mirror of https://github.com/istio/client-go.git
Compare commits
168 Commits
Author | SHA1 | Date |
---|---|---|
|
abdb6e4970 | |
|
5802204622 | |
|
fbf222e77e | |
|
aa92b70682 | |
|
6cb549ffed | |
|
35f26ce96b | |
|
4519b8f27b | |
|
c837cb7868 | |
|
b9ea5c72f8 | |
|
fd112c356c | |
|
f75ba17b7e | |
|
089adeffb3 | |
|
d6e0acd0b2 | |
|
3c44b40546 | |
|
af1da87407 | |
|
d4f835b5bb | |
|
7be86fec36 | |
|
6bfb01105e | |
|
50894d2629 | |
|
6567c08355 | |
|
d4abd1e9c8 | |
|
16cef4c6e9 | |
|
a48f6191b4 | |
|
9ba4f300ce | |
|
75cf3d24f0 | |
|
c5b27dda43 | |
|
e8fb3b1e60 | |
|
ef9eb17e86 | |
|
2c37bfe5e2 | |
|
2df790376a | |
|
eeaac05276 | |
|
a40d0bb37c | |
|
76b4adc3bb | |
|
a713bf959b | |
|
bf5822117c | |
|
1f281ea2aa | |
|
742fcbe9c5 | |
|
9307021622 | |
|
7956d5999d | |
|
68a8277547 | |
|
218dd30668 | |
|
c1eb827bdd | |
|
103dccc87a | |
|
16385f4dce | |
|
6de0999216 | |
|
144a9ac064 | |
|
e78f488d23 | |
|
66b85a8221 | |
|
90ffc090e2 | |
|
c4631d8c76 | |
|
d851c83576 | |
|
64a0de0e4e | |
|
b722fa1685 | |
|
8a41fd1583 | |
|
cb3b4ac36f | |
|
f1ac016234 | |
|
c0a76fe790 | |
|
73edf71680 | |
|
4badc7c2d8 | |
|
929a837017 | |
|
cd28712270 | |
|
3701d4bc41 | |
|
7f8bd8435d | |
|
58ef5956da | |
|
1a0154e29b | |
|
e8b65a187b | |
|
a00da0a876 | |
|
10a9b3edd7 | |
|
99f5a4d3a4 | |
|
05c2d7d447 | |
|
266e007f83 | |
|
d7a4403ea9 | |
|
94d84dd594 | |
|
b9dc679a5e | |
|
471332507a | |
|
251850eca7 | |
|
489349726d | |
|
ac448f51be | |
|
974bbf6127 | |
|
de60ae2cec | |
|
d76be98fa6 | |
|
a6fe8b405c | |
|
638d0d3e68 | |
|
b8673ff41f | |
|
76576de71e | |
|
f56591e7d3 | |
|
c0b8a64f60 | |
|
ffccdd51bb | |
|
6a4532bdfd | |
|
f16974ccfe | |
|
8962178af4 | |
|
5a4065fded | |
|
6c6b3dd798 | |
|
5c6fc0e25c | |
|
d53ff786b5 | |
|
aac05a6bd3 | |
|
ae47bff2b8 | |
|
f485d3bb3d | |
|
62dfd07e8a | |
|
e5cee70f0a | |
|
0351a659fc | |
|
e3e1ed607a | |
|
aa9f47ac15 | |
|
fb95213c2b | |
|
57e9005605 | |
|
6286f45d23 | |
|
e4bd2abaeb | |
|
a963f222fa | |
|
321cd01dae | |
|
f702ff0541 | |
|
10af86fc2e | |
|
11b57bb39a | |
|
69ee79ea2b | |
|
b269c927fc | |
|
968440ca42 | |
|
3daa012682 | |
|
0630716ab2 | |
|
b975f2004c | |
|
61ceb94240 | |
|
cf8c1d8116 | |
|
e2c7934a23 | |
|
5f661db443 | |
|
141ab6cd8d | |
|
804d7e95e6 | |
|
3a0a876cd3 | |
|
5e53cc1d58 | |
|
f1f7742277 | |
|
6bad57ddbd | |
|
dc57c6dbe5 | |
|
b0c642a578 | |
|
4410eb8437 | |
|
c29d7d0944 | |
|
2cf50d2e1e | |
|
eea6e6266b | |
|
31551ece06 | |
|
fd4eaa7c57 | |
|
008294ef2a | |
|
8f91b6fd01 | |
|
78188663f3 | |
|
a79df37efd | |
|
7074dad401 | |
|
12628fdc37 | |
|
6d835c6a05 | |
|
df47c87e86 | |
|
9759c59ab2 | |
|
7cc2fe9a48 | |
|
7914562906 | |
|
48b8ad541f | |
|
29f2caac2e | |
|
67284b50eb | |
|
ec09604bc2 | |
|
3f60d583a7 | |
|
668830b88d | |
|
f8c2067e09 | |
|
8bdf5ef67f | |
|
6310967f5d | |
|
4cd2e62a43 | |
|
14fc709753 | |
|
b582835694 | |
|
466c1746c1 | |
|
0afb3e851f | |
|
8402bc51af | |
|
2b92e66e1c | |
|
1dc15893b0 | |
|
b7de4ee946 | |
|
6b23703139 | |
|
0295d2ef21 | |
|
d1c63d64db |
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "istio build-tools",
|
||||
"image": "gcr.io/istio-testing/build-tools:master-4759bf88d40172234fc6a0b9e11a4c5f1ea58a90",
|
||||
"image": "gcr.io/istio-testing/build-tools:master-8e6480403f5cf4c9a4cd9d65174d01850e632e1a",
|
||||
"privileged": true,
|
||||
"remoteEnv": {
|
||||
"USE_GKE_GCLOUD_AUTH_PLUGIN": "True",
|
||||
|
|
|
@ -100,10 +100,17 @@ rename_generated_files=\
|
|||
find $(subst istio.io/client-go/, $(empty), $(subst $(comma), $(space), $(kube_api_packages)) $(kube_clientset_package) $(kube_listers_package) $(kube_informers_package)) \
|
||||
-name '*.go' -and -not -name 'doc.go' -and -not -name '*.gen.go' -type f -exec sh -c 'mv "$$1" "$${1%.go}".gen.go' - '{}' \;
|
||||
|
||||
# Kubernetes deepcopy gen directly sets values of our types. Our types are protos; it is illegal to do this for protos.
|
||||
# However, we don't even need this anyways -- each individual field is explicitly copied already.
|
||||
# Remove the line doing this illegal operation.
|
||||
fixup_generated_files=\
|
||||
find . -name "*.deepcopy.gen.go" -type f | xargs sed -i -e '/\*out = \*in/d'
|
||||
|
||||
.PHONY: generate-k8s-client
|
||||
generate-k8s-client:
|
||||
# generate kube api type wrappers for istio types
|
||||
@KUBETYPE_GOLANG_PROTOBUF=true $(kubetype_gen) --input-dirs $(kube_istio_source_packages) --output-package $(kube_api_base_package) -h $(kube_go_header_text)
|
||||
# TODO(https://github.com/istio/istio/issues/54831) do not depend on gotypesalias=0 for this to work
|
||||
@GODEBUG=gotypesalias=0 $(kubetype_gen) --input-dirs $(kube_istio_source_packages) --output-package $(kube_api_base_package) -h $(kube_go_header_text)
|
||||
@$(move_generated)
|
||||
# generate deepcopy for kube api types
|
||||
@$(deepcopy_gen) --input-dirs $(kube_api_packages) -O zz_generated.deepcopy -h $(kube_go_header_text)
|
||||
|
@ -117,6 +124,7 @@ generate-k8s-client:
|
|||
@$(informer_gen) --input-dirs $(kube_api_packages) --versioned-clientset-package $(kube_clientset_package)/$(kube_clientset_name) --listers-package $(kube_listers_package) --output-package $(kube_informers_package) -h $(kube_go_header_text)
|
||||
@$(move_generated)
|
||||
@$(rename_generated_files)
|
||||
@$(fixup_generated_files)
|
||||
|
||||
.PHONY: build-k8s-client verify-k8s-client
|
||||
build-k8s-client:
|
||||
|
|
|
@ -1 +1 @@
|
|||
82dc68a737b72d394c344d4fd71ff9e9ebf01852
|
||||
d46067e1a8ba3db4abe2635af5807f00ba1981e6
|
||||
|
|
|
@ -106,13 +106,11 @@ update-common:
|
|||
@if [ "$(CONTRIB_OVERRIDE)" != "CONTRIBUTING.md" ]; then\
|
||||
rm $(TMP)/common-files/files/CONTRIBUTING.md;\
|
||||
fi
|
||||
# istio/istio.io uses the Creative Commons Attribution 4.0 license. Don't update LICENSE with the common Apache license.
|
||||
@LICENSE_OVERRIDE=$(shell grep -l "Creative Commons Attribution 4.0 International Public License" LICENSE)
|
||||
@if [ "$(LICENSE_OVERRIDE)" != "LICENSE" ]; then\
|
||||
rm $(TMP)/common-files/files/LICENSE;\
|
||||
fi
|
||||
@cp -a $(TMP)/common-files/files/* $(TMP)/common-files/files/.devcontainer $(TMP)/common-files/files/.gitattributes $(shell pwd)
|
||||
@rm -fr $(TMP)/common-files
|
||||
@if [ "$(AUTOMATOR_REPO)" == "proxy" ]; then\
|
||||
sed -i -e 's/build-tools:/build-tools-proxy:/g' .devcontainer/devcontainer.json;\
|
||||
fi
|
||||
@$(or $(COMMONFILES_POSTPROCESS), true)
|
||||
|
||||
check-clean-repo:
|
||||
|
|
|
@ -1,56 +0,0 @@
|
|||
# WARNING: DO NOT EDIT, THIS FILE IS PROBABLY A COPY
|
||||
#
|
||||
# The original version of this file is located in the https://github.com/istio/common-files repo.
|
||||
# If you're looking at this file in a different repo and want to make a change, please go to the
|
||||
# common-files repo, make the change there and check it in. Then come back to this repo and run
|
||||
# "make update-common".
|
||||
|
||||
run:
|
||||
# Timeout for analysis, e.g. 30s, 5m.
|
||||
# Default: 1m
|
||||
timeout: 20m
|
||||
build-tags:
|
||||
- integ
|
||||
- integfuzz
|
||||
linters:
|
||||
disable-all: true
|
||||
enable:
|
||||
- goimports
|
||||
- gofumpt
|
||||
- gci
|
||||
fast: false
|
||||
linters-settings:
|
||||
gci:
|
||||
sections:
|
||||
- standard # Captures all standard packages if they do not match another section.
|
||||
- default # Contains all imports that could not be matched to another section type.
|
||||
- prefix(istio.io/) # Groups all imports with the specified Prefix.
|
||||
goimports:
|
||||
# put imports beginning with prefix after 3rd-party packages;
|
||||
# it's a comma-separated list of prefixes
|
||||
local-prefixes: istio.io/
|
||||
issues:
|
||||
# Which dirs to exclude: issues from them won't be reported.
|
||||
# Can use regexp here: `generated.*`, regexp is applied on full path,
|
||||
# including the path prefix if one is set.
|
||||
# Default dirs are skipped independently of this option's value (see exclude-dirs-use-default).
|
||||
# "/" will be replaced by current OS file path separator to properly work on Windows.
|
||||
# Default: []
|
||||
exclude-dirs:
|
||||
- genfiles$
|
||||
- vendor$
|
||||
# Which files to exclude: they will be analyzed, but issues from them won't be reported.
|
||||
# There is no need to include all autogenerated files,
|
||||
# we confidently recognize autogenerated files.
|
||||
# If it's not, please let us know.
|
||||
# "/" will be replaced by current OS file path separator to properly work on Windows.
|
||||
# Default: []
|
||||
exclude-files:
|
||||
- ".*\\.pb\\.go"
|
||||
- ".*\\.gen\\.go"
|
||||
# Maximum issues count per one linter.
|
||||
# Set to 0 to disable.
|
||||
# Default: 50
|
||||
max-issues-per-linter: 0
|
||||
# Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
|
||||
max-same-issues: 0
|
|
@ -1,262 +1,221 @@
|
|||
# WARNING: DO NOT EDIT, THIS FILE IS PROBABLY A COPY
|
||||
#
|
||||
# The original version of this file is located in the https://github.com/istio/common-files repo.
|
||||
# If you're looking at this file in a different repo and want to make a change, please go to the
|
||||
# common-files repo, make the change there and check it in. Then come back to this repo and run
|
||||
# "make update-common".
|
||||
|
||||
version: "2"
|
||||
run:
|
||||
# Timeout for analysis, e.g. 30s, 5m.
|
||||
# Default: 1m
|
||||
timeout: 20m
|
||||
build-tags:
|
||||
- integ
|
||||
- integfuzz
|
||||
linters:
|
||||
disable-all: true
|
||||
default: none
|
||||
enable:
|
||||
- errcheck
|
||||
- exportloopref
|
||||
- copyloopvar
|
||||
- depguard
|
||||
- errcheck
|
||||
- gocritic
|
||||
- gofumpt
|
||||
- goimports
|
||||
- revive
|
||||
- gosimple
|
||||
- gosec
|
||||
- govet
|
||||
- ineffassign
|
||||
- lll
|
||||
- misspell
|
||||
- revive
|
||||
- staticcheck
|
||||
- stylecheck
|
||||
- typecheck
|
||||
- unconvert
|
||||
- unparam
|
||||
- unused
|
||||
- gci
|
||||
- gosec
|
||||
fast: false
|
||||
linters-settings:
|
||||
errcheck:
|
||||
# report about not checking of errors in type assertions: `a := b.(MyStruct)`;
|
||||
# default is false: such cases aren't reported by default.
|
||||
check-type-assertions: false
|
||||
# report about assignment of errors to blank identifier: `num, _ := strconv.Atoi(numStr)`;
|
||||
# default is false: such cases aren't reported by default.
|
||||
check-blank: false
|
||||
govet:
|
||||
disable:
|
||||
# report about shadowed variables
|
||||
- shadow
|
||||
goimports:
|
||||
# put imports beginning with prefix after 3rd-party packages;
|
||||
# it's a comma-separated list of prefixes
|
||||
local-prefixes: istio.io/
|
||||
misspell:
|
||||
# Correct spellings using locale preferences for US or UK.
|
||||
# Default is to use a neutral variety of English.
|
||||
# Setting locale to US will correct the British spelling of 'colour' to 'color'.
|
||||
locale: US
|
||||
ignore-words:
|
||||
- cancelled
|
||||
lll:
|
||||
# max line length, lines longer will be reported. Default is 120.
|
||||
# '\t' is counted as 1 character by default, and can be changed with the tab-width option
|
||||
line-length: 160
|
||||
# tab width in spaces. Default to 1.
|
||||
tab-width: 1
|
||||
revive:
|
||||
ignore-generated-header: false
|
||||
severity: "warning"
|
||||
confidence: 0.0
|
||||
settings:
|
||||
depguard:
|
||||
rules:
|
||||
DenyGogoProtobuf:
|
||||
files:
|
||||
- $all
|
||||
deny:
|
||||
- pkg: github.com/gogo/protobuf
|
||||
desc: gogo/protobuf is deprecated, use golang/protobuf
|
||||
errcheck:
|
||||
check-type-assertions: false
|
||||
check-blank: false
|
||||
gocritic:
|
||||
disable-all: true
|
||||
enabled-checks:
|
||||
- appendCombine
|
||||
- argOrder
|
||||
- assignOp
|
||||
- badCond
|
||||
- boolExprSimplify
|
||||
- builtinShadow
|
||||
- captLocal
|
||||
- caseOrder
|
||||
- codegenComment
|
||||
- commentedOutCode
|
||||
- commentedOutImport
|
||||
- defaultCaseOrder
|
||||
- deprecatedComment
|
||||
- docStub
|
||||
- dupArg
|
||||
- dupBranchBody
|
||||
- dupCase
|
||||
- dupSubExpr
|
||||
- elseif
|
||||
- emptyFallthrough
|
||||
- equalFold
|
||||
- flagDeref
|
||||
- flagName
|
||||
- hexLiteral
|
||||
- indexAlloc
|
||||
- initClause
|
||||
- methodExprCall
|
||||
- nilValReturn
|
||||
- octalLiteral
|
||||
- offBy1
|
||||
- rangeExprCopy
|
||||
- regexpMust
|
||||
- sloppyLen
|
||||
- stringXbytes
|
||||
- switchTrue
|
||||
- typeAssertChain
|
||||
- typeSwitchVar
|
||||
- typeUnparen
|
||||
- underef
|
||||
- unlambda
|
||||
- unnecessaryBlock
|
||||
- unslice
|
||||
- valSwap
|
||||
- weakCond
|
||||
gosec:
|
||||
includes:
|
||||
- G401
|
||||
- G402
|
||||
- G404
|
||||
govet:
|
||||
disable:
|
||||
- shadow
|
||||
lll:
|
||||
line-length: 160
|
||||
tab-width: 1
|
||||
misspell:
|
||||
locale: US
|
||||
ignore-rules:
|
||||
- cancelled
|
||||
revive:
|
||||
confidence: 0
|
||||
severity: warning
|
||||
rules:
|
||||
- name: blank-imports
|
||||
- name: context-keys-type
|
||||
- name: time-naming
|
||||
- name: var-declaration
|
||||
- name: unexported-return
|
||||
- name: errorf
|
||||
- name: context-as-argument
|
||||
- name: dot-imports
|
||||
- name: error-return
|
||||
- name: error-strings
|
||||
- name: error-naming
|
||||
- name: increment-decrement
|
||||
- name: var-naming
|
||||
- name: package-comments
|
||||
- name: range
|
||||
- name: receiver-naming
|
||||
- name: indent-error-flow
|
||||
- name: superfluous-else
|
||||
- name: modifies-parameter
|
||||
- name: unreachable-code
|
||||
- name: struct-tag
|
||||
- name: constant-logical-expr
|
||||
- name: bool-literal-in-expr
|
||||
- name: redefines-builtin-id
|
||||
- name: imports-blocklist
|
||||
- name: range-val-in-closure
|
||||
- name: range-val-address
|
||||
- name: waitgroup-by-value
|
||||
- name: atomic
|
||||
- name: call-to-gc
|
||||
- name: duplicated-imports
|
||||
- name: string-of-int
|
||||
- name: defer
|
||||
arguments:
|
||||
- - call-chain
|
||||
- name: unconditional-recursion
|
||||
- name: identical-branches
|
||||
unparam:
|
||||
check-exported: false
|
||||
exclusions:
|
||||
generated: lax
|
||||
presets:
|
||||
- comments
|
||||
- common-false-positives
|
||||
- legacy
|
||||
- std-error-handling
|
||||
rules:
|
||||
- name: blank-imports
|
||||
- name: context-keys-type
|
||||
- name: time-naming
|
||||
- name: var-declaration
|
||||
- name: unexported-return
|
||||
- name: errorf
|
||||
- name: context-as-argument
|
||||
- name: dot-imports
|
||||
- name: error-return
|
||||
- name: error-strings
|
||||
- name: error-naming
|
||||
- name: increment-decrement
|
||||
- name: var-naming
|
||||
- name: package-comments
|
||||
- name: range
|
||||
- name: receiver-naming
|
||||
- name: indent-error-flow
|
||||
- name: superfluous-else
|
||||
- name: modifies-parameter
|
||||
- name: unreachable-code
|
||||
- name: struct-tag
|
||||
- name: constant-logical-expr
|
||||
- name: bool-literal-in-expr
|
||||
- name: redefines-builtin-id
|
||||
- name: imports-blacklist
|
||||
- name: range-val-in-closure
|
||||
- name: range-val-address
|
||||
- name: waitgroup-by-value
|
||||
- name: atomic
|
||||
- name: call-to-gc
|
||||
- name: duplicated-imports
|
||||
- name: string-of-int
|
||||
- name: defer
|
||||
arguments:
|
||||
- - "call-chain"
|
||||
- name: unconditional-recursion
|
||||
- name: identical-branches
|
||||
# the following rules can be enabled in the future
|
||||
# - name: empty-lines
|
||||
# - name: confusing-results
|
||||
# - name: empty-block
|
||||
# - name: get-return
|
||||
# - name: confusing-naming
|
||||
# - name: unexported-naming
|
||||
# - name: early-return
|
||||
# - name: unused-parameter
|
||||
# - name: unnecessary-stmt
|
||||
# - name: deep-exit
|
||||
# - name: import-shadowing
|
||||
# - name: modifies-value-receiver
|
||||
# - name: unused-receiver
|
||||
# - name: bare-return
|
||||
# - name: flag-parameter
|
||||
# - name: unhandled-error
|
||||
# - name: if-return
|
||||
unparam:
|
||||
# Inspect exported functions, default is false. Set to true if no external program/library imports your code.
|
||||
# XXX: if you enable this setting, unparam will report a lot of false-positives in text editors:
|
||||
# if it's called for subdir of a project it can't find external interfaces. All text editor integrations
|
||||
# with golangci-lint call it on a directory with the changed file.
|
||||
check-exported: false
|
||||
gci:
|
||||
sections:
|
||||
- standard # Captures all standard packages if they do not match another section.
|
||||
- default # Contains all imports that could not be matched to another section type.
|
||||
- prefix(istio.io/) # Groups all imports with the specified Prefix.
|
||||
gocritic:
|
||||
# Disable all checks.
|
||||
# Default: false
|
||||
disable-all: true
|
||||
# Which checks should be enabled in addition to default checks. Since we don't want
|
||||
# all of the default checks, we do the disable-all first.
|
||||
enabled-checks:
|
||||
- appendCombine
|
||||
- argOrder
|
||||
- assignOp
|
||||
- badCond
|
||||
- boolExprSimplify
|
||||
- builtinShadow
|
||||
- captLocal
|
||||
- caseOrder
|
||||
- codegenComment
|
||||
- commentedOutCode
|
||||
- commentedOutImport
|
||||
- defaultCaseOrder
|
||||
- deprecatedComment
|
||||
- docStub
|
||||
- dupArg
|
||||
- dupBranchBody
|
||||
- dupCase
|
||||
- dupSubExpr
|
||||
- elseif
|
||||
- emptyFallthrough
|
||||
- equalFold
|
||||
- flagDeref
|
||||
- flagName
|
||||
- hexLiteral
|
||||
- indexAlloc
|
||||
- initClause
|
||||
- methodExprCall
|
||||
- nilValReturn
|
||||
- octalLiteral
|
||||
- offBy1
|
||||
- rangeExprCopy
|
||||
- regexpMust
|
||||
- sloppyLen
|
||||
- stringXbytes
|
||||
- switchTrue
|
||||
- typeAssertChain
|
||||
- typeSwitchVar
|
||||
- typeUnparen
|
||||
- underef
|
||||
- unlambda
|
||||
- unnecessaryBlock
|
||||
- unslice
|
||||
- valSwap
|
||||
- weakCond
|
||||
depguard:
|
||||
rules:
|
||||
DenyGogoProtobuf:
|
||||
files:
|
||||
- $all
|
||||
deny:
|
||||
- pkg: github.com/gogo/protobuf
|
||||
desc: "gogo/protobuf is deprecated, use golang/protobuf"
|
||||
gosec:
|
||||
includes:
|
||||
- G401
|
||||
- G402
|
||||
- G404
|
||||
- linters:
|
||||
- errcheck
|
||||
- maligned
|
||||
path: _test\.go$|tests/|samples/
|
||||
- path: _test\.go$
|
||||
text: 'dot-imports: should not use dot imports'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: package github.com/golang/protobuf/jsonpb'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: "github.com/golang/protobuf/jsonpb"'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: grpc.Dial is deprecated: use NewClient instead'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: grpc.DialContext is deprecated: use NewClient instead'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: grpc.WithBlock is deprecated'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: grpc.FailOnNonTempDialError'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'SA1019: grpc.WithReturnConnectionError'
|
||||
- path: (.+)\.go$
|
||||
text: composite literal uses unkeyed fields
|
||||
# TODO: remove following rule in the future
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'QF'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'ST1005'
|
||||
- linters:
|
||||
- staticcheck
|
||||
text: 'S1007'
|
||||
paths:
|
||||
- .*\.pb\.go
|
||||
- .*\.gen\.go
|
||||
- genfiles$
|
||||
- vendor$
|
||||
- third_party$
|
||||
- builtin$
|
||||
- examples$
|
||||
issues:
|
||||
# List of regexps of issue texts to exclude, empty list by default.
|
||||
# But independently from this option we use default exclude patterns,
|
||||
# it can be disabled by `exclude-use-default: false`. To list all
|
||||
# excluded by default patterns execute `golangci-lint run --help`
|
||||
exclude:
|
||||
- composite literal uses unkeyed fields
|
||||
# Which dirs to exclude: issues from them won't be reported.
|
||||
# Can use regexp here: `generated.*`, regexp is applied on full path,
|
||||
# including the path prefix if one is set.
|
||||
# Default dirs are skipped independently of this option's value (see exclude-dirs-use-default).
|
||||
# "/" will be replaced by current OS file path separator to properly work on Windows.
|
||||
# Default: []
|
||||
exclude-dirs:
|
||||
- genfiles$
|
||||
- vendor$
|
||||
# Which files to exclude: they will be analyzed, but issues from them won't be reported.
|
||||
# There is no need to include all autogenerated files,
|
||||
# we confidently recognize autogenerated files.
|
||||
# If it's not, please let us know.
|
||||
# "/" will be replaced by current OS file path separator to properly work on Windows.
|
||||
# Default: []
|
||||
exclude-files:
|
||||
- ".*\\.pb\\.go"
|
||||
- ".*\\.gen\\.go"
|
||||
exclude-rules:
|
||||
# Exclude some linters from running on test files.
|
||||
- path: _test\.go$|^tests/|^samples/
|
||||
linters:
|
||||
- errcheck
|
||||
- maligned
|
||||
- path: _test\.go$
|
||||
text: "dot-imports: should not use dot imports"
|
||||
# We need to use the deprecated module since the jsonpb replacement is not backwards compatible.
|
||||
- linters: [staticcheck]
|
||||
text: "SA1019: package github.com/golang/protobuf/jsonpb"
|
||||
- linters: [staticcheck]
|
||||
text: 'SA1019: "github.com/golang/protobuf/jsonpb"'
|
||||
# This is not helpful. The new function is not very usable and the current function will not be removed
|
||||
- linters: [staticcheck]
|
||||
text: 'SA1019: grpc.Dial is deprecated: use NewClient instead'
|
||||
- linters: [staticcheck]
|
||||
text: 'SA1019: grpc.DialContext is deprecated: use NewClient instead'
|
||||
- linters: [staticcheck]
|
||||
text: "SA1019: grpc.WithBlock is deprecated"
|
||||
- linters: [staticcheck]
|
||||
text: "SA1019: grpc.FailOnNonTempDialError"
|
||||
- linters: [staticcheck]
|
||||
text: "SA1019: grpc.WithReturnConnectionError"
|
||||
# Independently from option `exclude` we use default exclude patterns,
|
||||
# it can be disabled by this option. To list all
|
||||
# excluded by default patterns execute `golangci-lint run --help`.
|
||||
# Default value for this option is true.
|
||||
exclude-use-default: true
|
||||
# Maximum issues count per one linter.
|
||||
# Set to 0 to disable.
|
||||
# Default: 50
|
||||
max-issues-per-linter: 0
|
||||
# Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
|
||||
max-same-issues: 0
|
||||
formatters:
|
||||
enable:
|
||||
- gci
|
||||
- gofumpt
|
||||
- goimports
|
||||
settings:
|
||||
gci:
|
||||
sections:
|
||||
- standard
|
||||
- default
|
||||
- prefix(istio.io/)
|
||||
goimports:
|
||||
local-prefixes:
|
||||
- istio.io/
|
||||
exclusions:
|
||||
generated: lax
|
||||
paths:
|
||||
- .*\.pb\.go
|
||||
- .*\.gen\.go
|
||||
- genfiles$
|
||||
- vendor$
|
||||
- third_party$
|
||||
- builtin$
|
||||
- examples$
|
||||
|
|
|
@ -125,4 +125,21 @@ allowlisted_modules:
|
|||
|
||||
# Simplified BSD (BSD-2-Clause): https://github.com/russross/blackfriday/blob/master/LICENSE.txt
|
||||
- github.com/russross/blackfriday
|
||||
- github.com/russross/blackfriday/v2
|
||||
- github.com/russross/blackfriday/v2
|
||||
|
||||
# W3C Test Suite License, W3C 3-clause BSD License
|
||||
# gonum uses this for its some of its test files
|
||||
# gonum.org/v1/gonum/graph/formats/rdf/testdata/LICENSE.md
|
||||
- gonum.org/v1/gonum
|
||||
|
||||
# BSD 3-clause: https://github.com/go-inf/inf/blob/v0.9.1/LICENSE
|
||||
- gopkg.in/inf.v0
|
||||
|
||||
# BSD 3-clause: https://github.com/go-git/gcfg/blob/main/LICENSE
|
||||
- github.com/go-git/gcfg
|
||||
|
||||
# Apache 2.0
|
||||
- github.com/aws/smithy-go
|
||||
|
||||
# Simplified BSD License: https://github.com/gomarkdown/markdown/blob/master/LICENSE.txt
|
||||
- github.com/gomarkdown/markdown
|
||||
|
|
|
@ -21,4 +21,4 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
golangci-lint run --fix -c ./common/config/.golangci-format.yml
|
||||
golangci-lint run --fix -c ./common/config/.golangci.yml
|
||||
|
|
|
@ -32,10 +32,10 @@ set -x
|
|||
####################################################################
|
||||
|
||||
# DEFAULT_KIND_IMAGE is used to set the Kubernetes version for KinD unless overridden in params to setup_kind_cluster(s)
|
||||
DEFAULT_KIND_IMAGE="gcr.io/istio-testing/kind-node:v1.28.4"
|
||||
DEFAULT_KIND_IMAGE="gcr.io/istio-testing/kind-node:v1.33.1"
|
||||
|
||||
# the default kind cluster should be ipv4 if not otherwise specified
|
||||
IP_FAMILY="${IP_FAMILY:-ipv4}"
|
||||
KIND_IP_FAMILY="${KIND_IP_FAMILY:-ipv4}"
|
||||
|
||||
# COMMON_SCRIPTS contains the directory this file is in.
|
||||
COMMON_SCRIPTS=$(dirname "${BASH_SOURCE:-$0}")
|
||||
|
@ -147,7 +147,7 @@ function setup_kind_cluster_retry() {
|
|||
# 1. NAME: Name of the Kind cluster (optional)
|
||||
# 2. IMAGE: Node image used by KinD (optional)
|
||||
# 3. CONFIG: KinD cluster configuration YAML file. If not specified then DEFAULT_CLUSTER_YAML is used
|
||||
# 4. NOMETALBINSTALL: Dont install matllb if set.
|
||||
# 4. NOMETALBINSTALL: Dont install metalb if set.
|
||||
# This function returns 0 when everything goes well, or 1 otherwise
|
||||
# If Kind cluster was already created then it would be cleaned up in case of errors
|
||||
function setup_kind_cluster() {
|
||||
|
@ -186,16 +186,25 @@ function setup_kind_cluster() {
|
|||
|
||||
# Create KinD cluster
|
||||
if ! (yq eval "${CONFIG}" --expression ".networking.disableDefaultCNI = ${KIND_DISABLE_CNI}" \
|
||||
--expression ".networking.ipFamily = \"${IP_FAMILY}\"" | \
|
||||
--expression ".networking.ipFamily = \"${KIND_IP_FAMILY}\"" | \
|
||||
kind create cluster --name="${NAME}" -v4 --retain --image "${IMAGE}" ${KIND_WAIT_FLAG:+"$KIND_WAIT_FLAG"} --config -); then
|
||||
echo "Could not setup KinD environment. Something wrong with KinD setup. Exporting logs."
|
||||
return 9
|
||||
# kubectl config set clusters.kind-istio-testing.server https://istio-testing-control-plane:6443
|
||||
fi
|
||||
|
||||
if [[ -n "${DEVCONTAINER:-}" ]]; then
|
||||
# identify our docker container id using proc and regex
|
||||
containerid=$(grep 'resolv.conf' /proc/self/mountinfo | sed 's/.*\/docker\/containers\/\([0-9a-f]*\).*/\1/')
|
||||
docker network connect kind "$containerid"
|
||||
kind export kubeconfig --name="${NAME}" --internal
|
||||
fi
|
||||
|
||||
# Workaround kind issue causing taints to not be removed in 1.24
|
||||
kubectl taint nodes "${NAME}"-control-plane node-role.kubernetes.io/control-plane- 2>/dev/null || true
|
||||
|
||||
# Determine what CNI to install
|
||||
case "${KUBERNETES_CNI:-}" in
|
||||
case "${KUBERNETES_CNI:-}" in
|
||||
|
||||
"calico")
|
||||
echo "Installing Calico CNI"
|
||||
|
@ -230,7 +239,7 @@ function setup_kind_cluster() {
|
|||
# https://github.com/coredns/coredns/issues/2494#issuecomment-457215452
|
||||
# CoreDNS should handle those domains and answer with NXDOMAIN instead of SERVFAIL
|
||||
# otherwise pods stops trying to resolve the domain.
|
||||
if [ "${IP_FAMILY}" = "ipv6" ] || [ "${IP_FAMILY}" = "dual" ]; then
|
||||
if [ "${KIND_IP_FAMILY}" = "ipv6" ] || [ "${KIND_IP_FAMILY}" = "dual" ]; then
|
||||
# Get the current config
|
||||
original_coredns=$(kubectl get -oyaml -n=kube-system configmap/coredns)
|
||||
echo "Original CoreDNS config:"
|
||||
|
@ -267,14 +276,14 @@ function cleanup_kind_clusters() {
|
|||
# setup_kind_clusters sets up a given number of kind clusters with given topology
|
||||
# as specified in cluster topology configuration file.
|
||||
# 1. IMAGE = docker image used as node by KinD
|
||||
# 2. IP_FAMILY = either ipv4 or ipv6
|
||||
# 2. KIND_IP_FAMILY = either ipv4 or ipv6 or dual
|
||||
#
|
||||
# NOTE: Please call load_cluster_topology before calling this method as it expects
|
||||
# cluster topology information to be loaded in advance
|
||||
function setup_kind_clusters() {
|
||||
IMAGE="${1:-"${DEFAULT_KIND_IMAGE}"}"
|
||||
KUBECONFIG_DIR="${ARTIFACTS:-$(mktemp -d)}/kubeconfig"
|
||||
IP_FAMILY="${2:-ipv4}"
|
||||
KIND_IP_FAMILY="${2:-ipv4}"
|
||||
|
||||
check_default_cluster_yaml
|
||||
|
||||
|
|
|
@ -21,8 +21,10 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
GOLANGCILINT_RUN_ARGS=(--output.text.path stdout --output.junit-xml.path "${ARTIFACTS}"/junit-lint.xml)
|
||||
|
||||
if [[ "${ARTIFACTS}" != "" ]]; then
|
||||
golangci-lint run -v -c ./common/config/.golangci.yml --out-format colored-line-number,junit-xml:"${ARTIFACTS}"/junit-lint.xml
|
||||
golangci-lint run -v -c ./common/config/.golangci.yml "${GOLANGCILINT_RUN_ARGS[@]}"
|
||||
else
|
||||
golangci-lint run -v -c ./common/config/.golangci.yml
|
||||
fi
|
||||
|
|
|
@ -47,7 +47,9 @@ read -ra DOCKER_RUN_OPTIONS <<< "${DOCKER_RUN_OPTIONS:-}"
|
|||
"${DOCKER_RUN_OPTIONS[@]}" \
|
||||
--init \
|
||||
--sig-proxy=true \
|
||||
--cap-add=SYS_ADMIN \
|
||||
${DOCKER_SOCKET_MOUNT:--v /var/run/docker.sock:/var/run/docker.sock} \
|
||||
-e DOCKER_HOST=${DOCKER_SOCKET_HOST:-unix:///var/run/docker.sock} \
|
||||
$CONTAINER_OPTIONS \
|
||||
--env-file <(env | grep -v ${ENV_BLOCKLIST}) \
|
||||
-e IN_BUILD_CONTAINER=1 \
|
||||
|
|
|
@ -75,7 +75,7 @@ fi
|
|||
TOOLS_REGISTRY_PROVIDER=${TOOLS_REGISTRY_PROVIDER:-gcr.io}
|
||||
PROJECT_ID=${PROJECT_ID:-istio-testing}
|
||||
if [[ "${IMAGE_VERSION:-}" == "" ]]; then
|
||||
IMAGE_VERSION=master-4759bf88d40172234fc6a0b9e11a4c5f1ea58a90
|
||||
IMAGE_VERSION=master-8e6480403f5cf4c9a4cd9d65174d01850e632e1a
|
||||
fi
|
||||
if [[ "${IMAGE_NAME:-}" == "" ]]; then
|
||||
IMAGE_NAME=build-tools
|
||||
|
|
57
go.mod
57
go.mod
|
@ -1,31 +1,28 @@
|
|||
module istio.io/client-go
|
||||
|
||||
go 1.22.0
|
||||
|
||||
toolchain go1.22.3
|
||||
go 1.23.0
|
||||
|
||||
require (
|
||||
istio.io/api v1.24.0-alpha.0.0.20241018201654-7c8ec5b5ab72
|
||||
k8s.io/apimachinery v0.30.0
|
||||
k8s.io/client-go v0.29.0
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.4.1
|
||||
istio.io/api v1.26.0-alpha.0.0.20250710110633-638d39554fc6
|
||||
k8s.io/apimachinery v0.32.1
|
||||
k8s.io/client-go v0.32.1
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.5.0
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/davecgh/go-spew v1.1.1 // indirect
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
||||
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
|
||||
github.com/evanphx/json-patch v5.6.0+incompatible // indirect
|
||||
github.com/go-logr/logr v1.4.1 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.19.6 // indirect
|
||||
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
|
||||
github.com/go-logr/logr v1.4.2 // indirect
|
||||
github.com/go-openapi/jsonpointer v0.21.0 // indirect
|
||||
github.com/go-openapi/jsonreference v0.20.2 // indirect
|
||||
github.com/go-openapi/swag v0.22.3 // indirect
|
||||
github.com/go-openapi/swag v0.23.0 // indirect
|
||||
github.com/gogo/protobuf v1.3.2 // indirect
|
||||
github.com/golang/protobuf v1.5.4 // indirect
|
||||
github.com/google/gnostic-models v0.6.8 // indirect
|
||||
github.com/google/go-cmp v0.6.0 // indirect
|
||||
github.com/google/gofuzz v1.2.0 // indirect
|
||||
github.com/google/uuid v1.3.0 // indirect
|
||||
github.com/imdario/mergo v0.3.6 // indirect
|
||||
github.com/google/uuid v1.6.0 // indirect
|
||||
github.com/josharian/intern v1.0.0 // indirect
|
||||
github.com/json-iterator/go v1.1.12 // indirect
|
||||
github.com/mailru/easyjson v0.7.7 // indirect
|
||||
|
@ -34,22 +31,22 @@ require (
|
|||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
golang.org/x/net v0.26.0 // indirect
|
||||
golang.org/x/oauth2 v0.10.0 // indirect
|
||||
golang.org/x/sys v0.21.0 // indirect
|
||||
golang.org/x/term v0.21.0 // indirect
|
||||
golang.org/x/text v0.16.0 // indirect
|
||||
golang.org/x/time v0.3.0 // indirect
|
||||
google.golang.org/appengine v1.6.7 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8 // indirect
|
||||
google.golang.org/protobuf v1.34.1 // indirect
|
||||
github.com/x448/float16 v0.8.4 // indirect
|
||||
golang.org/x/net v0.38.0 // indirect
|
||||
golang.org/x/oauth2 v0.23.0 // indirect
|
||||
golang.org/x/sys v0.31.0 // indirect
|
||||
golang.org/x/term v0.30.0 // indirect
|
||||
golang.org/x/text v0.23.0 // indirect
|
||||
golang.org/x/time v0.7.0 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20250324211829-b45e905df463 // indirect
|
||||
google.golang.org/protobuf v1.36.6 // indirect
|
||||
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
|
||||
gopkg.in/inf.v0 v0.9.1 // indirect
|
||||
gopkg.in/yaml.v2 v2.4.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
k8s.io/api v0.30.0 // indirect
|
||||
k8s.io/klog/v2 v2.120.1 // indirect
|
||||
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
|
||||
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
|
||||
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
|
||||
sigs.k8s.io/yaml v1.3.0 // indirect
|
||||
k8s.io/api v0.32.1 // indirect
|
||||
k8s.io/klog/v2 v2.130.1 // indirect
|
||||
k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect
|
||||
k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect
|
||||
sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
|
||||
sigs.k8s.io/yaml v1.4.0 // indirect
|
||||
)
|
||||
|
|
138
go.sum
138
go.sum
|
@ -1,24 +1,26 @@
|
|||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
|
||||
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
|
||||
github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
|
||||
github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
|
||||
github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
|
||||
github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||
github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
|
||||
github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
|
||||
github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
|
||||
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
|
||||
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
|
||||
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
|
||||
github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ=
|
||||
github.com/go-openapi/jsonpointer v0.21.0/go.mod h1:IUyH9l/+uyhIYQ/PXVA41Rexl+kOkAPDdXEYns6fzUY=
|
||||
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
|
||||
github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
|
||||
github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g=
|
||||
github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
|
||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI=
|
||||
github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls=
|
||||
github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE=
|
||||
github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
|
||||
github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
|
||||
github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
|
||||
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
||||
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
||||
github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
|
||||
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
|
||||
github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=
|
||||
|
@ -29,12 +31,10 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN
|
|||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||
github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
|
||||
github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
|
||||
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
|
||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28=
|
||||
github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
|
||||
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo=
|
||||
github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
|
||||
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
|
||||
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
|
||||
github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y=
|
||||
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
|
||||
|
@ -57,16 +57,17 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
|
|||
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
||||
github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
|
||||
github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
|
||||
github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE=
|
||||
github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk=
|
||||
github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM=
|
||||
github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo=
|
||||
github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4=
|
||||
github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
|
||||
github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
|
||||
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
|
||||
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
||||
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
|
@ -76,8 +77,10 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
|
|||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
|
||||
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
|
||||
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
|
||||
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||
github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
|
||||
github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
|
||||
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
|
@ -86,75 +89,70 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
|
|||
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
|
||||
golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
|
||||
golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
|
||||
golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8=
|
||||
golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI=
|
||||
golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8=
|
||||
golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
|
||||
golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
|
||||
golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
|
||||
golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.21.0 h1:WVXCp+/EBEHOj53Rvu+7KiT/iElMrO8ACK16SMZ3jaA=
|
||||
golang.org/x/term v0.21.0/go.mod h1:ooXLefLobQVslOqselCNF4SxFAaoS6KujMbsGzSDmX0=
|
||||
golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
|
||||
golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
|
||||
golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y=
|
||||
golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
|
||||
golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
|
||||
golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
|
||||
golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||
golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
|
||||
golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
|
||||
golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ=
|
||||
golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
|
||||
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
|
||||
golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
|
||||
golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
|
||||
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8 h1:W5Xj/70xIA4x60O/IFyXivR5MGqblAb8R3w26pnD6No=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20240513163218-0867130af1f8/go.mod h1:vPrPUTsDCYxXWjP7clS81mZ6/803D8K4iM9Ma27VKas=
|
||||
google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
|
||||
google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20250324211829-b45e905df463 h1:hE3bRWtU6uceqlh4fhrSnUyjKHMKB9KrTLLG+bc0ddM=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20250324211829-b45e905df463/go.mod h1:U90ffi8eUL9MwPcrJylN5+Mk2v3vuPDptd5yyNUiRR8=
|
||||
google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
|
||||
google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
|
||||
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
|
||||
gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4=
|
||||
gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M=
|
||||
gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
|
||||
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
istio.io/api v1.24.0-alpha.0.0.20241018201654-7c8ec5b5ab72 h1:AVg/4p5sVhZT6JwBczgvAy9idbVYiCqZFE/QVXNKy/k=
|
||||
istio.io/api v1.24.0-alpha.0.0.20241018201654-7c8ec5b5ab72/go.mod h1:MQnRok7RZ20/PE56v0LxmoWH0xVxnCQPNuf9O7PAN1I=
|
||||
k8s.io/api v0.30.0 h1:siWhRq7cNjy2iHssOB9SCGNCl2spiF1dO3dABqZ8niA=
|
||||
k8s.io/api v0.30.0/go.mod h1:OPlaYhoHs8EQ1ql0R/TsUgaRPhpKNxIMrKQfWUp8QSE=
|
||||
k8s.io/apimachinery v0.30.0 h1:qxVPsyDM5XS96NIh9Oj6LavoVFYff/Pon9cZeDIkHHA=
|
||||
k8s.io/apimachinery v0.30.0/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
|
||||
k8s.io/client-go v0.29.0 h1:KmlDtFcrdUzOYrBhXHgKw5ycWzc3ryPX5mQe0SkG3y8=
|
||||
k8s.io/client-go v0.29.0/go.mod h1:yLkXH4HKMAywcrD82KMSmfYg2DlE8mepPR4JGSo5n38=
|
||||
k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
|
||||
k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
|
||||
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
|
||||
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
|
||||
k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
|
||||
k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
|
||||
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
|
||||
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
|
||||
sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
|
||||
sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
|
||||
istio.io/api v1.26.0-alpha.0.0.20250710110633-638d39554fc6 h1:CbQf+TchiOK9EomexKggtUEIto3Ape5UfLv5XRN3Sq4=
|
||||
istio.io/api v1.26.0-alpha.0.0.20250710110633-638d39554fc6/go.mod h1:DTVGH6CLXj5W8FF9JUD3Tis78iRgT1WeuAnxfTz21Wg=
|
||||
k8s.io/api v0.32.1 h1:f562zw9cy+GvXzXf0CKlVQ7yHJVYzLfL6JAS4kOAaOc=
|
||||
k8s.io/api v0.32.1/go.mod h1:/Yi/BqkuueW1BgpoePYBRdDYfjPF5sgTr5+YqDZra5k=
|
||||
k8s.io/apimachinery v0.32.1 h1:683ENpaCBjma4CYqsmZyhEzrGz6cjn1MY/X2jB2hkZs=
|
||||
k8s.io/apimachinery v0.32.1/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE=
|
||||
k8s.io/client-go v0.32.1 h1:otM0AxdhdBIaQh7l1Q0jQpmo7WOFIk5FFa4bg6YMdUU=
|
||||
k8s.io/client-go v0.32.1/go.mod h1:aTTKZY7MdxUaJ/KiUs8D+GssR9zJZi77ZqtzcGXIiDg=
|
||||
k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
|
||||
k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
|
||||
k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y=
|
||||
k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4=
|
||||
k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro=
|
||||
k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
|
||||
sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8=
|
||||
sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo=
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk=
|
||||
sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4=
|
||||
sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
|
||||
sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
|
||||
|
|
|
@ -0,0 +1,21 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2019-present Faye Amacker
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
|
@ -1,28 +0,0 @@
|
|||
Copyright (c) 2013 Dario Castañé. All rights reserved.
|
||||
Copyright (c) 2012 The Go Authors. All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
met:
|
||||
|
||||
* Redistributions of source code must retain the above copyright
|
||||
notice, this list of conditions and the following disclaimer.
|
||||
* Redistributions in binary form must reproduce the above
|
||||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||||
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||||
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||||
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
||||
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
||||
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
||||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
@ -0,0 +1,22 @@
|
|||
MIT License
|
||||
|
||||
Copyright (c) 2019 Montgomery Edwards⁴⁴⁸ and Faye Amacker
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
Copyright 2009 The Go Authors.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
|
|||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
* Neither the name of Google LLC nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
Copyright 2009 The Go Authors.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
|
|||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
* Neither the name of Google LLC nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
Copyright 2009 The Go Authors.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
|
|||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
* Neither the name of Google LLC nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
Copyright 2009 The Go Authors.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
|
|||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
* Neither the name of Google LLC nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
Copyright 2009 The Go Authors.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
|
|||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
* Neither the name of Google LLC nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
Copyright (c) 2009 The Go Authors. All rights reserved.
|
||||
Copyright 2009 The Go Authors.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
modification, are permitted provided that the following conditions are
|
||||
|
@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
|
|||
copyright notice, this list of conditions and the following disclaimer
|
||||
in the documentation and/or other materials provided with the
|
||||
distribution.
|
||||
* Neither the name of Google Inc. nor the names of its
|
||||
* Neither the name of Google LLC nor the names of its
|
||||
contributors may be used to endorse or promote products derived from
|
||||
this software without specific prior written permission.
|
||||
|
||||
|
|
|
@ -48,3 +48,259 @@ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
|
|||
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
||||
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
|
||||
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
# The forked go-yaml.v3 library under this project is covered by two
|
||||
different licenses (MIT and Apache):
|
||||
|
||||
#### MIT License ####
|
||||
|
||||
The following files were ported to Go from C files of libyaml, and thus
|
||||
are still covered by their original MIT license, with the additional
|
||||
copyright staring in 2011 when the project was ported over:
|
||||
|
||||
apic.go emitterc.go parserc.go readerc.go scannerc.go
|
||||
writerc.go yamlh.go yamlprivateh.go
|
||||
|
||||
Copyright (c) 2006-2010 Kirill Simonov
|
||||
Copyright (c) 2006-2011 Kirill Simonov
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
|
||||
of the Software, and to permit persons to whom the Software is furnished to do
|
||||
so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
||||
### Apache License ###
|
||||
|
||||
All the remaining project files are covered by the Apache license:
|
||||
|
||||
Copyright (c) 2011-2019 Canonical Ltd
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
||||
# The forked go-yaml.v2 library under the project is covered by an
|
||||
Apache license:
|
||||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "{}"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright {yyyy} {name of copyright owner}
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
|
|
@ -0,0 +1,50 @@
|
|||
|
||||
This project is covered by two different licenses: MIT and Apache.
|
||||
|
||||
#### MIT License ####
|
||||
|
||||
The following files were ported to Go from C files of libyaml, and thus
|
||||
are still covered by their original MIT license, with the additional
|
||||
copyright staring in 2011 when the project was ported over:
|
||||
|
||||
apic.go emitterc.go parserc.go readerc.go scannerc.go
|
||||
writerc.go yamlh.go yamlprivateh.go
|
||||
|
||||
Copyright (c) 2006-2010 Kirill Simonov
|
||||
Copyright (c) 2006-2011 Kirill Simonov
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy of
|
||||
this software and associated documentation files (the "Software"), to deal in
|
||||
the Software without restriction, including without limitation the rights to
|
||||
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
|
||||
of the Software, and to permit persons to whom the Software is furnished to do
|
||||
so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
||||
### Apache License ###
|
||||
|
||||
All the remaining project files are covered by the Apache license:
|
||||
|
||||
Copyright (c) 2011-2019 Canonical Ltd
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
|
@ -25,7 +25,7 @@ import (
|
|||
//
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// WasmPlugins provides a mechanism to extend the functionality provided by
|
||||
// WasmPlugin provides a mechanism to extend the functionality provided by
|
||||
// the Istio proxy through WebAssembly filters.
|
||||
//
|
||||
// <!-- crd generation tags
|
||||
|
@ -52,7 +52,7 @@ import (
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type WasmPlugin struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -62,7 +62,7 @@ type WasmPlugin struct {
|
|||
// +optional
|
||||
Spec extensionsv1alpha1.WasmPlugin `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status metav1alpha1.IstioStatus `json:"status"`
|
||||
Status metav1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WasmPlugin) DeepCopyInto(out *WasmPlugin) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *WasmPlugin) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WasmPluginList) DeepCopyInto(out *WasmPluginList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -30,7 +30,7 @@ import (
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:DestinationRule:groupName:networking.istio.io
|
||||
// +cue-gen:DestinationRule:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:DestinationRule:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:DestinationRule:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:DestinationRule:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:DestinationRule:subresource:status
|
||||
|
@ -40,7 +40,7 @@ import (
|
|||
// +cue-gen:DestinationRule:printerColumn:name=Age,type=date,JSONPath=.metadata.creationTimestamp,description="CreationTimestamp is a timestamp
|
||||
// representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations.
|
||||
// Clients may not set this value. It is represented in RFC3339 form and is in UTC.
|
||||
// Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata"
|
||||
// Populated by the system. Read-only. Null for lists. For more information, see [Kubernetes API Conventions](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata)"
|
||||
// +cue-gen:DestinationRule:preserveUnknownFields:false
|
||||
// -->
|
||||
//
|
||||
|
@ -59,7 +59,7 @@ type DestinationRule struct {
|
|||
// +optional
|
||||
Spec v1alpha3.DestinationRule `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -80,7 +80,7 @@ type DestinationRuleList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:Gateway:groupName:networking.istio.io
|
||||
// +cue-gen:Gateway:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:Gateway:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:Gateway:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:Gateway:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:Gateway:subresource:status
|
||||
|
@ -104,7 +104,7 @@ type Gateway struct {
|
|||
// +optional
|
||||
Spec v1alpha3.Gateway `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -125,7 +125,7 @@ type GatewayList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:ServiceEntry:groupName:networking.istio.io
|
||||
// +cue-gen:ServiceEntry:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:ServiceEntry:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:ServiceEntry:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:ServiceEntry:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:ServiceEntry:subresource:status
|
||||
|
@ -151,10 +151,10 @@ type GatewayList struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
// istiostatus-override: ServiceEntryStatus: istio.io/api/networking/v1alpha3
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of WorkloadSelector or Endpoints can be set",rule="(has(self.workloadSelector)?1:0)+(has(self.endpoints)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="CIDR addresses are allowed only for NONE/STATIC resolution types",rule="!(has(self.addresses) && self.addresses.exists(k, k.contains('/')) && (has(self.resolution) && self.resolution != 'STATIC' && self.resolution != 'NONE'))"
|
||||
// +kubebuilder:validation:XValidation:message="NONE mode cannot set endpoints",rule="(!has(self.resolution) || self.resolution == 'NONE') ? !has(self.endpoints) : true"
|
||||
// +kubebuilder:validation:XValidation:message="DNS_ROUND_ROBIN mode cannot have multiple endpoints",rule="(has(self.resolution) && self.resolution == 'DNS_ROUND_ROBIN') ? (!has(self.endpoints) || size(self.endpoints) == 1) : true"
|
||||
// +kubebuilder:validation:XValidation:message="only one of WorkloadSelector or Endpoints can be set",rule="oneof(self.workloadSelector, self.endpoints)"
|
||||
// +kubebuilder:validation:XValidation:message="CIDR addresses are allowed only for NONE/STATIC resolution types",rule="!(default(self.addresses, []).exists(k, k.contains('/')) && !(default(self.resolution, 'NONE') in ['STATIC', 'NONE']))"
|
||||
// +kubebuilder:validation:XValidation:message="NONE mode cannot set endpoints",rule="default(self.resolution, 'NONE') == 'NONE' ? !has(self.endpoints) : true"
|
||||
// +kubebuilder:validation:XValidation:message="DNS_ROUND_ROBIN mode cannot have multiple endpoints",rule="default(self.resolution, ”) == 'DNS_ROUND_ROBIN' ? default(self.endpoints, []).size() <= 1 : true"
|
||||
type ServiceEntry struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -164,7 +164,7 @@ type ServiceEntry struct {
|
|||
// +optional
|
||||
Spec v1alpha3.ServiceEntry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha3.ServiceEntryStatus `json:"status"`
|
||||
Status v1alpha3.ServiceEntryStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -186,7 +186,7 @@ type ServiceEntryList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:Sidecar:groupName:networking.istio.io
|
||||
// +cue-gen:Sidecar:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:Sidecar:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:Sidecar:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:Sidecar:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:Sidecar:subresource:status
|
||||
|
@ -210,7 +210,7 @@ type Sidecar struct {
|
|||
// +optional
|
||||
Spec v1alpha3.Sidecar `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -230,7 +230,7 @@ type SidecarList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:VirtualService:groupName:networking.istio.io
|
||||
// +cue-gen:VirtualService:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:VirtualService:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:VirtualService:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:VirtualService:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:VirtualService:subresource:status
|
||||
|
@ -261,7 +261,7 @@ type VirtualService struct {
|
|||
// +optional
|
||||
Spec v1alpha3.VirtualService `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -281,7 +281,7 @@ type VirtualServiceList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:WorkloadEntry:groupName:networking.istio.io
|
||||
// +cue-gen:WorkloadEntry:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:WorkloadEntry:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:WorkloadEntry:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:WorkloadEntry:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:WorkloadEntry:subresource:status
|
||||
|
@ -303,7 +303,7 @@ type VirtualServiceList struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="Address is required",rule="has(self.address) || has(self.network)"
|
||||
// +kubebuilder:validation:XValidation:message="UDS may not include ports",rule="(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true"
|
||||
// +kubebuilder:validation:XValidation:message="UDS may not include ports",rule="(default(self.address, "").startsWith('unix://')) ? !has(self.ports) : true"
|
||||
type WorkloadEntry struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -313,7 +313,7 @@ type WorkloadEntry struct {
|
|||
// +optional
|
||||
Spec v1alpha3.WorkloadEntry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -337,7 +337,7 @@ type WorkloadEntryList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:WorkloadGroup:groupName:networking.istio.io
|
||||
// +cue-gen:WorkloadGroup:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:WorkloadGroup:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:WorkloadGroup:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:WorkloadGroup:subresource:status
|
||||
// +cue-gen:WorkloadGroup:scope:Namespaced
|
||||
|
@ -365,7 +365,7 @@ type WorkloadGroup struct {
|
|||
// +optional
|
||||
Spec v1alpha3.WorkloadGroup `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DestinationRule) DeepCopyInto(out *DestinationRule) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *DestinationRule) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DestinationRuleList) DeepCopyInto(out *DestinationRuleList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -90,7 +88,6 @@ func (in *DestinationRuleList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Gateway) DeepCopyInto(out *Gateway) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -118,7 +115,6 @@ func (in *Gateway) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *GatewayList) DeepCopyInto(out *GatewayList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -155,7 +151,6 @@ func (in *GatewayList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServiceEntry) DeepCopyInto(out *ServiceEntry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -183,7 +178,6 @@ func (in *ServiceEntry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServiceEntryList) DeepCopyInto(out *ServiceEntryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -220,7 +214,6 @@ func (in *ServiceEntryList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Sidecar) DeepCopyInto(out *Sidecar) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -248,7 +241,6 @@ func (in *Sidecar) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *SidecarList) DeepCopyInto(out *SidecarList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -285,7 +277,6 @@ func (in *SidecarList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *VirtualService) DeepCopyInto(out *VirtualService) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -313,7 +304,6 @@ func (in *VirtualService) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *VirtualServiceList) DeepCopyInto(out *VirtualServiceList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -350,7 +340,6 @@ func (in *VirtualServiceList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadEntry) DeepCopyInto(out *WorkloadEntry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -378,7 +367,6 @@ func (in *WorkloadEntry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadEntryList) DeepCopyInto(out *WorkloadEntryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -415,7 +403,6 @@ func (in *WorkloadEntryList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadGroup) DeepCopyInto(out *WorkloadGroup) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -443,7 +430,6 @@ func (in *WorkloadGroup) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadGroupList) DeepCopyInto(out *WorkloadGroupList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -30,7 +30,7 @@ import (
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:DestinationRule:groupName:networking.istio.io
|
||||
// +cue-gen:DestinationRule:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:DestinationRule:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:DestinationRule:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:DestinationRule:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:DestinationRule:subresource:status
|
||||
|
@ -40,7 +40,7 @@ import (
|
|||
// +cue-gen:DestinationRule:printerColumn:name=Age,type=date,JSONPath=.metadata.creationTimestamp,description="CreationTimestamp is a timestamp
|
||||
// representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations.
|
||||
// Clients may not set this value. It is represented in RFC3339 form and is in UTC.
|
||||
// Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata"
|
||||
// Populated by the system. Read-only. Null for lists. For more information, see [Kubernetes API Conventions](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata)"
|
||||
// +cue-gen:DestinationRule:preserveUnknownFields:false
|
||||
// -->
|
||||
//
|
||||
|
@ -59,7 +59,7 @@ type DestinationRule struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.DestinationRule `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -76,7 +76,7 @@ type DestinationRuleList struct {
|
|||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// EnvoyFilter provides a mechanism to customize the Envoy configuration
|
||||
// generated by Istio Pilot.
|
||||
// generated by istiod.
|
||||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:EnvoyFilter:groupName:networking.istio.io
|
||||
|
@ -97,7 +97,7 @@ type DestinationRuleList struct {
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or workloadSelector can be set",rule="(has(self.workloadSelector)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or workloadSelector can be set",rule="oneof(self.workloadSelector, self.targetRefs)"
|
||||
type EnvoyFilter struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -107,7 +107,7 @@ type EnvoyFilter struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.EnvoyFilter `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -128,7 +128,7 @@ type EnvoyFilterList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:Gateway:groupName:networking.istio.io
|
||||
// +cue-gen:Gateway:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:Gateway:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:Gateway:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:Gateway:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:Gateway:subresource:status
|
||||
|
@ -152,7 +152,7 @@ type Gateway struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.Gateway `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -173,7 +173,7 @@ type GatewayList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:ServiceEntry:groupName:networking.istio.io
|
||||
// +cue-gen:ServiceEntry:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:ServiceEntry:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:ServiceEntry:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:ServiceEntry:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:ServiceEntry:subresource:status
|
||||
|
@ -199,10 +199,10 @@ type GatewayList struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
// istiostatus-override: ServiceEntryStatus: istio.io/api/networking/v1alpha3
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of WorkloadSelector or Endpoints can be set",rule="(has(self.workloadSelector)?1:0)+(has(self.endpoints)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="CIDR addresses are allowed only for NONE/STATIC resolution types",rule="!(has(self.addresses) && self.addresses.exists(k, k.contains('/')) && (has(self.resolution) && self.resolution != 'STATIC' && self.resolution != 'NONE'))"
|
||||
// +kubebuilder:validation:XValidation:message="NONE mode cannot set endpoints",rule="(!has(self.resolution) || self.resolution == 'NONE') ? !has(self.endpoints) : true"
|
||||
// +kubebuilder:validation:XValidation:message="DNS_ROUND_ROBIN mode cannot have multiple endpoints",rule="(has(self.resolution) && self.resolution == 'DNS_ROUND_ROBIN') ? (!has(self.endpoints) || size(self.endpoints) == 1) : true"
|
||||
// +kubebuilder:validation:XValidation:message="only one of WorkloadSelector or Endpoints can be set",rule="oneof(self.workloadSelector, self.endpoints)"
|
||||
// +kubebuilder:validation:XValidation:message="CIDR addresses are allowed only for NONE/STATIC resolution types",rule="!(default(self.addresses, []).exists(k, k.contains('/')) && !(default(self.resolution, 'NONE') in ['STATIC', 'NONE']))"
|
||||
// +kubebuilder:validation:XValidation:message="NONE mode cannot set endpoints",rule="default(self.resolution, 'NONE') == 'NONE' ? !has(self.endpoints) : true"
|
||||
// +kubebuilder:validation:XValidation:message="DNS_ROUND_ROBIN mode cannot have multiple endpoints",rule="default(self.resolution, ”) == 'DNS_ROUND_ROBIN' ? default(self.endpoints, []).size() <= 1 : true"
|
||||
type ServiceEntry struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -212,7 +212,7 @@ type ServiceEntry struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.ServiceEntry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status networkingv1alpha3.ServiceEntryStatus `json:"status"`
|
||||
Status networkingv1alpha3.ServiceEntryStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -234,7 +234,7 @@ type ServiceEntryList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:Sidecar:groupName:networking.istio.io
|
||||
// +cue-gen:Sidecar:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:Sidecar:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:Sidecar:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:Sidecar:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:Sidecar:subresource:status
|
||||
|
@ -258,7 +258,7 @@ type Sidecar struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.Sidecar `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -278,7 +278,7 @@ type SidecarList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:VirtualService:groupName:networking.istio.io
|
||||
// +cue-gen:VirtualService:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:VirtualService:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:VirtualService:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:VirtualService:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:VirtualService:subresource:status
|
||||
|
@ -309,7 +309,7 @@ type VirtualService struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.VirtualService `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -329,7 +329,7 @@ type VirtualServiceList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:WorkloadEntry:groupName:networking.istio.io
|
||||
// +cue-gen:WorkloadEntry:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:WorkloadEntry:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:WorkloadEntry:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:WorkloadEntry:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:WorkloadEntry:subresource:status
|
||||
|
@ -351,7 +351,7 @@ type VirtualServiceList struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="Address is required",rule="has(self.address) || has(self.network)"
|
||||
// +kubebuilder:validation:XValidation:message="UDS may not include ports",rule="(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true"
|
||||
// +kubebuilder:validation:XValidation:message="UDS may not include ports",rule="(default(self.address, "").startsWith('unix://')) ? !has(self.ports) : true"
|
||||
type WorkloadEntry struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -361,7 +361,7 @@ type WorkloadEntry struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.WorkloadEntry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -385,7 +385,7 @@ type WorkloadEntryList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:WorkloadGroup:groupName:networking.istio.io
|
||||
// +cue-gen:WorkloadGroup:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:WorkloadGroup:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:WorkloadGroup:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:WorkloadGroup:subresource:status
|
||||
// +cue-gen:WorkloadGroup:scope:Namespaced
|
||||
|
@ -413,7 +413,7 @@ type WorkloadGroup struct {
|
|||
// +optional
|
||||
Spec networkingv1alpha3.WorkloadGroup `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DestinationRule) DeepCopyInto(out *DestinationRule) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *DestinationRule) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DestinationRuleList) DeepCopyInto(out *DestinationRuleList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -90,7 +88,6 @@ func (in *DestinationRuleList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *EnvoyFilter) DeepCopyInto(out *EnvoyFilter) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -118,7 +115,6 @@ func (in *EnvoyFilter) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *EnvoyFilterList) DeepCopyInto(out *EnvoyFilterList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -155,7 +151,6 @@ func (in *EnvoyFilterList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Gateway) DeepCopyInto(out *Gateway) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -183,7 +178,6 @@ func (in *Gateway) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *GatewayList) DeepCopyInto(out *GatewayList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -220,7 +214,6 @@ func (in *GatewayList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServiceEntry) DeepCopyInto(out *ServiceEntry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -248,7 +241,6 @@ func (in *ServiceEntry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServiceEntryList) DeepCopyInto(out *ServiceEntryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -285,7 +277,6 @@ func (in *ServiceEntryList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Sidecar) DeepCopyInto(out *Sidecar) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -313,7 +304,6 @@ func (in *Sidecar) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *SidecarList) DeepCopyInto(out *SidecarList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -350,7 +340,6 @@ func (in *SidecarList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *VirtualService) DeepCopyInto(out *VirtualService) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -378,7 +367,6 @@ func (in *VirtualService) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *VirtualServiceList) DeepCopyInto(out *VirtualServiceList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -415,7 +403,6 @@ func (in *VirtualServiceList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadEntry) DeepCopyInto(out *WorkloadEntry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -443,7 +430,6 @@ func (in *WorkloadEntry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadEntryList) DeepCopyInto(out *WorkloadEntryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -480,7 +466,6 @@ func (in *WorkloadEntryList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadGroup) DeepCopyInto(out *WorkloadGroup) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -508,7 +493,6 @@ func (in *WorkloadGroup) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadGroupList) DeepCopyInto(out *WorkloadGroupList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -31,7 +31,7 @@ import (
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:DestinationRule:groupName:networking.istio.io
|
||||
// +cue-gen:DestinationRule:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:DestinationRule:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:DestinationRule:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:DestinationRule:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:DestinationRule:subresource:status
|
||||
|
@ -41,7 +41,7 @@ import (
|
|||
// +cue-gen:DestinationRule:printerColumn:name=Age,type=date,JSONPath=.metadata.creationTimestamp,description="CreationTimestamp is a timestamp
|
||||
// representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations.
|
||||
// Clients may not set this value. It is represented in RFC3339 form and is in UTC.
|
||||
// Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata"
|
||||
// Populated by the system. Read-only. Null for lists. For more information, see [Kubernetes API Conventions](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata)"
|
||||
// +cue-gen:DestinationRule:preserveUnknownFields:false
|
||||
// -->
|
||||
//
|
||||
|
@ -60,7 +60,7 @@ type DestinationRule struct {
|
|||
// +optional
|
||||
Spec v1alpha3.DestinationRule `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -81,7 +81,7 @@ type DestinationRuleList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:Gateway:groupName:networking.istio.io
|
||||
// +cue-gen:Gateway:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:Gateway:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:Gateway:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:Gateway:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:Gateway:subresource:status
|
||||
|
@ -105,7 +105,7 @@ type Gateway struct {
|
|||
// +optional
|
||||
Spec v1alpha3.Gateway `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -151,7 +151,7 @@ type ProxyConfig struct {
|
|||
// +optional
|
||||
Spec networkingv1beta1.ProxyConfig `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -172,7 +172,7 @@ type ProxyConfigList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:ServiceEntry:groupName:networking.istio.io
|
||||
// +cue-gen:ServiceEntry:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:ServiceEntry:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:ServiceEntry:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:ServiceEntry:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:ServiceEntry:subresource:status
|
||||
|
@ -198,10 +198,10 @@ type ProxyConfigList struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
// istiostatus-override: ServiceEntryStatus: istio.io/api/networking/v1alpha3
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of WorkloadSelector or Endpoints can be set",rule="(has(self.workloadSelector)?1:0)+(has(self.endpoints)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="CIDR addresses are allowed only for NONE/STATIC resolution types",rule="!(has(self.addresses) && self.addresses.exists(k, k.contains('/')) && (has(self.resolution) && self.resolution != 'STATIC' && self.resolution != 'NONE'))"
|
||||
// +kubebuilder:validation:XValidation:message="NONE mode cannot set endpoints",rule="(!has(self.resolution) || self.resolution == 'NONE') ? !has(self.endpoints) : true"
|
||||
// +kubebuilder:validation:XValidation:message="DNS_ROUND_ROBIN mode cannot have multiple endpoints",rule="(has(self.resolution) && self.resolution == 'DNS_ROUND_ROBIN') ? (!has(self.endpoints) || size(self.endpoints) == 1) : true"
|
||||
// +kubebuilder:validation:XValidation:message="only one of WorkloadSelector or Endpoints can be set",rule="oneof(self.workloadSelector, self.endpoints)"
|
||||
// +kubebuilder:validation:XValidation:message="CIDR addresses are allowed only for NONE/STATIC resolution types",rule="!(default(self.addresses, []).exists(k, k.contains('/')) && !(default(self.resolution, 'NONE') in ['STATIC', 'NONE']))"
|
||||
// +kubebuilder:validation:XValidation:message="NONE mode cannot set endpoints",rule="default(self.resolution, 'NONE') == 'NONE' ? !has(self.endpoints) : true"
|
||||
// +kubebuilder:validation:XValidation:message="DNS_ROUND_ROBIN mode cannot have multiple endpoints",rule="default(self.resolution, ”) == 'DNS_ROUND_ROBIN' ? default(self.endpoints, []).size() <= 1 : true"
|
||||
type ServiceEntry struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -211,7 +211,7 @@ type ServiceEntry struct {
|
|||
// +optional
|
||||
Spec v1alpha3.ServiceEntry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha3.ServiceEntryStatus `json:"status"`
|
||||
Status v1alpha3.ServiceEntryStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -233,7 +233,7 @@ type ServiceEntryList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:Sidecar:groupName:networking.istio.io
|
||||
// +cue-gen:Sidecar:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:Sidecar:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:Sidecar:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:Sidecar:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:Sidecar:subresource:status
|
||||
|
@ -257,7 +257,7 @@ type Sidecar struct {
|
|||
// +optional
|
||||
Spec v1alpha3.Sidecar `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -277,7 +277,7 @@ type SidecarList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:VirtualService:groupName:networking.istio.io
|
||||
// +cue-gen:VirtualService:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:VirtualService:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:VirtualService:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:VirtualService:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:VirtualService:subresource:status
|
||||
|
@ -308,7 +308,7 @@ type VirtualService struct {
|
|||
// +optional
|
||||
Spec v1alpha3.VirtualService `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -328,7 +328,7 @@ type VirtualServiceList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:WorkloadEntry:groupName:networking.istio.io
|
||||
// +cue-gen:WorkloadEntry:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:WorkloadEntry:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:WorkloadEntry:annotations:helm.sh/resource-policy=keep
|
||||
// +cue-gen:WorkloadEntry:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:WorkloadEntry:subresource:status
|
||||
|
@ -350,7 +350,7 @@ type VirtualServiceList struct {
|
|||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="Address is required",rule="has(self.address) || has(self.network)"
|
||||
// +kubebuilder:validation:XValidation:message="UDS may not include ports",rule="(has(self.address) && self.address.startsWith('unix://')) ? !has(self.ports) : true"
|
||||
// +kubebuilder:validation:XValidation:message="UDS may not include ports",rule="(default(self.address, "").startsWith('unix://')) ? !has(self.ports) : true"
|
||||
type WorkloadEntry struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -360,7 +360,7 @@ type WorkloadEntry struct {
|
|||
// +optional
|
||||
Spec v1alpha3.WorkloadEntry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -384,7 +384,7 @@ type WorkloadEntryList struct {
|
|||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:WorkloadGroup:groupName:networking.istio.io
|
||||
// +cue-gen:WorkloadGroup:versions:v1beta1,v1alpha3,v1
|
||||
// +cue-gen:WorkloadGroup:versions:v1,v1beta1,v1alpha3
|
||||
// +cue-gen:WorkloadGroup:labels:app=istio-pilot,chart=istio,heritage=Tiller,release=istio
|
||||
// +cue-gen:WorkloadGroup:subresource:status
|
||||
// +cue-gen:WorkloadGroup:scope:Namespaced
|
||||
|
@ -412,7 +412,7 @@ type WorkloadGroup struct {
|
|||
// +optional
|
||||
Spec v1alpha3.WorkloadGroup `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DestinationRule) DeepCopyInto(out *DestinationRule) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *DestinationRule) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *DestinationRuleList) DeepCopyInto(out *DestinationRuleList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -90,7 +88,6 @@ func (in *DestinationRuleList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Gateway) DeepCopyInto(out *Gateway) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -118,7 +115,6 @@ func (in *Gateway) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *GatewayList) DeepCopyInto(out *GatewayList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -155,7 +151,6 @@ func (in *GatewayList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ProxyConfig) DeepCopyInto(out *ProxyConfig) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -183,7 +178,6 @@ func (in *ProxyConfig) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ProxyConfigList) DeepCopyInto(out *ProxyConfigList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -220,7 +214,6 @@ func (in *ProxyConfigList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServiceEntry) DeepCopyInto(out *ServiceEntry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -248,7 +241,6 @@ func (in *ServiceEntry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *ServiceEntryList) DeepCopyInto(out *ServiceEntryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -285,7 +277,6 @@ func (in *ServiceEntryList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Sidecar) DeepCopyInto(out *Sidecar) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -313,7 +304,6 @@ func (in *Sidecar) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *SidecarList) DeepCopyInto(out *SidecarList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -350,7 +340,6 @@ func (in *SidecarList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *VirtualService) DeepCopyInto(out *VirtualService) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -378,7 +367,6 @@ func (in *VirtualService) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *VirtualServiceList) DeepCopyInto(out *VirtualServiceList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -415,7 +403,6 @@ func (in *VirtualServiceList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadEntry) DeepCopyInto(out *WorkloadEntry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -443,7 +430,6 @@ func (in *WorkloadEntry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadEntryList) DeepCopyInto(out *WorkloadEntryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -480,7 +466,6 @@ func (in *WorkloadEntryList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadGroup) DeepCopyInto(out *WorkloadGroup) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -508,7 +493,6 @@ func (in *WorkloadGroup) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *WorkloadGroupList) DeepCopyInto(out *WorkloadGroupList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -50,7 +50,7 @@ import (
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type AuthorizationPolicy struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -60,7 +60,7 @@ type AuthorizationPolicy struct {
|
|||
// +optional
|
||||
Spec v1beta1.AuthorizationPolicy `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -76,113 +76,6 @@ type AuthorizationPolicyList struct {
|
|||
//
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// PeerAuthentication defines mutual TLS (mTLS) requirements for incoming connections.
|
||||
//
|
||||
// In sidecar mode, PeerAuthentication determines whether or not mTLS is allowed or required
|
||||
// for connections to an Envoy proxy sidecar.
|
||||
//
|
||||
// In ambient mode, security is transparently enabled for a pod by the ztunnel node agent.
|
||||
// (Traffic between proxies uses the HBONE protocol, which includes encryption with mTLS.)
|
||||
// Because of this, `DISABLE` mode is not supported.
|
||||
// `STRICT` mode is useful to ensure that connections that bypass the mesh are not possible.
|
||||
//
|
||||
// Examples:
|
||||
//
|
||||
// Policy to require mTLS traffic for all workloads under namespace `foo`:
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// mtls:
|
||||
// mode: STRICT
|
||||
//
|
||||
// ```
|
||||
// For mesh level, put the policy in root-namespace according to your Istio installation.
|
||||
//
|
||||
// Policies to allow both mTLS and plaintext traffic for all workloads under namespace `foo`, but
|
||||
// require mTLS for workload `finance`.
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// mtls:
|
||||
// mode: PERMISSIVE
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: finance
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: finance
|
||||
// mtls:
|
||||
// mode: STRICT
|
||||
//
|
||||
// ```
|
||||
// Policy that enables strict mTLS for all `finance` workloads, but leaves the port `8080` to
|
||||
// plaintext. Note the port value in the `portLevelMtls` field refers to the port
|
||||
// of the workload, not the port of the Kubernetes service.
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: finance
|
||||
// mtls:
|
||||
// mode: STRICT
|
||||
// portLevelMtls:
|
||||
// 8080:
|
||||
// mode: DISABLE
|
||||
//
|
||||
// ```
|
||||
// Policy that inherits mTLS mode from namespace (or mesh) settings, and disables
|
||||
// mTLS for workload port `8080`.
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: finance
|
||||
// mtls:
|
||||
// mode: UNSET
|
||||
// portLevelMtls:
|
||||
// 8080:
|
||||
// mode: DISABLE
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:PeerAuthentication:groupName:security.istio.io
|
||||
// +cue-gen:PeerAuthentication:versions:v1beta1,v1
|
||||
|
@ -206,7 +99,7 @@ type AuthorizationPolicyList struct {
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="portLevelMtls requires selector",rule="(has(self.selector) && has(self.selector.matchLabels) && self.selector.matchLabels.size() > 0) || !has(self.portLevelMtls)"
|
||||
// +kubebuilder:validation:XValidation:message="portLevelMtls requires selector",rule="has(self.portLevelMtls) ? self.index({}, selector, matchLabels).size() > 0 : true"
|
||||
type PeerAuthentication struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -216,7 +109,7 @@ type PeerAuthentication struct {
|
|||
// +optional
|
||||
Spec v1beta1.PeerAuthentication `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -232,245 +125,6 @@ type PeerAuthenticationList struct {
|
|||
//
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// RequestAuthentication defines what request authentication methods are supported by a workload.
|
||||
// It will reject a request if the request contains invalid authentication information, based on the
|
||||
// configured authentication rules. A request that does not contain any authentication credentials
|
||||
// will be accepted but will not have any authenticated identity. To restrict access to authenticated
|
||||
// requests only, this should be accompanied by an authorization rule.
|
||||
// Examples:
|
||||
//
|
||||
// - Require JWT for all request for workloads that have label `app:httpbin`
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// jwtRules:
|
||||
// - issuer: "issuer-foo"
|
||||
// jwksUri: https://example.com/.well-known/jwks.json
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// - A policy in the root namespace ("istio-system" by default) applies to workloads in all namespaces
|
||||
// in a mesh. The following policy makes all workloads only accept requests that contain a
|
||||
// valid JWT token.
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: req-authn-for-all
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// jwtRules:
|
||||
// - issuer: "issuer-foo"
|
||||
// jwksUri: https://example.com/.well-known/jwks.json
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: require-jwt-for-all
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// - The next example shows how to set a different JWT requirement for a different `host`. The `RequestAuthentication`
|
||||
// declares it can accept JWTs issued by either `issuer-foo` or `issuer-bar` (the public key set is implicitly
|
||||
// set from the OpenID Connect spec).
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// jwtRules:
|
||||
// - issuer: "issuer-foo"
|
||||
// - issuer: "issuer-bar"
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["issuer-foo/*"]
|
||||
// to:
|
||||
// - operation:
|
||||
// hosts: ["example.com"]
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["issuer-bar/*"]
|
||||
// to:
|
||||
// - operation:
|
||||
// hosts: ["another-host.com"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// - You can fine tune the authorization policy to set different requirement per path. For example,
|
||||
// to require JWT on all paths, except /healthz, the same `RequestAuthentication` can be used, but the
|
||||
// authorization policy could be:
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
// - to:
|
||||
// - operation:
|
||||
// paths: ["/healthz"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// [Experimental] Routing based on derived [metadata](https://istio.io/latest/docs/reference/config/security/conditions/)
|
||||
// is now supported. A prefix '@' is used to denote a match against internal metadata instead of the headers in the request.
|
||||
// Currently this feature is only supported for the following metadata:
|
||||
//
|
||||
// - `request.auth.claims.{claim-name}[.{nested-claim}]*` which are extracted from validated JWT tokens.
|
||||
// Use the `.` or `[]` as a separator for nested claim names.
|
||||
// Examples: `request.auth.claims.sub`, `request.auth.claims.name.givenName` and `request.auth.claims[foo.com/name]`.
|
||||
// For more information, see [JWT claim based routing](https://istio.io/latest/docs/tasks/security/authentication/jwt-route/).
|
||||
//
|
||||
// The use of matches against JWT claim metadata is only supported in Gateways. The following example shows:
|
||||
//
|
||||
// - RequestAuthentication to decode and validate a JWT. This also makes the `@request.auth.claims` available for use in the VirtualService.
|
||||
// - AuthorizationPolicy to check for valid principals in the request. This makes the JWT required for the request.
|
||||
// - VirtualService to route the request based on the "sub" claim.
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: jwt-on-ingress
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: istio-ingressgateway
|
||||
// jwtRules:
|
||||
// - issuer: "example.com"
|
||||
// jwksUri: https://example.com/.well-known/jwks.json
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: require-jwt
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: istio-ingressgateway
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
//
|
||||
// ---
|
||||
// apiVersion: networking.istio.io/v1
|
||||
// kind: VirtualService
|
||||
// metadata:
|
||||
//
|
||||
// name: route-jwt
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// hosts:
|
||||
// - foo.prod.svc.cluster.local
|
||||
// gateways:
|
||||
// - istio-ingressgateway
|
||||
// http:
|
||||
// - name: "v2"
|
||||
// match:
|
||||
// - headers:
|
||||
// "@request.auth.claims.sub":
|
||||
// exact: "dev"
|
||||
// route:
|
||||
// - destination:
|
||||
// host: foo.prod.svc.cluster.local
|
||||
// subset: v2
|
||||
// - name: "default"
|
||||
// route:
|
||||
// - destination:
|
||||
// host: foo.prod.svc.cluster.local
|
||||
// subset: v1
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:RequestAuthentication:groupName:security.istio.io
|
||||
// +cue-gen:RequestAuthentication:versions:v1beta1,v1
|
||||
|
@ -489,7 +143,7 @@ type PeerAuthenticationList struct {
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type RequestAuthentication struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -499,7 +153,7 @@ type RequestAuthentication struct {
|
|||
// +optional
|
||||
Spec v1beta1.RequestAuthentication `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AuthorizationPolicy) DeepCopyInto(out *AuthorizationPolicy) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *AuthorizationPolicy) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AuthorizationPolicyList) DeepCopyInto(out *AuthorizationPolicyList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -90,7 +88,6 @@ func (in *AuthorizationPolicyList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *PeerAuthentication) DeepCopyInto(out *PeerAuthentication) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -118,7 +115,6 @@ func (in *PeerAuthentication) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *PeerAuthenticationList) DeepCopyInto(out *PeerAuthenticationList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -155,7 +151,6 @@ func (in *PeerAuthenticationList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *RequestAuthentication) DeepCopyInto(out *RequestAuthentication) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -183,7 +178,6 @@ func (in *RequestAuthentication) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *RequestAuthenticationList) DeepCopyInto(out *RequestAuthenticationList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -50,7 +50,7 @@ import (
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type AuthorizationPolicy struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -60,7 +60,7 @@ type AuthorizationPolicy struct {
|
|||
// +optional
|
||||
Spec securityv1beta1.AuthorizationPolicy `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -76,113 +76,6 @@ type AuthorizationPolicyList struct {
|
|||
//
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// PeerAuthentication defines mutual TLS (mTLS) requirements for incoming connections.
|
||||
//
|
||||
// In sidecar mode, PeerAuthentication determines whether or not mTLS is allowed or required
|
||||
// for connections to an Envoy proxy sidecar.
|
||||
//
|
||||
// In ambient mode, security is transparently enabled for a pod by the ztunnel node agent.
|
||||
// (Traffic between proxies uses the HBONE protocol, which includes encryption with mTLS.)
|
||||
// Because of this, `DISABLE` mode is not supported.
|
||||
// `STRICT` mode is useful to ensure that connections that bypass the mesh are not possible.
|
||||
//
|
||||
// Examples:
|
||||
//
|
||||
// Policy to require mTLS traffic for all workloads under namespace `foo`:
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// mtls:
|
||||
// mode: STRICT
|
||||
//
|
||||
// ```
|
||||
// For mesh level, put the policy in root-namespace according to your Istio installation.
|
||||
//
|
||||
// Policies to allow both mTLS and plaintext traffic for all workloads under namespace `foo`, but
|
||||
// require mTLS for workload `finance`.
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// mtls:
|
||||
// mode: PERMISSIVE
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: finance
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: finance
|
||||
// mtls:
|
||||
// mode: STRICT
|
||||
//
|
||||
// ```
|
||||
// Policy that enables strict mTLS for all `finance` workloads, but leaves the port `8080` to
|
||||
// plaintext. Note the port value in the `portLevelMtls` field refers to the port
|
||||
// of the workload, not the port of the Kubernetes service.
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: finance
|
||||
// mtls:
|
||||
// mode: STRICT
|
||||
// portLevelMtls:
|
||||
// 8080:
|
||||
// mode: DISABLE
|
||||
//
|
||||
// ```
|
||||
// Policy that inherits mTLS mode from namespace (or mesh) settings, and disables
|
||||
// mTLS for workload port `8080`.
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: PeerAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: default
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: finance
|
||||
// mtls:
|
||||
// mode: UNSET
|
||||
// portLevelMtls:
|
||||
// 8080:
|
||||
// mode: DISABLE
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:PeerAuthentication:groupName:security.istio.io
|
||||
// +cue-gen:PeerAuthentication:versions:v1beta1,v1
|
||||
|
@ -206,7 +99,7 @@ type AuthorizationPolicyList struct {
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="portLevelMtls requires selector",rule="(has(self.selector) && has(self.selector.matchLabels) && self.selector.matchLabels.size() > 0) || !has(self.portLevelMtls)"
|
||||
// +kubebuilder:validation:XValidation:message="portLevelMtls requires selector",rule="has(self.portLevelMtls) ? self.index({}, selector, matchLabels).size() > 0 : true"
|
||||
type PeerAuthentication struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -216,7 +109,7 @@ type PeerAuthentication struct {
|
|||
// +optional
|
||||
Spec securityv1beta1.PeerAuthentication `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
@ -232,245 +125,6 @@ type PeerAuthenticationList struct {
|
|||
//
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
||||
// RequestAuthentication defines what request authentication methods are supported by a workload.
|
||||
// It will reject a request if the request contains invalid authentication information, based on the
|
||||
// configured authentication rules. A request that does not contain any authentication credentials
|
||||
// will be accepted but will not have any authenticated identity. To restrict access to authenticated
|
||||
// requests only, this should be accompanied by an authorization rule.
|
||||
// Examples:
|
||||
//
|
||||
// - Require JWT for all request for workloads that have label `app:httpbin`
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// jwtRules:
|
||||
// - issuer: "issuer-foo"
|
||||
// jwksUri: https://example.com/.well-known/jwks.json
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// - A policy in the root namespace ("istio-system" by default) applies to workloads in all namespaces
|
||||
// in a mesh. The following policy makes all workloads only accept requests that contain a
|
||||
// valid JWT token.
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: req-authn-for-all
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// jwtRules:
|
||||
// - issuer: "issuer-foo"
|
||||
// jwksUri: https://example.com/.well-known/jwks.json
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: require-jwt-for-all
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// - The next example shows how to set a different JWT requirement for a different `host`. The `RequestAuthentication`
|
||||
// declares it can accept JWTs issued by either `issuer-foo` or `issuer-bar` (the public key set is implicitly
|
||||
// set from the OpenID Connect spec).
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// jwtRules:
|
||||
// - issuer: "issuer-foo"
|
||||
// - issuer: "issuer-bar"
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["issuer-foo/*"]
|
||||
// to:
|
||||
// - operation:
|
||||
// hosts: ["example.com"]
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["issuer-bar/*"]
|
||||
// to:
|
||||
// - operation:
|
||||
// hosts: ["another-host.com"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// - You can fine tune the authorization policy to set different requirement per path. For example,
|
||||
// to require JWT on all paths, except /healthz, the same `RequestAuthentication` can be used, but the
|
||||
// authorization policy could be:
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: httpbin
|
||||
// namespace: foo
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: httpbin
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
// - to:
|
||||
// - operation:
|
||||
// paths: ["/healthz"]
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// [Experimental] Routing based on derived [metadata](https://istio.io/latest/docs/reference/config/security/conditions/)
|
||||
// is now supported. A prefix '@' is used to denote a match against internal metadata instead of the headers in the request.
|
||||
// Currently this feature is only supported for the following metadata:
|
||||
//
|
||||
// - `request.auth.claims.{claim-name}[.{nested-claim}]*` which are extracted from validated JWT tokens.
|
||||
// Use the `.` or `[]` as a separator for nested claim names.
|
||||
// Examples: `request.auth.claims.sub`, `request.auth.claims.name.givenName` and `request.auth.claims[foo.com/name]`.
|
||||
// For more information, see [JWT claim based routing](https://istio.io/latest/docs/tasks/security/authentication/jwt-route/).
|
||||
//
|
||||
// The use of matches against JWT claim metadata is only supported in Gateways. The following example shows:
|
||||
//
|
||||
// - RequestAuthentication to decode and validate a JWT. This also makes the `@request.auth.claims` available for use in the VirtualService.
|
||||
// - AuthorizationPolicy to check for valid principals in the request. This makes the JWT required for the request.
|
||||
// - VirtualService to route the request based on the "sub" claim.
|
||||
//
|
||||
// ```yaml
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: RequestAuthentication
|
||||
// metadata:
|
||||
//
|
||||
// name: jwt-on-ingress
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: istio-ingressgateway
|
||||
// jwtRules:
|
||||
// - issuer: "example.com"
|
||||
// jwksUri: https://example.com/.well-known/jwks.json
|
||||
//
|
||||
// ---
|
||||
// apiVersion: security.istio.io/v1
|
||||
// kind: AuthorizationPolicy
|
||||
// metadata:
|
||||
//
|
||||
// name: require-jwt
|
||||
// namespace: istio-system
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// selector:
|
||||
// matchLabels:
|
||||
// app: istio-ingressgateway
|
||||
// rules:
|
||||
// - from:
|
||||
// - source:
|
||||
// requestPrincipals: ["*"]
|
||||
//
|
||||
// ---
|
||||
// apiVersion: networking.istio.io/v1
|
||||
// kind: VirtualService
|
||||
// metadata:
|
||||
//
|
||||
// name: route-jwt
|
||||
//
|
||||
// spec:
|
||||
//
|
||||
// hosts:
|
||||
// - foo.prod.svc.cluster.local
|
||||
// gateways:
|
||||
// - istio-ingressgateway
|
||||
// http:
|
||||
// - name: "v2"
|
||||
// match:
|
||||
// - headers:
|
||||
// "@request.auth.claims.sub":
|
||||
// exact: "dev"
|
||||
// route:
|
||||
// - destination:
|
||||
// host: foo.prod.svc.cluster.local
|
||||
// subset: v2
|
||||
// - name: "default"
|
||||
// route:
|
||||
// - destination:
|
||||
// host: foo.prod.svc.cluster.local
|
||||
// subset: v1
|
||||
//
|
||||
// ```
|
||||
//
|
||||
// <!-- crd generation tags
|
||||
// +cue-gen:RequestAuthentication:groupName:security.istio.io
|
||||
// +cue-gen:RequestAuthentication:versions:v1beta1,v1
|
||||
|
@ -489,7 +143,7 @@ type PeerAuthenticationList struct {
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type RequestAuthentication struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -499,7 +153,7 @@ type RequestAuthentication struct {
|
|||
// +optional
|
||||
Spec securityv1beta1.RequestAuthentication `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status v1alpha1.IstioStatus `json:"status"`
|
||||
Status v1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AuthorizationPolicy) DeepCopyInto(out *AuthorizationPolicy) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *AuthorizationPolicy) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *AuthorizationPolicyList) DeepCopyInto(out *AuthorizationPolicyList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -90,7 +88,6 @@ func (in *AuthorizationPolicyList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *PeerAuthentication) DeepCopyInto(out *PeerAuthentication) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -118,7 +115,6 @@ func (in *PeerAuthentication) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *PeerAuthenticationList) DeepCopyInto(out *PeerAuthenticationList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
@ -155,7 +151,6 @@ func (in *PeerAuthenticationList) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *RequestAuthentication) DeepCopyInto(out *RequestAuthentication) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -183,7 +178,6 @@ func (in *RequestAuthentication) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *RequestAuthenticationList) DeepCopyInto(out *RequestAuthenticationList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -49,7 +49,7 @@ import (
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type Telemetry struct {
|
||||
metav1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -59,7 +59,7 @@ type Telemetry struct {
|
|||
// +optional
|
||||
Spec v1alpha1.Telemetry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status metav1alpha1.IstioStatus `json:"status"`
|
||||
Status metav1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Telemetry) DeepCopyInto(out *Telemetry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *Telemetry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TelemetryList) DeepCopyInto(out *TelemetryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
|
@ -49,7 +49,7 @@ import (
|
|||
// +genclient
|
||||
// +k8s:deepcopy-gen=true
|
||||
// -->
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="(has(self.selector)?1:0)+(has(self.targetRef)?1:0)+(has(self.targetRefs)?1:0)<=1"
|
||||
// +kubebuilder:validation:XValidation:message="only one of targetRefs or selector can be set",rule="oneof(self.selector, self.targetRef, self.targetRefs)"
|
||||
type Telemetry struct {
|
||||
v1.TypeMeta `json:",inline"`
|
||||
// +optional
|
||||
|
@ -59,7 +59,7 @@ type Telemetry struct {
|
|||
// +optional
|
||||
Spec telemetryv1alpha1.Telemetry `json:"spec,omitempty" protobuf:"bytes,2,opt,name=spec"`
|
||||
|
||||
Status metav1alpha1.IstioStatus `json:"status"`
|
||||
Status metav1alpha1.IstioStatus `json:"status,omitempty"`
|
||||
}
|
||||
|
||||
// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
|
||||
|
|
|
@ -25,7 +25,6 @@ import (
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *Telemetry) DeepCopyInto(out *Telemetry) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
|
||||
in.Spec.DeepCopyInto(&out.Spec)
|
||||
|
@ -53,7 +52,6 @@ func (in *Telemetry) DeepCopyObject() runtime.Object {
|
|||
|
||||
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
|
||||
func (in *TelemetryList) DeepCopyInto(out *TelemetryList) {
|
||||
*out = *in
|
||||
out.TypeMeta = in.TypeMeta
|
||||
in.ListMeta.DeepCopyInto(&out.ListMeta)
|
||||
if in.Items != nil {
|
||||
|
|
Loading…
Reference in New Issue