantics. The rule is matched + if any one of the match blocks succeed. + items: + description: L4 connection match attributes. Note + that L4 connection matching support is incomplete. + properties: + destination_subnets: + description: IPv4 or IPv6 ip addresses of destination + with optional subnet. E.g., a.b.c.d/xx form + or just a.b.c.d. + items: + type: string + type: array + gateways: + description: Names of gateways where the rule + should be applied. Gateway names in the top-level + `gateways` field of the VirtualService (if any) + are overridden. The gateway match is independent + of sourceLabels. + items: + type: string + type: array + port: + description: Specifies the port on the host that + is being addressed. Many services only expose + a single port or label ports with the protocols + they support, in these cases it is not required + to explicitly select the port. + format: int32 + type: integer + source_labels: + additionalProperties: + type: string + description: One or more labels that constrain + the applicability of a rule to workloads with + the given labels. If the VirtualService has + a list of gateways specified in the top-level + `gateways` field, it should include the reserved + gateway `mesh` in order for this field to be + applicable. + type: object + source_namespace: + description: Source namespace constraining the + applicability of a rule to workloads in that + namespace. If the VirtualService has a list + of gateways specified in the top-level `gateways` + field, it must include the reserved gateway + `mesh` for this field to be applicable. + type: string + source_subnet: + description: IPv4 or IPv6 ip address of source + with optional subnet. E.g., a.b.c.d/xx form + or just a.b.c.d $hide_from_docs + type: string + type: object + type: array + route: + description: The destination to which the connection + should be forwarded to. + items: + description: L4 routing rule weighted destination. + properties: + destination: + description: Destination uniquely identifies the + instances of a service to which the request/connection + should be forwarded to. + properties: + host: + description: "The name of a service from the + service registry. Service names are looked + up from the platform's service registry + (e.g., Kubernetes services, Consul services, + etc.) and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are + not found in either of the two, will be + dropped. \n *Note for Kubernetes users*: + When short names are used (e.g. \"reviews\" + instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based + on the namespace of the rule, not the service. + A rule in the \"default\" namespace containing + a host \"reviews will be interpreted as + \"reviews.default.svc.cluster.local\", irrespective + of the actual namespace associated with + the reviews service. To avoid potential + misconfiguration, it is recommended to always + use fully qualified domain names over short + names." + type: string + port: + description: Specifies the port on the host + that is being addressed. If a service exposes + only a single port it is not required to + explicitly select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the + service. Applicable only to services within + the mesh. The subset must be defined in + a corresponding DestinationRule. + type: string + type: object + weight: + description: The proportion of traffic to be forwarded + to the service version. If there is only one + destination in a rule, all traffic will be routed + to it irrespective of the weight. + format: int32 + type: integer + type: object + type: array + type: object + type: array + tls: + description: 'An ordered list of route rule for non-terminated + TLS & HTTPS traffic. Routing is typically performed using + the SNI value presented by the ClientHello message. TLS + routes will be applied to platform service ports named ''https-*'', + ''tls-*'', unterminated gateway ports using HTTPS/TLS protocols + (i.e. with "passthrough" TLS mode) and service entry ports + using HTTPS/TLS protocols. The first rule matching an incoming + request is used. NOTE: Traffic ''https-*'' or ''tls-*'' + ports without associated virtual service will be treated + as opaque TCP traffic.' + items: + description: "Describes match conditions and actions for + routing unterminated TLS traffic (TLS/HTTPS) The following + routing rule forwards unterminated TLS traffic arriving + at port 443 of gateway called \"mygateway\" to internal + services in the mesh based on the SNI value. \n {{}} {{}} ```yaml apiVersion: networking.istio.io/v1alpha3 + kind: VirtualService metadata: name: bookinfo-sni spec: + hosts: - \"*.bookinfo.com\" gateways: - mygateway tls: + - match: - port: 443 sniHosts: - login.bookinfo.com route: + - destination: host: login.prod.svc.cluster.local - match: + - port: 443 sniHosts: - reviews.bookinfo.com route: - + destination: host: reviews.prod.svc.cluster.local ``` + {{}} \n {{}} + ```yaml apiVersion: networking.istio.io/v1beta1 kind: + VirtualService metadata: name: bookinfo-sni spec: hosts: + - \"*.bookinfo.com\" gateways: - mygateway tls: - match: + - port: 443 sniHosts: - login.bookinfo.com route: - destination: + host: login.prod.svc.cluster.local - match: - port: 443 + sniHosts: - reviews.bookinfo.com route: - destination: + host: reviews.prod.svc.cluster.local ``` {{}} {{}}" + properties: + match: + description: Match conditions to be satisfied for the + rule to be activated. All conditions inside a single + match block have AND semantics, while the list of + match blocks have OR semantics. The rule is matched + if any one of the match blocks succeed. + items: + description: TLS connection match attributes. + properties: + destination_subnets: + description: IPv4 or IPv6 ip addresses of destination + with optional subnet. E.g., a.b.c.d/xx form + or just a.b.c.d. + items: + type: string + type: array + gateways: + description: Names of gateways where the rule + should be applied. Gateway names in the top-level + `gateways` field of the VirtualService (if any) + are overridden. The gateway match is independent + of sourceLabels. + items: + type: string + type: array + port: + description: Specifies the port on the host that + is being addressed. Many services only expose + a single port or label ports with the protocols + they support, in these cases it is not required + to explicitly select the port. + format: int32 + type: integer + sni_hosts: + description: SNI (server name indicator) to match + on. Wildcard prefixes can be used in the SNI + value, e.g., *.com will match foo.example.com + as well as example.com. An SNI value must be + a subset (i.e., fall within the domain) of the + corresponding virtual serivce's hosts. + items: + type: string + type: array + source_labels: + additionalProperties: + type: string + description: One or more labels that constrain + the applicability of a rule to workloads with + the given labels. If the VirtualService has + a list of gateways specified in the top-level + `gateways` field, it should include the reserved + gateway `mesh` in order for this field to be + applicable. + type: object + source_namespace: + description: Source namespace constraining the + applicability of a rule to workloads in that + namespace. If the VirtualService has a list + of gateways specified in the top-level `gateways` + field, it must include the reserved gateway + `mesh` for this field to be applicable. + type: string + type: object + type: array + route: + description: The destination to which the connection + should be forwarded to. + items: + description: L4 routing rule weighted destination. + properties: + destination: + description: Destination uniquely identifies the + instances of a service to which the request/connection + should be forwarded to. + properties: + host: + description: "The name of a service from the + service registry. Service names are looked + up from the platform's service registry + (e.g., Kubernetes services, Consul services, + etc.) and from the hosts declared by [ServiceEntry](https://istio.io/docs/reference/config/networking/service-entry/#ServiceEntry). + Traffic forwarded to destinations that are + not found in either of the two, will be + dropped. \n *Note for Kubernetes users*: + When short names are used (e.g. \"reviews\" + instead of \"reviews.default.svc.cluster.local\"), + Istio will interpret the short name based + on the namespace of the rule, not the service. + A rule in the \"default\" namespace containing + a host \"reviews will be interpreted as + \"reviews.default.svc.cluster.local\", irrespective + of the actual namespace associated with + the reviews service. To avoid potential + misconfiguration, it is recommended to always + use fully qualified domain names over short + names." + type: string + port: + description: Specifies the port on the host + that is being addressed. If a service exposes + only a single port it is not required to + explicitly select the port. + properties: + number: + description: Valid port number + format: int32 + type: integer + type: object + subset: + description: The name of a subset within the + service. Applicable only to services within + the mesh. The subset must be defined in + a corresponding DestinationRule. + type: string + type: object + weight: + description: The proportion of traffic to be forwarded + to the service version. If there is only one + destination in a rule, all traffic will be routed + to it irrespective of the weight. + format: int32 + type: integer + type: object + type: array + type: object + type: array + type: object + type: object + type: + description: Strategy type + type: string + type: object + status: + description: StrategyStatus defines the observed state of Strategy + properties: + completionTime: + description: Represents time when the strategy was completed. It is + represented in RFC3339 form and is in UTC. + format: date-time + type: string + conditions: + description: The latest available observations of an object's current + state. + items: + description: StrategyCondition describes current state of a strategy. + properties: + lastProbeTime: + description: Last time the condition was checked. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transit from one status + to another + format: date-time + type: string + message: + description: Human readable message indicating details about + last transition. + type: string + reason: + description: reason for the condition's last transition + type: string + status: + description: Status of the condition, one of True, False, Unknown + type: string + type: + description: Type of strategy condition, Complete or Failed. + type: string + type: object + type: array + startTime: + description: Represents time when the strategy was acknowledged by + the controller. It is represented in RFC3339 form and is in UTC. + format: date-time + type: string + type: object + type: object + served: true + storage: true + subresources: {} diff --git a/config/crds/storage.kubesphere.io_provisionercapabilities.yaml b/config/ks-core/crds/storage.kubesphere.io_provisionercapabilities.yaml similarity index 96% rename from config/crds/storage.kubesphere.io_provisionercapabilities.yaml rename to config/ks-core/crds/storage.kubesphere.io_provisionercapabilities.yaml index 687c5a601..2dbfe3238 100644 --- a/config/crds/storage.kubesphere.io_provisionercapabilities.yaml +++ b/config/ks-core/crds/storage.kubesphere.io_provisionercapabilities.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: provisionercapabilities.storage.kubesphere.io spec: @@ -112,9 +111,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/storage.kubesphere.io_storageclasscapabilities.yaml b/config/ks-core/crds/storage.kubesphere.io_storageclasscapabilities.yaml similarity index 96% rename from config/crds/storage.kubesphere.io_storageclasscapabilities.yaml rename to config/ks-core/crds/storage.kubesphere.io_storageclasscapabilities.yaml index 0426d5172..5c4e9ab8c 100644 --- a/config/crds/storage.kubesphere.io_storageclasscapabilities.yaml +++ b/config/ks-core/crds/storage.kubesphere.io_storageclasscapabilities.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: storageclasscapabilities.storage.kubesphere.io spec: @@ -112,9 +111,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/tenant.kubesphere.io_workspaces.yaml b/config/ks-core/crds/tenant.kubesphere.io_workspaces.yaml similarity index 92% rename from config/crds/tenant.kubesphere.io_workspaces.yaml rename to config/ks-core/crds/tenant.kubesphere.io_workspaces.yaml index 5ae487f3c..7cd9cdd99 100644 --- a/config/crds/tenant.kubesphere.io_workspaces.yaml +++ b/config/ks-core/crds/tenant.kubesphere.io_workspaces.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: workspaces.tenant.kubesphere.io spec: @@ -49,9 +48,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/crds/tenant.kubesphere.io_workspacetemplates.yaml b/config/ks-core/crds/tenant.kubesphere.io_workspacetemplates.yaml similarity index 97% rename from config/crds/tenant.kubesphere.io_workspacetemplates.yaml rename to config/ks-core/crds/tenant.kubesphere.io_workspacetemplates.yaml index 00bdfc125..2eba76994 100644 --- a/config/crds/tenant.kubesphere.io_workspacetemplates.yaml +++ b/config/ks-core/crds/tenant.kubesphere.io_workspacetemplates.yaml @@ -1,10 +1,9 @@ - --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: "" + controller-gen.kubebuilder.io/version: (unknown) creationTimestamp: null name: workspacetemplates.tenant.kubesphere.io spec: @@ -109,6 +108,7 @@ spec: "value". The requirements are ANDed. type: object type: object + x-kubernetes-map-type: atomic clusters: items: properties: @@ -139,9 +139,3 @@ spec: type: object served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/hack/generate_manifests.sh b/hack/generate_manifests.sh index 2be72dbec..e95b4b035 100755 --- a/hack/generate_manifests.sh +++ b/hack/generate_manifests.sh @@ -6,6 +6,7 @@ CRD_OPTIONS="$1" PKGS="$2" GENS="$3" IFS=" " read -r -a PKGS <<< "${PKGS}" +export GOFLAGS=-mod=readonly KUBE_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. cd "${KUBE_ROOT}" || exit @@ -13,23 +14,9 @@ cd "${KUBE_ROOT}" || exit for PKG in "${PKGS[@]}"; do if grep -qw "deepcopy" <<<"${GENS}"; then echo "Generating deepcopy for ${PKG}" - if [[ "$PKG" =~ /\*$ ]]; then - PKG=${PKG%??} - DIR=$(go list -e -test=false -export=false -deps=false -find=false -tags ignore_autogenerated -f "{{.Dir}}" "kubesphere.io/api/${PKG}") - # shellcheck disable=SC2010 - ls -1 -F "${DIR}" | grep '/$' | xargs -n 1 -I{} go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=kubesphere.io/api/"${PKG}"/{} - else - go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=kubesphere.io/api/"${PKG}" - fi + go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=./staging/src/kubesphere.io/api/"${PKG}" else echo "Generating manifests for ${PKG}" - if [[ "$PKG" =~ /\*$ ]]; then - PKG=${PKG%??} - DIR=$(go list -e -test=false -export=false -deps=false -find=false -tags ignore_autogenerated -f "{{.Dir}}" "kubesphere.io/api/${PKG}") - # shellcheck disable=SC2010 - ls -1 -F "${DIR}" | grep '/$' | xargs -n 1 -I{} go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=kubesphere.io/api/"${PKG}"/{} rbac:roleName=controller-perms "${CRD_OPTIONS}" output:crd:artifacts:config=config/crds - else - go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=kubesphere.io/api/"${PKG}" rbac:roleName=controller-perms "${CRD_OPTIONS}" output:crd:artifacts:config=config/crds - fi + go run ./vendor/sigs.k8s.io/controller-tools/cmd/controller-gen/main.go object:headerFile=./hack/boilerplate.go.txt paths=./staging/src/kubesphere.io/api/"${PKG}" rbac:roleName=controller-perms "${CRD_OPTIONS}" output:crd:artifacts:config=config/ks-core/crds fi done diff --git a/pkg/controller/application/application_suit_test.go b/pkg/controller/application/application_suit_test.go index 20d4a007f..ba906ba5c 100644 --- a/pkg/controller/application/application_suit_test.go +++ b/pkg/controller/application/application_suit_test.go @@ -61,7 +61,7 @@ var _ = BeforeSuite(func(done Done) { By("bootstrapping test environment") testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } diff --git a/pkg/controller/helm/helm_controller_test.go b/pkg/controller/helm/helm_controller_test.go index 8a8d7a8f1..c47ffafc7 100644 --- a/pkg/controller/helm/helm_controller_test.go +++ b/pkg/controller/helm/helm_controller_test.go @@ -52,7 +52,7 @@ var _ = BeforeSuite(func(done Done) { By("bootstrapping test environment") testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } var err error diff --git a/pkg/controller/namespace/namespace_controller_suite_test.go b/pkg/controller/namespace/namespace_controller_suite_test.go index 8095632fe..2a7c214ea 100644 --- a/pkg/controller/namespace/namespace_controller_suite_test.go +++ b/pkg/controller/namespace/namespace_controller_suite_test.go @@ -62,7 +62,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/controller/openpitrix/helmapplication/helm_application_controller_suite_test.go b/pkg/controller/openpitrix/helmapplication/helm_application_controller_suite_test.go index d70d7192a..de33953de 100644 --- a/pkg/controller/openpitrix/helmapplication/helm_application_controller_suite_test.go +++ b/pkg/controller/openpitrix/helmapplication/helm_application_controller_suite_test.go @@ -62,7 +62,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/controller/openpitrix/helmcategory/helm_category_controller_suite_test.go b/pkg/controller/openpitrix/helmcategory/helm_category_controller_suite_test.go index 1597896a3..6b2f44e0d 100644 --- a/pkg/controller/openpitrix/helmcategory/helm_category_controller_suite_test.go +++ b/pkg/controller/openpitrix/helmcategory/helm_category_controller_suite_test.go @@ -63,7 +63,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/controller/openpitrix/helmrepo/helm_repo_controller_suite_test.go b/pkg/controller/openpitrix/helmrepo/helm_repo_controller_suite_test.go index ff7abe908..62081cc3b 100644 --- a/pkg/controller/openpitrix/helmrepo/helm_repo_controller_suite_test.go +++ b/pkg/controller/openpitrix/helmrepo/helm_repo_controller_suite_test.go @@ -62,7 +62,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/controller/workspace/workspace_controller_suite_test.go b/pkg/controller/workspace/workspace_controller_suite_test.go index 20ddf70ff..41daf0075 100644 --- a/pkg/controller/workspace/workspace_controller_suite_test.go +++ b/pkg/controller/workspace/workspace_controller_suite_test.go @@ -62,7 +62,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/controller/workspacerole/workspacerole_controller_suite_test.go b/pkg/controller/workspacerole/workspacerole_controller_suite_test.go index 6a48360d0..9720ccafb 100644 --- a/pkg/controller/workspacerole/workspacerole_controller_suite_test.go +++ b/pkg/controller/workspacerole/workspacerole_controller_suite_test.go @@ -62,7 +62,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/controller/workspacerolebinding/workspacerolebinding_controller_suite_test.go b/pkg/controller/workspacerolebinding/workspacerolebinding_controller_suite_test.go index afffc0ab6..b6460add8 100644 --- a/pkg/controller/workspacerolebinding/workspacerolebinding_controller_suite_test.go +++ b/pkg/controller/workspacerolebinding/workspacerolebinding_controller_suite_test.go @@ -62,7 +62,7 @@ var _ = BeforeSuite(func(done Done) { } } else { testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "crds")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "config", "ks-core", "crds")}, AttachControlPlaneOutput: false, } } diff --git a/pkg/models/resources/v1alpha3/application/applications_test.go b/pkg/models/resources/v1alpha3/application/applications_test.go index d0db36b65..1d53f5034 100644 --- a/pkg/models/resources/v1alpha3/application/applications_test.go +++ b/pkg/models/resources/v1alpha3/application/applications_test.go @@ -58,7 +58,7 @@ func compare(actual *appv1beta1.Application, expects ...*appv1beta1.Application) } func TestGetListApplications(t *testing.T) { - e := &envtest.Environment{CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "..", "config", "crds")}} + e := &envtest.Environment{CRDDirectoryPaths: []string{filepath.Join("..", "..", "..", "..", "..", "config", "ks-core", "crds")}} cfg, err := e.Start() if err != nil { t.Fatal(err)