diff --git a/apis/istio/authentication/register.go b/apis/istio/authentication/register.go new file mode 100644 index 000000000..f54c7742d --- /dev/null +++ b/apis/istio/authentication/register.go @@ -0,0 +1,21 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package authentication + +const ( + GroupName = "authentication.istio.io" +) diff --git a/apis/istio/authentication/v1alpha1/doc.go b/apis/istio/authentication/v1alpha1/doc.go new file mode 100644 index 000000000..07b17599c --- /dev/null +++ b/apis/istio/authentication/v1alpha1/doc.go @@ -0,0 +1,22 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Api versions allow the api contract for a resource to be changed while keeping +// backward compatibility by support multiple concurrent versions +// of the same resource +// +k8s:deepcopy-gen=package +// +groupName=authentication.istio.io +package v1alpha1 diff --git a/apis/istio/authentication/v1alpha1/policy_types.go b/apis/istio/authentication/v1alpha1/policy_types.go new file mode 100644 index 000000000..5e3357b1d --- /dev/null +++ b/apis/istio/authentication/v1alpha1/policy_types.go @@ -0,0 +1,345 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/knative/pkg/apis/istio/common/v1alpha1" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// VirtualService +type Policy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + Spec PolicySpec `json:"spec"` +} + +// Policy defines what authentication methods can be accepted on workload(s), +// and if authenticated, which method/certificate will set the request principal +// (i.e request.auth.principal attribute). +// +// Authentication policy is composed of 2-part authentication: +// - peer: verify caller service credentials. This part will set source.user +// (peer identity). +// - origin: verify the origin credentials. This part will set request.auth.user +// (origin identity), as well as other attributes like request.auth.presenter, +// request.auth.audiences and raw claims. Note that the identity could be +// end-user, service account, device etc. +// +// Last but not least, the principal binding rule defines which identity (peer +// or origin) should be used as principal. By default, it uses peer. +// +// Examples: +// +// Policy to enable mTLS for all services in namespace frod +// +// apiVersion: authentication.istio.io/v1alpha1 +// kind: Policy +// metadata: +// name: mTLS_enable +// namespace: frod +// spec: +// peers: +// - mtls: +// +// Policy to disable mTLS for "productpage" service +// +// apiVersion: authentication.istio.io/v1alpha1 +// kind: Policy +// metadata: +// name: mTLS_disable +// namespace: frod +// spec: +// targets: +// - name: productpage +// +// Policy to require mTLS for peer authentication, and JWT for origin authenticationn +// for productpage:9000. Principal is set from origin identity. +// +// apiVersion: authentication.istio.io/v1alpha1 +// kind: Policy +// metadata: +// name: mTLS_enable +// namespace: frod +// spec: +// target: +// - name: productpage +// ports: +// - number: 9000 +// peers: +// - mtls: +// origins: +// - jwt: +// issuer: "https://securetoken.google.com" +// audiences: +// - "productpage" +// jwksUri: "https://www.googleapis.com/oauth2/v1/certs" +// jwt_headers: +// - "x-goog-iap-jwt-assertion" +// principaBinding: USE_ORIGIN +// +// Policy to require mTLS for peer authentication, and JWT for origin authenticationn +// for productpage:9000, but allow origin authentication failed. Principal is set +// from origin identity. +// Note: this example can be used for use cases when we want to allow request from +// certain peers, given it comes with an approperiate authorization poicy to check +// and reject request accoridingly. +// +// apiVersion: authentication.istio.io/v1alpha1 +// kind: Policy +// metadata: +// name: mTLS_enable +// namespace: frod +// spec: +// target: +// - name: productpage +// ports: +// - number: 9000 +// peers: +// - mtls: +// origins: +// - jwt: +// issuer: "https://securetoken.google.com" +// audiences: +// - "productpage" +// jwksUri: "https://www.googleapis.com/oauth2/v1/certs" +// jwt_headers: +// - "x-goog-iap-jwt-assertion" +// originIsOptional: true +// principalBinding: USE_ORIGIN +type PolicySpec struct { + // List rules to select destinations that the policy should be applied on. + // If empty, policy will be used on all destinations in the same namespace. + Targets []TargetSelector `json:"targets,omitempty"` + + // List of authentication methods that can be used for peer authentication. + // They will be evaluated in order; the first validate one will be used to + // set peer identity (source.user) and other peer attributes. If none of + // these methods pass, and peer_is_optional flag is false (see below), + // request will be rejected with authentication failed error (401). + // Leave the list empty if peer authentication is not required + Peers []PeerAuthenticationMethod `json:"peers,omitempty"` + + // Set this flag to true to accept request (for peer authentication perspective), + // even when none of the peer authentication methods defined above satisfied. + // Typically, this is used to delay the rejection decision to next layer (e.g + // authorization). + // This flag is ignored if no authentication defined for peer (peers field is empty). + PeerIsOptional bool `json:"peerIsOptional,omitempty"` + + // List of authentication methods that can be used for origin authentication. + // Similar to peers, these will be evaluated in order; the first validate one + // will be used to set origin identity and attributes (i.e request.auth.user, + // request.auth.issuer etc). If none of these methods pass, and origin_is_optional + // is false (see below), request will be rejected with authentication failed + // error (401). + // Leave the list empty if origin authentication is not required. + Origins []OriginAuthenticationMethod `json:"origins,omitempty"` + + // Set this flag to true to accept request (for origin authentication perspective), + // even when none of the origin authentication methods defined above satisfied. + // Typically, this is used to delay the rejection decision to next layer (e.g + // authorization). + // This flag is ignored if no authentication defined for origin (origins field is empty). + OriginIsOptional bool `json:"originIsOptional,omitempty"` + + // Define whether peer or origin identity should be use for principal. Default + // value is USE_PEER. + // If peer (or orgin) identity is not available, either because of peer/origin + // authentication is not defined, or failed, principal will be left unset. + // In other words, binding rule does not affect the decision to accept or + // reject request. + PrincipalBinding PrincipalBinding `json:"principalBinding,omitempty"` +} + +// TargetSelector defines a matching rule to a service/destination. +type TargetSelector struct { + // REQUIRED. The name must be a short name from the service registry. The + // fully qualified domain name will be resolved in a platform specific manner. + Name string `json:"name"` + + // Specifies the ports on the destination. Leave empty to match all ports + // that are exposed. + Ports []PortSelector `json:"ports,omitempty"` +} + +// PortSelector specifies the name or number of a port to be used for +// matching targets for authenticationn policy. This is copied from +// networking API to avoid dependency. +type PortSelector struct { + // It is requred to specify exactly one of the fields: + // Number or Name + + // Valid port number + Number uint32 `json:"number,omitempty"` + + // Port name + Name string `json:"name,omitempty"` +} + +// PeerAuthenticationMethod defines one particular type of authentication, e.g +// mutual TLS, JWT etc, (no authentication is one type by itself) that can +// be used for peer authentication. +// The type can be progammatically determine by checking the type of the +// "params" field. +type PeerAuthenticationMethod struct { + // It is requred to specify exactly one of the fields: + // Mtls or Jwt + // Set if mTLS is used. + Mtls *MutualTls `json:"mtls,omitempty"` + + // Set if JWT is used. This option is not yet available. + Jwt *Jwt `json:"jwt,omitempty"` +} + +// Defines the acceptable connection TLS mode. +type Mode string + +const ( + // Client cert must be presented, connection is in TLS. + ModeStrict Mode = "STRICT" + + // Connection can be either plaintext or TLS, and client cert can be omitted. + ModePermissive Mode = "PERMISSIVE" +) + +// TLS authentication params. +type MutualTls struct { + + // WILL BE DEPRECATED, if set, will translates to `TLS_PERMISSIVE` mode. + // Set this flag to true to allow regular TLS (i.e without client x509 + // certificate). If request carries client certificate, identity will be + // extracted and used (set to peer identity). Otherwise, peer identity will + // be left unset. + // When the flag is false (default), request must have client certificate. + AllowTls bool `json:"allowTls,omitempty"` + + // Defines the mode of mTLS authentication. + Mode Mode `json:"mode,omitempty"` +} + +// JSON Web Token (JWT) token format for authentication as defined by +// https://tools.ietf.org/html/rfc7519. See [OAuth +// 2.0](https://tools.ietf.org/html/rfc6749) and [OIDC +// 1.0](http://openid.net/connect) for how this is used in the whole +// authentication flow. +// +// Example, +// +// issuer: https://example.com +// audiences: +// - bookstore_android.apps.googleusercontent.com +// bookstore_web.apps.googleusercontent.com +// jwksUri: https://example.com/.well-known/jwks.json +// +type Jwt struct { + // Identifies the issuer that issued the JWT. See + // [issuer](https://tools.ietf.org/html/rfc7519#section-4.1.1) + // Usually a URL or an email address. + // + // Example: https://securetoken.google.com + // Example: 1234567-compute@developer.gserviceaccount.com + Issuer string `json:"issuer,omitempty"` + + // The list of JWT + // [audiences](https://tools.ietf.org/html/rfc7519#section-4.1.3). + // that are allowed to access. A JWT containing any of these + // audiences will be accepted. + // + // The service name will be accepted if audiences is empty. + // + // Example: + // + // ```yaml + // audiences: + // - bookstore_android.apps.googleusercontent.com + // bookstore_web.apps.googleusercontent.com + // ``` + Audiences []string `json:"audiences,omitempty"` + + // URL of the provider's public key set to validate signature of the + // JWT. See [OpenID + // Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata). + // + // Optional if the key set document can either (a) be retrieved from + // [OpenID + // Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html) of + // the issuer or (b) inferred from the email domain of the issuer (e.g. a + // Google service account). + // + // Example: https://www.googleapis.com/oauth2/v1/certs + JwksUri string `json:"jwksUri,omitempty"` + + // Two fields below define where to extract the JWT from an HTTP request. + // + // If no explicit location is specified the following default + // locations are tried in order: + // + // 1) The Authorization header using the Bearer schema, + // e.g. Authorization: Bearer . (see + // [Authorization Request Header + // Field](https://tools.ietf.org/html/rfc6750#section-2.1)) + // + // 2) `access_token` query parameter (see + // [URI Query Parameter](https://tools.ietf.org/html/rfc6750#section-2.3)) + // JWT is sent in a request header. `header` represents the + // header name. + // + // For example, if `header=x-goog-iap-jwt-assertion`, the header + // format will be x-goog-iap-jwt-assertion: . + JwtHeaders []string `json:"jwtHeaders,omitempty"` + + // JWT is sent in a query parameter. `query` represents the + // query parameter name. + // + // For example, `query=jwt_token`. + JwtParams []string `json:"jwtParams,omitempty"` + + // URL paths that should be excluded from the JWT validation. If the request path is matched, + // the JWT validation will be skipped and the request will proceed regardless. + // This is useful to keep a couple of URLs public for external health checks. + // Example: "/health_check", "/status/cpu_usage". + ExcludedPaths []v1alpha1.StringMatch `json:"excludedPaths,omitempty"` +} + +// OriginAuthenticationMethod defines authentication method/params for origin +// authentication. Origin could be end-user, device, delegate service etc. +// Currently, only JWT is supported for origin authentication. +type OriginAuthenticationMethod struct { + // Jwt params for the method. + Jwt *Jwt `json:"jwt,omitempty"` +} + +// Associates authentication with request principal. +type PrincipalBinding string + +const ( + // Principal will be set to the identity from peer authentication. + PrincipalBindingUserPeer PrincipalBinding = "USE_PEER" + // Principal will be set to the identity from peer authentication. + PrincipalBindingUserOrigin PrincipalBinding = "USE_ORIGIN" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// PolicyLIst is a list of Policy resources +type PolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + Items []Policy `json:"items"` +} diff --git a/apis/istio/authentication/v1alpha1/register.go b/apis/istio/authentication/v1alpha1/register.go new file mode 100644 index 000000000..7809d1cd9 --- /dev/null +++ b/apis/istio/authentication/v1alpha1/register.go @@ -0,0 +1,52 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +import ( + "github.com/knative/pkg/apis/istio/authentication" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: authentication.GroupName, Version: "v1alpha1"} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to Scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &Policy{}, + &PolicyList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/apis/istio/authentication/v1alpha1/zz_generated.deepcopy.go b/apis/istio/authentication/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 000000000..1879de764 --- /dev/null +++ b/apis/istio/authentication/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,259 @@ +// +build !ignore_autogenerated + +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + commonv1alpha1 "github.com/knative/pkg/apis/istio/common/v1alpha1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Jwt) DeepCopyInto(out *Jwt) { + *out = *in + if in.Audiences != nil { + in, out := &in.Audiences, &out.Audiences + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.JwtHeaders != nil { + in, out := &in.JwtHeaders, &out.JwtHeaders + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.JwtParams != nil { + in, out := &in.JwtParams, &out.JwtParams + *out = make([]string, len(*in)) + copy(*out, *in) + } + if in.ExcludedPaths != nil { + in, out := &in.ExcludedPaths, &out.ExcludedPaths + *out = make([]commonv1alpha1.StringMatch, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Jwt. +func (in *Jwt) DeepCopy() *Jwt { + if in == nil { + return nil + } + out := new(Jwt) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *MutualTls) DeepCopyInto(out *MutualTls) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MutualTls. +func (in *MutualTls) DeepCopy() *MutualTls { + if in == nil { + return nil + } + out := new(MutualTls) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OriginAuthenticationMethod) DeepCopyInto(out *OriginAuthenticationMethod) { + *out = *in + if in.Jwt != nil { + in, out := &in.Jwt, &out.Jwt + *out = new(Jwt) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OriginAuthenticationMethod. +func (in *OriginAuthenticationMethod) DeepCopy() *OriginAuthenticationMethod { + if in == nil { + return nil + } + out := new(OriginAuthenticationMethod) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PeerAuthenticationMethod) DeepCopyInto(out *PeerAuthenticationMethod) { + *out = *in + if in.Mtls != nil { + in, out := &in.Mtls, &out.Mtls + *out = new(MutualTls) + **out = **in + } + if in.Jwt != nil { + in, out := &in.Jwt, &out.Jwt + *out = new(Jwt) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PeerAuthenticationMethod. +func (in *PeerAuthenticationMethod) DeepCopy() *PeerAuthenticationMethod { + if in == nil { + return nil + } + out := new(PeerAuthenticationMethod) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Policy) DeepCopyInto(out *Policy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy. +func (in *Policy) DeepCopy() *Policy { + if in == nil { + return nil + } + out := new(Policy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Policy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicyList) DeepCopyInto(out *PolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Policy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList. +func (in *PolicyList) DeepCopy() *PolicyList { + if in == nil { + return nil + } + out := new(PolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *PolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PolicySpec) DeepCopyInto(out *PolicySpec) { + *out = *in + if in.Targets != nil { + in, out := &in.Targets, &out.Targets + *out = make([]TargetSelector, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Peers != nil { + in, out := &in.Peers, &out.Peers + *out = make([]PeerAuthenticationMethod, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.Origins != nil { + in, out := &in.Origins, &out.Origins + *out = make([]OriginAuthenticationMethod, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec. +func (in *PolicySpec) DeepCopy() *PolicySpec { + if in == nil { + return nil + } + out := new(PolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PortSelector) DeepCopyInto(out *PortSelector) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortSelector. +func (in *PortSelector) DeepCopy() *PortSelector { + if in == nil { + return nil + } + out := new(PortSelector) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TargetSelector) DeepCopyInto(out *TargetSelector) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = make([]PortSelector, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetSelector. +func (in *TargetSelector) DeepCopy() *TargetSelector { + if in == nil { + return nil + } + out := new(TargetSelector) + in.DeepCopyInto(out) + return out +} diff --git a/apis/istio/common/v1alpha1/string.go b/apis/istio/common/v1alpha1/string.go new file mode 100644 index 000000000..ec5c8d392 --- /dev/null +++ b/apis/istio/common/v1alpha1/string.go @@ -0,0 +1,35 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha1 + +// Describes how to match a given string in HTTP headers. Match is +// case-sensitive. +type StringMatch struct { + // Specified exactly one of the fields below. + + // exact string match + Exact string `json:"exact,omitempty"` + + // prefix-based match + Prefix string `json:"prefix,omitempty"` + + // suffix-based match. + Suffix string `json:"prefix,omitempty"` + + // ECMAscript style regex-based match + Regex string `json:"regex,omitempty"` +} diff --git a/apis/istio/v1alpha3/destinationrule_types.go b/apis/istio/v1alpha3/destinationrule_types.go new file mode 100644 index 000000000..181d1f733 --- /dev/null +++ b/apis/istio/v1alpha3/destinationrule_types.go @@ -0,0 +1,547 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package v1alpha3 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// DestinationRule +type DestinationRule struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + Spec DestinationRuleSpec `json:"spec"` +} + +// DestinationRule defines policies that apply to traffic intended for a +// service after routing has occurred. These rules specify configuration +// for load balancing, connection pool size from the sidecar, and outlier +// detection settings to detect and evict unhealthy hosts from the load +// balancing pool. For example, a simple load balancing policy for the +// ratings service would look as follows: +// +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-ratings +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: +// loadBalancer: +// simple: LEAST_CONN +// +// +// Version specific policies can be specified by defining a named +// subset and overriding the settings specified at the service level. The +// following rule uses a round robin load balancing policy for all traffic +// going to a subset named testversion that is composed of endpoints (e.g., +// pods) with labels (version:v3). +// +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-ratings +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: +// loadBalancer: +// simple: LEAST_CONN +// subsets: +// - name: testversion +// labels: +// version: v3 +// trafficPolicy: +// loadBalancer: +// simple: ROUND_ROBIN +// +// +// **Note:** Policies specified for subsets will not take effect until +// a route rule explicitly sends traffic to this subset. +// +// Traffic policies can be customized to specific ports as well. The +// following rule uses the least connection load balancing policy for all +// traffic to port 80, while uses a round robin load balancing setting for +// traffic to the port 9080. +// +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-ratings-port +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: # Apply to all ports +// portLevelSettings: +// - port: +// number: 80 +// loadBalancer: +// simple: LEAST_CONN +// - port: +// number: 9080 +// loadBalancer: +// simple: ROUND_ROBIN +// +type DestinationRuleSpec struct { + // REQUIRED. The name of a service from the service registry. Service + // names are looked up from the platform's service registry (e.g., + // Kubernetes services, Consul services, etc.) and from the hosts + // declared by [ServiceEntries](#ServiceEntry). Rules defined for + // services that do not exist in the service registry will be ignored. + // + // *Note for Kubernetes users*: When short names are used (e.g. "reviews" + // instead of "reviews.default.svc.cluster.local"), Istio will interpret + // the short name based on the namespace of the rule, not the service. A + // rule in the "default" namespace containing a host "reviews will be + // interpreted as "reviews.default.svc.cluster.local", irrespective of + // the actual namespace associated with the reviews service. _To avoid + // potential misconfigurations, it is recommended to always use fully + // qualified domain names over short names._ + // + // Note that the host field applies to both HTTP and TCP services. + Host string `json:"host"` + + // Traffic policies to apply (load balancing policy, connection pool + // sizes, outlier detection). + TrafficPolicy *TrafficPolicy `json:"trafficPolicy,omitempty"` + + // One or more named sets that represent individual versions of a + // service. Traffic policies can be overridden at subset level. + Subsets []Subset `json:"subsets,omitempty"` +} + +// Traffic policies to apply for a specific destination, across all +// destination ports. See DestinationRule for examples. +type TrafficPolicy struct { + + // Settings controlling the load balancer algorithms. + LoadBalancer *LoadBalancerSettings `json:"loadBalancer,omitempty"` + + // Settings controlling the volume of connections to an upstream service + ConnectionPool *ConnectionPoolSettings `json:"connectionPool,omitempty"` + + // Settings controlling eviction of unhealthy hosts from the load balancing pool + OutlierDetection *OutlierDetection `json:"outlierDetection,omitempty"` + + // TLS related settings for connections to the upstream service. + Tls *TLSSettings `json:"tls,omitempty"` + + // Traffic policies specific to individual ports. Note that port level + // settings will override the destination-level settings. Traffic + // settings specified at the destination-level will not be inherited when + // overridden by port-level settings, i.e. default values will be applied + // to fields omitted in port-level traffic policies. + PortLevelSettings []PortTrafficPolicy `json:"portLevelSettings,omitempty"` +} + +// Traffic policies that apply to specific ports of the service +type PortTrafficPolicy struct { + // Specifies the port name or number of a port on the destination service + // on which this policy is being applied. + // + // Names must comply with DNS label syntax (rfc1035) and therefore cannot + // collide with numbers. If there are multiple ports on a service with + // the same protocol the names should be of the form -. + Port PortSelector `json:"port"` + + // Settings controlling the load balancer algorithms. + LoadBalancer *LoadBalancerSettings `json:"loadBalancer,omitempty"` + + // Settings controlling the volume of connections to an upstream service + ConnectionPool *ConnectionPoolSettings `json:"connectionPool,omitempty"` + + // Settings controlling eviction of unhealthy hosts from the load balancing pool + OutlierDetection *OutlierDetection `json:"outlierDetection,omitempty"` + + // TLS related settings for connections to the upstream service. + Tls *TLSSettings `json:"tls,omitempty"` +} + +// A subset of endpoints of a service. Subsets can be used for scenarios +// like A/B testing, or routing to a specific version of a service. Refer +// to [VirtualService](#VirtualService) documentation for examples of using +// subsets in these scenarios. In addition, traffic policies defined at the +// service-level can be overridden at a subset-level. The following rule +// uses a round robin load balancing policy for all traffic going to a +// subset named testversion that is composed of endpoints (e.g., pods) with +// labels (version:v3). +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-ratings +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: +// loadBalancer: +// simple: LEAST_CONN +// subsets: +// - name: testversion +// labels: +// version: v3 +// trafficPolicy: +// loadBalancer: +// simple: ROUND_ROBIN +// +// **Note:** Policies specified for subsets will not take effect until +// a route rule explicitly sends traffic to this subset. +type Subset struct { + // REQUIRED. Name of the subset. The service name and the subset name can + // be used for traffic splitting in a route rule. + Name string `json:"port"` + + // REQUIRED. Labels apply a filter over the endpoints of a service in the + // service registry. See route rules for examples of usage. + Labels map[string]string `json:"labels"` + + // Traffic policies that apply to this subset. Subsets inherit the + // traffic policies specified at the DestinationRule level. Settings + // specified at the subset level will override the corresponding settings + // specified at the DestinationRule level. + TrafficPolicy *TrafficPolicy `json:"trafficPolicy,omitempty"` +} + +// Load balancing policies to apply for a specific destination. See Envoy's +// load balancing +// [documentation](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/load_balancing.html) +// for more details. +// +// For example, the following rule uses a round robin load balancing policy +// for all traffic going to the ratings service. +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-ratings +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: +// loadBalancer: +// simple: ROUND_ROBIN +// +// The following example sets up sticky sessions for the ratings service +// hashing-based load balancer for the same ratings service using the +// the User cookie as the hash key. +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-ratings +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: +// loadBalancer: +// consistentHash: +// httpCookie: +// name: user +// ttl: 0s +type LoadBalancerSettings struct { + // It is requred to specify exactly one of the fields: + // Simple or ConsistentHash + Simple SimpleLB `json:"simple,omitempty"` + ConsistentHash *ConsistentHashLB `json:"consistentHash,omitempty"` +} + +// Standard load balancing algorithms that require no tuning. +type SimpleLB string + +const ( + // Round Robin policy. Default + SimpleLBRoundRobin SimpleLB = "ROUND_ROBIN" + + // The least request load balancer uses an O(1) algorithm which selects + // two random healthy hosts and picks the host which has fewer active + // requests. + SimpleLBLeastConn SimpleLB = "LEAST_CONN" + + // The random load balancer selects a random healthy host. The random + // load balancer generally performs better than round robin if no health + // checking policy is configured. + SimpleLBRandom SimpleLB = "RANDOM" + + // This option will forward the connection to the original IP address + // requested by the caller without doing any form of load + // balancing. This option must be used with care. It is meant for + // advanced use cases. Refer to Original Destination load balancer in + // Envoy for further details. + SimpleLBPassthrough SimpleLB = "PASSTHROUGH" +) + +// Consistent Hash-based load balancing can be used to provide soft +// session affinity based on HTTP headers, cookies or other +// properties. This load balancing policy is applicable only for HTTP +// connections. The affinity to a particular destination host will be +// lost when one or more hosts are added/removed from the destination +// service. +type ConsistentHashLB struct { + + // It is requred to specify exactly one of the fields as hash key: + // HttpHeaderName, HttpCookie, or UseSourceIP. + // Hash based on a specific HTTP header. + HttpHeaderName string `json:"httpHeaderName,omitempty"` + + // Hash based on HTTP cookie. + HttpCookie *HTTPCookie `json:"httpCookie,omitempty"` + + // Hash based on the source IP address. + UseSourceIp bool `json:"useSourceIp,omitempty"` + + // The minimum number of virtual nodes to use for the hash + // ring. Defaults to 1024. Larger ring sizes result in more granular + // load distributions. If the number of hosts in the load balancing + // pool is larger than the ring size, each host will be assigned a + // single virtual node. + MinimumRingSize uint64 `json:"minimumRingSize,omitempty"` +} + +// Describes a HTTP cookie that will be used as the hash key for the +// Consistent Hash load balancer. If the cookie is not present, it will +// be generated. +type HTTPCookie struct { + // REQUIRED. Name of the cookie. + Name string `json:"name"` + + // Path to set for the cookie. + Path string `json:"path,omitempty"` + + // REQUIRED. Lifetime of the cookie. + Ttl string `json:"ttl"` +} + +// Connection pool settings for an upstream host. The settings apply to +// each individual host in the upstream service. See Envoy's [circuit +// breaker](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/circuit_breaking) +// for more details. Connection pool settings can be applied at the TCP +// level as well as at HTTP level. +// +// For example, the following rule sets a limit of 100 connections to redis +// service called myredissrv with a connect timeout of 30ms +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: bookinfo-redis +// spec: +// host: myredissrv.prod.svc.cluster.local +// trafficPolicy: +// connectionPool: +// tcp: +// maxConnections: 100 +// connectTimeout: 30ms +type ConnectionPoolSettings struct { + + // Settings common to both HTTP and TCP upstream connections. + Tcp *TCPSettings `json:"tcp,omitempty"` + + // HTTP connection pool settings. + Http *HTTPSettings `json:"http,omitempty"` +} + +// Settings common to both HTTP and TCP upstream connections. +type TCPSettings struct { + // Maximum number of HTTP1 /TCP connections to a destination host. + MaxConnections int32 `json:"maxConnections,omitempty"` + + // TCP connection timeout. + ConnectTimeout string `json:"connectTimeout,omitempty"` +} + +// Settings applicable to HTTP1.1/HTTP2/GRPC connections. +type HTTPSettings struct { + // Maximum number of pending HTTP requests to a destination. Default 1024. + Http1MaxPendingRequests int32 `json:"http1MaxPendingRequests,omitempty"` + + // Maximum number of requests to a backend. Default 1024. + Http2MaxRequests int32 `json:"http2MaxRequests,omitempty"` + + // Maximum number of requests per connection to a backend. Setting this + // parameter to 1 disables keep alive. + MaxRequestsPerConnection int32 `json:"maxRequestsPerConnection,omitempty"` + + // Maximum number of retries that can be outstanding to all hosts in a + // cluster at a given time. Defaults to 3. + MaxRetries int32 `json:"maxRetries,omitempty"` +} + +// A Circuit breaker implementation that tracks the status of each +// individual host in the upstream service. Applicable to both HTTP and +// TCP services. For HTTP services, hosts that continually return 5xx +// errors for API calls are ejected from the pool for a pre-defined period +// of time. For TCP services, connection timeouts or connection +// failures to a given host counts as an error when measuring the +// consecutive errors metric. See Envoy's [outlier +// detection](https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/outlier) +// for more details. +// +// The following rule sets a connection pool size of 100 connections and +// 1000 concurrent HTTP2 requests, with no more than 10 req/connection to +// "reviews" service. In addition, it configures upstream hosts to be +// scanned every 5 mins, such that any host that fails 7 consecutive times +// with 5XX error code will be ejected for 15 minutes. +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: reviews-cb-policy +// spec: +// host: reviews.prod.svc.cluster.local +// trafficPolicy: +// connectionPool: +// tcp: +// maxConnections: 100 +// http: +// http2MaxRequests: 1000 +// maxRequestsPerConnection: 10 +// outlierDetection: +// consecutiveErrors: 7 +// interval: 5m +// baseEjectionTime: 15m +type OutlierDetection struct { + // Number of errors before a host is ejected from the connection + // pool. Defaults to 5. When the upstream host is accessed over HTTP, a + // 5xx return code qualifies as an error. When the upstream host is + // accessed over an opaque TCP connection, connect timeouts and + // connection error/failure events qualify as an error. + ConsecutiveErrors int32 `json:"consecutiveErrors,omitempty"` + + // Time interval between ejection sweep analysis. format: + // 1h/1m/1s/1ms. MUST BE >=1ms. Default is 10s. + Interval string `json:"interval,omitempty"` + + // Minimum ejection duration. A host will remain ejected for a period + // equal to the product of minimum ejection duration and the number of + // times the host has been ejected. This technique allows the system to + // automatically increase the ejection period for unhealthy upstream + // servers. format: 1h/1m/1s/1ms. MUST BE >=1ms. Default is 30s. + BaseEjectionTime string `json:"baseEjectionTime,omitempty"` + + // Maximum % of hosts in the load balancing pool for the upstream + // service that can be ejected. Defaults to 10%. + MaxEjectionPercent int32 `json:"maxEjectionPercent,omitempty"` +} + +// SSL/TLS related settings for upstream connections. See Envoy's [TLS +// context](https://www.envoyproxy.io/docs/envoy/latest/api-v1/cluster_manager/cluster_ssl.html#config-cluster-manager-cluster-ssl) +// for more details. These settings are common to both HTTP and TCP upstreams. +// +// For example, the following rule configures a client to use mutual TLS +// for connections to upstream database cluster. +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: db-mtls +// spec: +// host: mydbserver.prod.svc.cluster.local +// trafficPolicy: +// tls: +// mode: MUTUAL +// clientCertificate: /etc/certs/myclientcert.pem +// privateKey: /etc/certs/client_private_key.pem +// caCertificates: /etc/certs/rootcacerts.pem +// +// The following rule configures a client to use TLS when talking to a +// foreign service whose domain matches *.foo.com. +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: tls-foo +// spec: +// host: "*.foo.com" +// trafficPolicy: +// tls: +// mode: SIMPLE +// +// The following rule configures a client to use Istio mutual TLS when talking +// to rating services. +// +// apiVersion: networking.istio.io/v1alpha3 +// kind: DestinationRule +// metadata: +// name: ratings-istio-mtls +// spec: +// host: ratings.prod.svc.cluster.local +// trafficPolicy: +// tls: +// mode: ISTIO_MUTUAL +type TLSSettings struct { + + // REQUIRED: Indicates whether connections to this port should be secured + // using TLS. The value of this field determines how TLS is enforced. + Mode TLSmode `json:"mode"` + + // REQUIRED if mode is `MUTUAL`. The path to the file holding the + // client-side TLS certificate to use. + // Should be empty if mode is `ISTIO_MUTUAL`. + ClientCertificate string `json:"clientCertificate,omitempty"` + + // REQUIRED if mode is `MUTUAL`. The path to the file holding the + // client's private key. + // Should be empty if mode is `ISTIO_MUTUAL`. + PrivateKey string `json:"privateKey,omitempty"` + + // OPTIONAL: The path to the file containing certificate authority + // certificates to use in verifying a presented server certificate. If + // omitted, the proxy will not verify the server's certificate. + // Should be empty if mode is `ISTIO_MUTUAL`. + CaCertificates string `json:"caCertificates,omitempty"` + + // A list of alternate names to verify the subject identity in the + // certificate. If specified, the proxy will verify that the server + // certificate's subject alt name matches one of the specified values. + // Should be empty if mode is `ISTIO_MUTUAL`. + SubjectAltNames []string `json:"subjectAltNames,omitempty"` + + // SNI string to present to the server during TLS handshake. + // Should be empty if mode is `ISTIO_MUTUAL`. + Sni string `json:"sni,omitempty"` +} + +// TLS connection mode +type TLSmode string + +const ( + // Do not setup a TLS connection to the upstream endpoint. + TLSmodeDisable TLSmode = "DISABLE" + + // Originate a TLS connection to the upstream endpoint. + TLSmodeSimple TLSmode = "SIMPLE" + + // Secure connections to the upstream using mutual TLS by presenting + // client certificates for authentication. + TLSmodeMutual TLSmode = "MUTUAL" + + // Secure connections to the upstream using mutual TLS by presenting + // client certificates for authentication. + // Compared to Mutual mode, this mode uses certificates generated + // automatically by Istio for mTLS authentication. When this mode is + // used, all other fields in `TLSSettings` should be empty. + TLSmodeIstioMutual TLSmode = "ISTIO_MUTUAL" +) + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// DestinationRuleList is a list of DestinationRule resources +type DestinationRuleList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata"` + Items []DestinationRule `json:"items"` +} diff --git a/apis/istio/v1alpha3/register.go b/apis/istio/v1alpha3/register.go index 9ea16a533..c2089e5c2 100644 --- a/apis/istio/v1alpha3/register.go +++ b/apis/istio/v1alpha3/register.go @@ -46,8 +46,10 @@ func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes(SchemeGroupVersion, &VirtualService{}, &Gateway{}, + &DestinationRule{}, &VirtualServiceList{}, &GatewayList{}, + &DestinationRuleList{}, ) metav1.AddToGroupVersion(scheme, SchemeGroupVersion) return nil diff --git a/apis/istio/v1alpha3/virtualservice_types.go b/apis/istio/v1alpha3/virtualservice_types.go index 87e2f9815..eb65683e1 100644 --- a/apis/istio/v1alpha3/virtualservice_types.go +++ b/apis/istio/v1alpha3/virtualservice_types.go @@ -18,6 +18,7 @@ package v1alpha3 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "github.com/knative/pkg/apis/istio/common/v1alpha1" ) // +genclient @@ -234,7 +235,7 @@ type HTTPMatchRequest struct { // // - `regex: "value"` for ECMAscript style regex-based match // - Uri *StringMatch `json:"uri,omitempty"` + Uri *v1alpha1.StringMatch `json:"uri,omitempty"` // URI Scheme // values are case-sensitive and formatted as follows: @@ -245,7 +246,7 @@ type HTTPMatchRequest struct { // // - `regex: "value"` for ECMAscript style regex-based match // - Scheme *StringMatch `json:"scheme,omitempty"` + Scheme *v1alpha1.StringMatch `json:"scheme,omitempty"` // HTTP Method // values are case-sensitive and formatted as follows: @@ -256,7 +257,7 @@ type HTTPMatchRequest struct { // // - `regex: "value"` for ECMAscript style regex-based match // - Method *StringMatch `json:"method,omitempty"` + Method *v1alpha1.StringMatch `json:"method,omitempty"` // HTTP Authority // values are case-sensitive and formatted as follows: @@ -267,7 +268,7 @@ type HTTPMatchRequest struct { // // - `regex: "value"` for ECMAscript style regex-based match // - Authority *StringMatch `json:"authority,omitempty"` + Authority *v1alpha1.StringMatch `json:"authority,omitempty"` // The header keys must be lowercase and use hyphen as the separator, // e.g. _x-request-id_. @@ -281,22 +282,7 @@ type HTTPMatchRequest struct { // - `regex: "value"` for ECMAscript style regex-based match // // **Note:** The keys `uri`, `scheme`, `method`, and `authority` will be ignored. - Headers map[string]StringMatch `json:"headers,omitempty"` -} - -// Describes how to match a given string in HTTP headers. Match is -// case-sensitive. -type StringMatch struct { - // Specified exactly one of the fields below. - - // exact string match - Exact string `json:"exact,omitempty"` - - // prefix-based match - Prefix string `json:"prefix,omitempty"` - - // ECMAscript style regex-based match - Regex string `json:"regex,omitempty"` + Headers map[string]v1alpha1.StringMatch `json:"headers,omitempty"` } type DestinationWeight struct { diff --git a/apis/istio/v1alpha3/zz_generated.deepcopy.go b/apis/istio/v1alpha3/zz_generated.deepcopy.go index 8e323c689..e5a9a2c6d 100644 --- a/apis/istio/v1alpha3/zz_generated.deepcopy.go +++ b/apis/istio/v1alpha3/zz_generated.deepcopy.go @@ -21,9 +21,57 @@ limitations under the License. package v1alpha3 import ( + v1alpha1 "github.com/knative/pkg/apis/istio/common/v1alpha1" runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConnectionPoolSettings) DeepCopyInto(out *ConnectionPoolSettings) { + *out = *in + if in.Tcp != nil { + in, out := &in.Tcp, &out.Tcp + *out = new(TCPSettings) + **out = **in + } + if in.Http != nil { + in, out := &in.Http, &out.Http + *out = new(HTTPSettings) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConnectionPoolSettings. +func (in *ConnectionPoolSettings) DeepCopy() *ConnectionPoolSettings { + if in == nil { + return nil + } + out := new(ConnectionPoolSettings) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ConsistentHashLB) DeepCopyInto(out *ConsistentHashLB) { + *out = *in + if in.HttpCookie != nil { + in, out := &in.HttpCookie, &out.HttpCookie + *out = new(HTTPCookie) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConsistentHashLB. +func (in *ConsistentHashLB) DeepCopy() *ConsistentHashLB { + if in == nil { + return nil + } + out := new(ConsistentHashLB) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CorsPolicy) DeepCopyInto(out *CorsPolicy) { *out = *in @@ -77,6 +125,94 @@ func (in *Destination) DeepCopy() *Destination { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DestinationRule) DeepCopyInto(out *DestinationRule) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DestinationRule. +func (in *DestinationRule) DeepCopy() *DestinationRule { + if in == nil { + return nil + } + out := new(DestinationRule) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DestinationRule) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DestinationRuleList) DeepCopyInto(out *DestinationRuleList) { + *out = *in + out.TypeMeta = in.TypeMeta + out.ListMeta = in.ListMeta + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]DestinationRule, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DestinationRuleList. +func (in *DestinationRuleList) DeepCopy() *DestinationRuleList { + if in == nil { + return nil + } + out := new(DestinationRuleList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DestinationRuleList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DestinationRuleSpec) DeepCopyInto(out *DestinationRuleSpec) { + *out = *in + if in.TrafficPolicy != nil { + in, out := &in.TrafficPolicy, &out.TrafficPolicy + *out = new(TrafficPolicy) + (*in).DeepCopyInto(*out) + } + if in.Subsets != nil { + in, out := &in.Subsets, &out.Subsets + *out = make([]Subset, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DestinationRuleSpec. +func (in *DestinationRuleSpec) DeepCopy() *DestinationRuleSpec { + if in == nil { + return nil + } + out := new(DestinationRuleSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DestinationWeight) DeepCopyInto(out *DestinationWeight) { *out = *in @@ -184,6 +320,22 @@ func (in *GatewaySpec) DeepCopy() *GatewaySpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPCookie) DeepCopyInto(out *HTTPCookie) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPCookie. +func (in *HTTPCookie) DeepCopy() *HTTPCookie { + if in == nil { + return nil + } + out := new(HTTPCookie) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *HTTPFaultInjection) DeepCopyInto(out *HTTPFaultInjection) { *out = *in @@ -215,27 +367,27 @@ func (in *HTTPMatchRequest) DeepCopyInto(out *HTTPMatchRequest) { *out = *in if in.Uri != nil { in, out := &in.Uri, &out.Uri - *out = new(StringMatch) + *out = new(v1alpha1.StringMatch) **out = **in } if in.Scheme != nil { in, out := &in.Scheme, &out.Scheme - *out = new(StringMatch) + *out = new(v1alpha1.StringMatch) **out = **in } if in.Method != nil { in, out := &in.Method, &out.Method - *out = new(StringMatch) + *out = new(v1alpha1.StringMatch) **out = **in } if in.Authority != nil { in, out := &in.Authority, &out.Authority - *out = new(StringMatch) + *out = new(v1alpha1.StringMatch) **out = **in } if in.Headers != nil { in, out := &in.Headers, &out.Headers - *out = make(map[string]StringMatch, len(*in)) + *out = make(map[string]v1alpha1.StringMatch, len(*in)) for key, val := range *in { (*out)[key] = val } @@ -368,6 +520,22 @@ func (in *HTTPRoute) DeepCopy() *HTTPRoute { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *HTTPSettings) DeepCopyInto(out *HTTPSettings) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPSettings. +func (in *HTTPSettings) DeepCopy() *HTTPSettings { + if in == nil { + return nil + } + out := new(HTTPSettings) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InjectAbort) DeepCopyInto(out *InjectAbort) { *out = *in @@ -428,6 +596,43 @@ func (in *L4MatchAttributes) DeepCopy() *L4MatchAttributes { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LoadBalancerSettings) DeepCopyInto(out *LoadBalancerSettings) { + *out = *in + if in.ConsistentHash != nil { + in, out := &in.ConsistentHash, &out.ConsistentHash + *out = new(ConsistentHashLB) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LoadBalancerSettings. +func (in *LoadBalancerSettings) DeepCopy() *LoadBalancerSettings { + if in == nil { + return nil + } + out := new(LoadBalancerSettings) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *OutlierDetection) DeepCopyInto(out *OutlierDetection) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OutlierDetection. +func (in *OutlierDetection) DeepCopy() *OutlierDetection { + if in == nil { + return nil + } + out := new(OutlierDetection) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Port) DeepCopyInto(out *Port) { *out = *in @@ -460,6 +665,43 @@ func (in *PortSelector) DeepCopy() *PortSelector { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *PortTrafficPolicy) DeepCopyInto(out *PortTrafficPolicy) { + *out = *in + out.Port = in.Port + if in.LoadBalancer != nil { + in, out := &in.LoadBalancer, &out.LoadBalancer + *out = new(LoadBalancerSettings) + (*in).DeepCopyInto(*out) + } + if in.ConnectionPool != nil { + in, out := &in.ConnectionPool, &out.ConnectionPool + *out = new(ConnectionPoolSettings) + (*in).DeepCopyInto(*out) + } + if in.OutlierDetection != nil { + in, out := &in.OutlierDetection, &out.OutlierDetection + *out = new(OutlierDetection) + **out = **in + } + if in.Tls != nil { + in, out := &in.Tls, &out.Tls + *out = new(TLSSettings) + (*in).DeepCopyInto(*out) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PortTrafficPolicy. +func (in *PortTrafficPolicy) DeepCopy() *PortTrafficPolicy { + if in == nil { + return nil + } + out := new(PortTrafficPolicy) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Server) DeepCopyInto(out *Server) { *out = *in @@ -488,17 +730,29 @@ func (in *Server) DeepCopy() *Server { } // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *StringMatch) DeepCopyInto(out *StringMatch) { +func (in *Subset) DeepCopyInto(out *Subset) { *out = *in + if in.Labels != nil { + in, out := &in.Labels, &out.Labels + *out = make(map[string]string, len(*in)) + for key, val := range *in { + (*out)[key] = val + } + } + if in.TrafficPolicy != nil { + in, out := &in.TrafficPolicy, &out.TrafficPolicy + *out = new(TrafficPolicy) + (*in).DeepCopyInto(*out) + } return } -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StringMatch. -func (in *StringMatch) DeepCopy() *StringMatch { +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subset. +func (in *Subset) DeepCopy() *Subset { if in == nil { return nil } - out := new(StringMatch) + out := new(Subset) in.DeepCopyInto(out) return out } @@ -527,6 +781,22 @@ func (in *TCPRoute) DeepCopy() *TCPRoute { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPSettings) DeepCopyInto(out *TCPSettings) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPSettings. +func (in *TCPSettings) DeepCopy() *TCPSettings { + if in == nil { + return nil + } + out := new(TCPSettings) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TLSOptions) DeepCopyInto(out *TLSOptions) { *out = *in @@ -548,6 +818,70 @@ func (in *TLSOptions) DeepCopy() *TLSOptions { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TLSSettings) DeepCopyInto(out *TLSSettings) { + *out = *in + if in.SubjectAltNames != nil { + in, out := &in.SubjectAltNames, &out.SubjectAltNames + *out = make([]string, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TLSSettings. +func (in *TLSSettings) DeepCopy() *TLSSettings { + if in == nil { + return nil + } + out := new(TLSSettings) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TrafficPolicy) DeepCopyInto(out *TrafficPolicy) { + *out = *in + if in.LoadBalancer != nil { + in, out := &in.LoadBalancer, &out.LoadBalancer + *out = new(LoadBalancerSettings) + (*in).DeepCopyInto(*out) + } + if in.ConnectionPool != nil { + in, out := &in.ConnectionPool, &out.ConnectionPool + *out = new(ConnectionPoolSettings) + (*in).DeepCopyInto(*out) + } + if in.OutlierDetection != nil { + in, out := &in.OutlierDetection, &out.OutlierDetection + *out = new(OutlierDetection) + **out = **in + } + if in.Tls != nil { + in, out := &in.Tls, &out.Tls + *out = new(TLSSettings) + (*in).DeepCopyInto(*out) + } + if in.PortLevelSettings != nil { + in, out := &in.PortLevelSettings, &out.PortLevelSettings + *out = make([]PortTrafficPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrafficPolicy. +func (in *TrafficPolicy) DeepCopy() *TrafficPolicy { + if in == nil { + return nil + } + out := new(TrafficPolicy) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *VirtualService) DeepCopyInto(out *VirtualService) { *out = *in diff --git a/client/clientset/versioned/clientset.go b/client/clientset/versioned/clientset.go index b5e5fa42f..ba98730a0 100644 --- a/client/clientset/versioned/clientset.go +++ b/client/clientset/versioned/clientset.go @@ -19,6 +19,7 @@ limitations under the License. package versioned import ( + authenticationv1alpha1 "github.com/knative/pkg/client/clientset/versioned/typed/authentication/v1alpha1" networkingv1alpha3 "github.com/knative/pkg/client/clientset/versioned/typed/istio/v1alpha3" discovery "k8s.io/client-go/discovery" rest "k8s.io/client-go/rest" @@ -27,6 +28,9 @@ import ( type Interface interface { Discovery() discovery.DiscoveryInterface + AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface + // Deprecated: please explicitly pick a version if possible. + Authentication() authenticationv1alpha1.AuthenticationV1alpha1Interface NetworkingV1alpha3() networkingv1alpha3.NetworkingV1alpha3Interface // Deprecated: please explicitly pick a version if possible. Networking() networkingv1alpha3.NetworkingV1alpha3Interface @@ -36,7 +40,19 @@ type Interface interface { // version included in a Clientset. type Clientset struct { *discovery.DiscoveryClient - networkingV1alpha3 *networkingv1alpha3.NetworkingV1alpha3Client + authenticationV1alpha1 *authenticationv1alpha1.AuthenticationV1alpha1Client + networkingV1alpha3 *networkingv1alpha3.NetworkingV1alpha3Client +} + +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 +} + +// Deprecated: Authentication retrieves the default version of AuthenticationClient. +// Please explicitly pick a version. +func (c *Clientset) Authentication() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return c.authenticationV1alpha1 } // NetworkingV1alpha3 retrieves the NetworkingV1alpha3Client @@ -66,6 +82,10 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { } var cs Clientset var err error + cs.authenticationV1alpha1, err = authenticationv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } cs.networkingV1alpha3, err = networkingv1alpha3.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -82,6 +102,7 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.NewForConfigOrDie(c) cs.networkingV1alpha3 = networkingv1alpha3.NewForConfigOrDie(c) cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) @@ -91,6 +112,7 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { // New creates a new Clientset for the given RESTClient. func New(c rest.Interface) *Clientset { var cs Clientset + cs.authenticationV1alpha1 = authenticationv1alpha1.New(c) cs.networkingV1alpha3 = networkingv1alpha3.New(c) cs.DiscoveryClient = discovery.NewDiscoveryClient(c) diff --git a/client/clientset/versioned/fake/clientset_generated.go b/client/clientset/versioned/fake/clientset_generated.go index 59a1bd4fe..6ffba3e2d 100644 --- a/client/clientset/versioned/fake/clientset_generated.go +++ b/client/clientset/versioned/fake/clientset_generated.go @@ -20,6 +20,8 @@ package fake import ( clientset "github.com/knative/pkg/client/clientset/versioned" + authenticationv1alpha1 "github.com/knative/pkg/client/clientset/versioned/typed/authentication/v1alpha1" + fakeauthenticationv1alpha1 "github.com/knative/pkg/client/clientset/versioned/typed/authentication/v1alpha1/fake" networkingv1alpha3 "github.com/knative/pkg/client/clientset/versioned/typed/istio/v1alpha3" fakenetworkingv1alpha3 "github.com/knative/pkg/client/clientset/versioned/typed/istio/v1alpha3/fake" "k8s.io/apimachinery/pkg/runtime" @@ -71,6 +73,16 @@ func (c *Clientset) Discovery() discovery.DiscoveryInterface { var _ clientset.Interface = &Clientset{} +// AuthenticationV1alpha1 retrieves the AuthenticationV1alpha1Client +func (c *Clientset) AuthenticationV1alpha1() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + +// Authentication retrieves the AuthenticationV1alpha1Client +func (c *Clientset) Authentication() authenticationv1alpha1.AuthenticationV1alpha1Interface { + return &fakeauthenticationv1alpha1.FakeAuthenticationV1alpha1{Fake: &c.Fake} +} + // NetworkingV1alpha3 retrieves the NetworkingV1alpha3Client func (c *Clientset) NetworkingV1alpha3() networkingv1alpha3.NetworkingV1alpha3Interface { return &fakenetworkingv1alpha3.FakeNetworkingV1alpha3{Fake: &c.Fake} diff --git a/client/clientset/versioned/fake/register.go b/client/clientset/versioned/fake/register.go index 515f804b1..54a70a222 100644 --- a/client/clientset/versioned/fake/register.go +++ b/client/clientset/versioned/fake/register.go @@ -19,6 +19,7 @@ limitations under the License. package fake import ( + authenticationv1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" networkingv1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -50,5 +51,6 @@ func init() { // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types // correctly. func AddToScheme(scheme *runtime.Scheme) { + authenticationv1alpha1.AddToScheme(scheme) networkingv1alpha3.AddToScheme(scheme) } diff --git a/client/clientset/versioned/scheme/register.go b/client/clientset/versioned/scheme/register.go index 8058d5256..c796f6a6a 100644 --- a/client/clientset/versioned/scheme/register.go +++ b/client/clientset/versioned/scheme/register.go @@ -19,6 +19,7 @@ limitations under the License. package scheme import ( + authenticationv1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" networkingv1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" @@ -50,5 +51,6 @@ func init() { // After this, RawExtensions in Kubernetes types will serialize kube-aggregator types // correctly. func AddToScheme(scheme *runtime.Scheme) { + authenticationv1alpha1.AddToScheme(scheme) networkingv1alpha3.AddToScheme(scheme) } diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go b/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go new file mode 100644 index 000000000..d2c0d4331 --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/authentication_client.go @@ -0,0 +1,90 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" + "github.com/knative/pkg/client/clientset/versioned/scheme" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + rest "k8s.io/client-go/rest" +) + +type AuthenticationV1alpha1Interface interface { + RESTClient() rest.Interface + PoliciesGetter +} + +// AuthenticationV1alpha1Client is used to interact with features provided by the authentication.istio.io group. +type AuthenticationV1alpha1Client struct { + restClient rest.Interface +} + +func (c *AuthenticationV1alpha1Client) Policies(namespace string) PolicyInterface { + return newPolicies(c, namespace) +} + +// NewForConfig creates a new AuthenticationV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*AuthenticationV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &AuthenticationV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new AuthenticationV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *AuthenticationV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new AuthenticationV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *AuthenticationV1alpha1Client { + return &AuthenticationV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = serializer.DirectCodecFactory{CodecFactory: scheme.Codecs} + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *AuthenticationV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/doc.go b/client/clientset/versioned/typed/authentication/v1alpha1/doc.go new file mode 100644 index 000000000..75445c179 --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go b/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go new file mode 100644 index 000000000..128aa183a --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/fake/doc.go @@ -0,0 +1,20 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go b/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go new file mode 100644 index 000000000..01732dd54 --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_authentication_client.go @@ -0,0 +1,40 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/knative/pkg/client/clientset/versioned/typed/authentication/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeAuthenticationV1alpha1 struct { + *testing.Fake +} + +func (c *FakeAuthenticationV1alpha1) Policies(namespace string) v1alpha1.PolicyInterface { + return &FakePolicies{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeAuthenticationV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_policy.go b/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_policy.go new file mode 100644 index 000000000..959baceb3 --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/fake/fake_policy.go @@ -0,0 +1,128 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakePolicies implements PolicyInterface +type FakePolicies struct { + Fake *FakeAuthenticationV1alpha1 + ns string +} + +var policiesResource = schema.GroupVersionResource{Group: "authentication.istio.io", Version: "v1alpha1", Resource: "policies"} + +var policiesKind = schema.GroupVersionKind{Group: "authentication.istio.io", Version: "v1alpha1", Kind: "Policy"} + +// Get takes name of the policy, and returns the corresponding policy object, and an error if there is any. +func (c *FakePolicies) Get(name string, options v1.GetOptions) (result *v1alpha1.Policy, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(policiesResource, c.ns, name), &v1alpha1.Policy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Policy), err +} + +// List takes label and field selectors, and returns the list of Policies that match those selectors. +func (c *FakePolicies) List(opts v1.ListOptions) (result *v1alpha1.PolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(policiesResource, policiesKind, c.ns, opts), &v1alpha1.PolicyList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.PolicyList{ListMeta: obj.(*v1alpha1.PolicyList).ListMeta} + for _, item := range obj.(*v1alpha1.PolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested policies. +func (c *FakePolicies) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(policiesResource, c.ns, opts)) + +} + +// Create takes the representation of a policy and creates it. Returns the server's representation of the policy, and an error, if there is any. +func (c *FakePolicies) Create(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(policiesResource, c.ns, policy), &v1alpha1.Policy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Policy), err +} + +// Update takes the representation of a policy and updates it. Returns the server's representation of the policy, and an error, if there is any. +func (c *FakePolicies) Update(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(policiesResource, c.ns, policy), &v1alpha1.Policy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Policy), err +} + +// Delete takes name of the policy and deletes it. Returns an error if one occurs. +func (c *FakePolicies) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(policiesResource, c.ns, name), &v1alpha1.Policy{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakePolicies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(policiesResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha1.PolicyList{}) + return err +} + +// Patch applies the patch and returns the patched policy. +func (c *FakePolicies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Policy, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(policiesResource, c.ns, name, data, subresources...), &v1alpha1.Policy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Policy), err +} diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go b/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go new file mode 100644 index 000000000..d986b9fcb --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/generated_expansion.go @@ -0,0 +1,21 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type PolicyExpansion interface{} diff --git a/client/clientset/versioned/typed/authentication/v1alpha1/policy.go b/client/clientset/versioned/typed/authentication/v1alpha1/policy.go new file mode 100644 index 000000000..ee24e798b --- /dev/null +++ b/client/clientset/versioned/typed/authentication/v1alpha1/policy.go @@ -0,0 +1,157 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" + scheme "github.com/knative/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// PoliciesGetter has a method to return a PolicyInterface. +// A group's client should implement this interface. +type PoliciesGetter interface { + Policies(namespace string) PolicyInterface +} + +// PolicyInterface has methods to work with Policy resources. +type PolicyInterface interface { + Create(*v1alpha1.Policy) (*v1alpha1.Policy, error) + Update(*v1alpha1.Policy) (*v1alpha1.Policy, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha1.Policy, error) + List(opts v1.ListOptions) (*v1alpha1.PolicyList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Policy, err error) + PolicyExpansion +} + +// policies implements PolicyInterface +type policies struct { + client rest.Interface + ns string +} + +// newPolicies returns a Policies +func newPolicies(c *AuthenticationV1alpha1Client, namespace string) *policies { + return &policies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the policy, and returns the corresponding policy object, and an error if there is any. +func (c *policies) Get(name string, options v1.GetOptions) (result *v1alpha1.Policy, err error) { + result = &v1alpha1.Policy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("policies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Policies that match those selectors. +func (c *policies) List(opts v1.ListOptions) (result *v1alpha1.PolicyList, err error) { + result = &v1alpha1.PolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("policies"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested policies. +func (c *policies) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("policies"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a policy and creates it. Returns the server's representation of the policy, and an error, if there is any. +func (c *policies) Create(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) { + result = &v1alpha1.Policy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("policies"). + Body(policy). + Do(). + Into(result) + return +} + +// Update takes the representation of a policy and updates it. Returns the server's representation of the policy, and an error, if there is any. +func (c *policies) Update(policy *v1alpha1.Policy) (result *v1alpha1.Policy, err error) { + result = &v1alpha1.Policy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("policies"). + Name(policy.Name). + Body(policy). + Do(). + Into(result) + return +} + +// Delete takes name of the policy and deletes it. Returns an error if one occurs. +func (c *policies) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("policies"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *policies) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("policies"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched policy. +func (c *policies) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha1.Policy, err error) { + result = &v1alpha1.Policy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("policies"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/client/clientset/versioned/typed/istio/v1alpha3/destinationrule.go b/client/clientset/versioned/typed/istio/v1alpha3/destinationrule.go new file mode 100644 index 000000000..465b9adbd --- /dev/null +++ b/client/clientset/versioned/typed/istio/v1alpha3/destinationrule.go @@ -0,0 +1,157 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha3 + +import ( + v1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" + scheme "github.com/knative/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// DestinationRulesGetter has a method to return a DestinationRuleInterface. +// A group's client should implement this interface. +type DestinationRulesGetter interface { + DestinationRules(namespace string) DestinationRuleInterface +} + +// DestinationRuleInterface has methods to work with DestinationRule resources. +type DestinationRuleInterface interface { + Create(*v1alpha3.DestinationRule) (*v1alpha3.DestinationRule, error) + Update(*v1alpha3.DestinationRule) (*v1alpha3.DestinationRule, error) + Delete(name string, options *v1.DeleteOptions) error + DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error + Get(name string, options v1.GetOptions) (*v1alpha3.DestinationRule, error) + List(opts v1.ListOptions) (*v1alpha3.DestinationRuleList, error) + Watch(opts v1.ListOptions) (watch.Interface, error) + Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha3.DestinationRule, err error) + DestinationRuleExpansion +} + +// destinationRules implements DestinationRuleInterface +type destinationRules struct { + client rest.Interface + ns string +} + +// newDestinationRules returns a DestinationRules +func newDestinationRules(c *NetworkingV1alpha3Client, namespace string) *destinationRules { + return &destinationRules{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the destinationRule, and returns the corresponding destinationRule object, and an error if there is any. +func (c *destinationRules) Get(name string, options v1.GetOptions) (result *v1alpha3.DestinationRule, err error) { + result = &v1alpha3.DestinationRule{} + err = c.client.Get(). + Namespace(c.ns). + Resource("destinationrules"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of DestinationRules that match those selectors. +func (c *destinationRules) List(opts v1.ListOptions) (result *v1alpha3.DestinationRuleList, err error) { + result = &v1alpha3.DestinationRuleList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("destinationrules"). + VersionedParams(&opts, scheme.ParameterCodec). + Do(). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested destinationRules. +func (c *destinationRules) Watch(opts v1.ListOptions) (watch.Interface, error) { + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("destinationrules"). + VersionedParams(&opts, scheme.ParameterCodec). + Watch() +} + +// Create takes the representation of a destinationRule and creates it. Returns the server's representation of the destinationRule, and an error, if there is any. +func (c *destinationRules) Create(destinationRule *v1alpha3.DestinationRule) (result *v1alpha3.DestinationRule, err error) { + result = &v1alpha3.DestinationRule{} + err = c.client.Post(). + Namespace(c.ns). + Resource("destinationrules"). + Body(destinationRule). + Do(). + Into(result) + return +} + +// Update takes the representation of a destinationRule and updates it. Returns the server's representation of the destinationRule, and an error, if there is any. +func (c *destinationRules) Update(destinationRule *v1alpha3.DestinationRule) (result *v1alpha3.DestinationRule, err error) { + result = &v1alpha3.DestinationRule{} + err = c.client.Put(). + Namespace(c.ns). + Resource("destinationrules"). + Name(destinationRule.Name). + Body(destinationRule). + Do(). + Into(result) + return +} + +// Delete takes name of the destinationRule and deletes it. Returns an error if one occurs. +func (c *destinationRules) Delete(name string, options *v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("destinationrules"). + Name(name). + Body(options). + Do(). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *destinationRules) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("destinationrules"). + VersionedParams(&listOptions, scheme.ParameterCodec). + Body(options). + Do(). + Error() +} + +// Patch applies the patch and returns the patched destinationRule. +func (c *destinationRules) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha3.DestinationRule, err error) { + result = &v1alpha3.DestinationRule{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("destinationrules"). + SubResource(subresources...). + Name(name). + Body(data). + Do(). + Into(result) + return +} diff --git a/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_destinationrule.go b/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_destinationrule.go new file mode 100644 index 000000000..b8a3cfc0d --- /dev/null +++ b/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_destinationrule.go @@ -0,0 +1,128 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeDestinationRules implements DestinationRuleInterface +type FakeDestinationRules struct { + Fake *FakeNetworkingV1alpha3 + ns string +} + +var destinationrulesResource = schema.GroupVersionResource{Group: "networking.istio.io", Version: "v1alpha3", Resource: "destinationrules"} + +var destinationrulesKind = schema.GroupVersionKind{Group: "networking.istio.io", Version: "v1alpha3", Kind: "DestinationRule"} + +// Get takes name of the destinationRule, and returns the corresponding destinationRule object, and an error if there is any. +func (c *FakeDestinationRules) Get(name string, options v1.GetOptions) (result *v1alpha3.DestinationRule, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(destinationrulesResource, c.ns, name), &v1alpha3.DestinationRule{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha3.DestinationRule), err +} + +// List takes label and field selectors, and returns the list of DestinationRules that match those selectors. +func (c *FakeDestinationRules) List(opts v1.ListOptions) (result *v1alpha3.DestinationRuleList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(destinationrulesResource, destinationrulesKind, c.ns, opts), &v1alpha3.DestinationRuleList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha3.DestinationRuleList{ListMeta: obj.(*v1alpha3.DestinationRuleList).ListMeta} + for _, item := range obj.(*v1alpha3.DestinationRuleList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested destinationRules. +func (c *FakeDestinationRules) Watch(opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(destinationrulesResource, c.ns, opts)) + +} + +// Create takes the representation of a destinationRule and creates it. Returns the server's representation of the destinationRule, and an error, if there is any. +func (c *FakeDestinationRules) Create(destinationRule *v1alpha3.DestinationRule) (result *v1alpha3.DestinationRule, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(destinationrulesResource, c.ns, destinationRule), &v1alpha3.DestinationRule{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha3.DestinationRule), err +} + +// Update takes the representation of a destinationRule and updates it. Returns the server's representation of the destinationRule, and an error, if there is any. +func (c *FakeDestinationRules) Update(destinationRule *v1alpha3.DestinationRule) (result *v1alpha3.DestinationRule, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(destinationrulesResource, c.ns, destinationRule), &v1alpha3.DestinationRule{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha3.DestinationRule), err +} + +// Delete takes name of the destinationRule and deletes it. Returns an error if one occurs. +func (c *FakeDestinationRules) Delete(name string, options *v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(destinationrulesResource, c.ns, name), &v1alpha3.DestinationRule{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeDestinationRules) DeleteCollection(options *v1.DeleteOptions, listOptions v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(destinationrulesResource, c.ns, listOptions) + + _, err := c.Fake.Invokes(action, &v1alpha3.DestinationRuleList{}) + return err +} + +// Patch applies the patch and returns the patched destinationRule. +func (c *FakeDestinationRules) Patch(name string, pt types.PatchType, data []byte, subresources ...string) (result *v1alpha3.DestinationRule, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(destinationrulesResource, c.ns, name, data, subresources...), &v1alpha3.DestinationRule{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha3.DestinationRule), err +} diff --git a/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_istio_client.go b/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_istio_client.go index 74ba2ffc5..f9b342493 100644 --- a/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_istio_client.go +++ b/client/clientset/versioned/typed/istio/v1alpha3/fake/fake_istio_client.go @@ -28,6 +28,10 @@ type FakeNetworkingV1alpha3 struct { *testing.Fake } +func (c *FakeNetworkingV1alpha3) DestinationRules(namespace string) v1alpha3.DestinationRuleInterface { + return &FakeDestinationRules{c, namespace} +} + func (c *FakeNetworkingV1alpha3) Gateways(namespace string) v1alpha3.GatewayInterface { return &FakeGateways{c, namespace} } diff --git a/client/clientset/versioned/typed/istio/v1alpha3/generated_expansion.go b/client/clientset/versioned/typed/istio/v1alpha3/generated_expansion.go index 1e2062d80..2f806db14 100644 --- a/client/clientset/versioned/typed/istio/v1alpha3/generated_expansion.go +++ b/client/clientset/versioned/typed/istio/v1alpha3/generated_expansion.go @@ -18,6 +18,8 @@ limitations under the License. package v1alpha3 +type DestinationRuleExpansion interface{} + type GatewayExpansion interface{} type VirtualServiceExpansion interface{} diff --git a/client/clientset/versioned/typed/istio/v1alpha3/istio_client.go b/client/clientset/versioned/typed/istio/v1alpha3/istio_client.go index 3fa319042..fd7ed4282 100644 --- a/client/clientset/versioned/typed/istio/v1alpha3/istio_client.go +++ b/client/clientset/versioned/typed/istio/v1alpha3/istio_client.go @@ -27,6 +27,7 @@ import ( type NetworkingV1alpha3Interface interface { RESTClient() rest.Interface + DestinationRulesGetter GatewaysGetter VirtualServicesGetter } @@ -36,6 +37,10 @@ type NetworkingV1alpha3Client struct { restClient rest.Interface } +func (c *NetworkingV1alpha3Client) DestinationRules(namespace string) DestinationRuleInterface { + return newDestinationRules(c, namespace) +} + func (c *NetworkingV1alpha3Client) Gateways(namespace string) GatewayInterface { return newGateways(c, namespace) } diff --git a/client/informers/externalversions/authentication/interface.go b/client/informers/externalversions/authentication/interface.go new file mode 100644 index 000000000..e3fc7fe8c --- /dev/null +++ b/client/informers/externalversions/authentication/interface.go @@ -0,0 +1,46 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package authentication + +import ( + v1alpha1 "github.com/knative/pkg/client/informers/externalversions/authentication/v1alpha1" + internalinterfaces "github.com/knative/pkg/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/client/informers/externalversions/authentication/v1alpha1/interface.go b/client/informers/externalversions/authentication/v1alpha1/interface.go new file mode 100644 index 000000000..a4f6518b9 --- /dev/null +++ b/client/informers/externalversions/authentication/v1alpha1/interface.go @@ -0,0 +1,45 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "github.com/knative/pkg/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // Policies returns a PolicyInformer. + Policies() PolicyInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// Policies returns a PolicyInformer. +func (v *version) Policies() PolicyInformer { + return &policyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/client/informers/externalversions/authentication/v1alpha1/policy.go b/client/informers/externalversions/authentication/v1alpha1/policy.go new file mode 100644 index 000000000..fabb2bda2 --- /dev/null +++ b/client/informers/externalversions/authentication/v1alpha1/policy.go @@ -0,0 +1,89 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + time "time" + + authenticationv1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" + versioned "github.com/knative/pkg/client/clientset/versioned" + internalinterfaces "github.com/knative/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/knative/pkg/client/listers/authentication/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// PolicyInformer provides access to a shared informer and lister for +// Policies. +type PolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.PolicyLister +} + +type policyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewPolicyInformer constructs a new informer for Policy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredPolicyInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredPolicyInformer constructs a new informer for Policy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().Policies(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.AuthenticationV1alpha1().Policies(namespace).Watch(options) + }, + }, + &authenticationv1alpha1.Policy{}, + resyncPeriod, + indexers, + ) +} + +func (f *policyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredPolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *policyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&authenticationv1alpha1.Policy{}, f.defaultInformer) +} + +func (f *policyInformer) Lister() v1alpha1.PolicyLister { + return v1alpha1.NewPolicyLister(f.Informer().GetIndexer()) +} diff --git a/client/informers/externalversions/factory.go b/client/informers/externalversions/factory.go index 1489c5ee7..297b59402 100644 --- a/client/informers/externalversions/factory.go +++ b/client/informers/externalversions/factory.go @@ -24,6 +24,7 @@ import ( time "time" versioned "github.com/knative/pkg/client/clientset/versioned" + authentication "github.com/knative/pkg/client/informers/externalversions/authentication" internalinterfaces "github.com/knative/pkg/client/informers/externalversions/internalinterfaces" istio "github.com/knative/pkg/client/informers/externalversions/istio" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -172,9 +173,14 @@ type SharedInformerFactory interface { ForResource(resource schema.GroupVersionResource) (GenericInformer, error) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + Authentication() authentication.Interface Networking() istio.Interface } +func (f *sharedInformerFactory) Authentication() authentication.Interface { + return authentication.New(f, f.namespace, f.tweakListOptions) +} + func (f *sharedInformerFactory) Networking() istio.Interface { return istio.New(f, f.namespace, f.tweakListOptions) } diff --git a/client/informers/externalversions/generic.go b/client/informers/externalversions/generic.go index ba6a2531c..66737d499 100644 --- a/client/informers/externalversions/generic.go +++ b/client/informers/externalversions/generic.go @@ -21,6 +21,7 @@ package externalversions import ( "fmt" + v1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" v1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" @@ -52,7 +53,13 @@ func (f *genericInformer) Lister() cache.GenericLister { // TODO extend this to unknown resources with a client pool func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { switch resource { - // Group=networking.istio.io, Version=v1alpha3 + // Group=authentication.istio.io, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("policies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Authentication().V1alpha1().Policies().Informer()}, nil + + // Group=networking.istio.io, Version=v1alpha3 + case v1alpha3.SchemeGroupVersion.WithResource("destinationrules"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1alpha3().DestinationRules().Informer()}, nil case v1alpha3.SchemeGroupVersion.WithResource("gateways"): return &genericInformer{resource: resource.GroupResource(), informer: f.Networking().V1alpha3().Gateways().Informer()}, nil case v1alpha3.SchemeGroupVersion.WithResource("virtualservices"): diff --git a/client/informers/externalversions/istio/v1alpha3/destinationrule.go b/client/informers/externalversions/istio/v1alpha3/destinationrule.go new file mode 100644 index 000000000..c080d94bf --- /dev/null +++ b/client/informers/externalversions/istio/v1alpha3/destinationrule.go @@ -0,0 +1,89 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha3 + +import ( + time "time" + + istiov1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" + versioned "github.com/knative/pkg/client/clientset/versioned" + internalinterfaces "github.com/knative/pkg/client/informers/externalversions/internalinterfaces" + v1alpha3 "github.com/knative/pkg/client/listers/istio/v1alpha3" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// DestinationRuleInformer provides access to a shared informer and lister for +// DestinationRules. +type DestinationRuleInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha3.DestinationRuleLister +} + +type destinationRuleInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewDestinationRuleInformer constructs a new informer for DestinationRule type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewDestinationRuleInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredDestinationRuleInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredDestinationRuleInformer constructs a new informer for DestinationRule type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredDestinationRuleInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.NetworkingV1alpha3().DestinationRules(namespace).List(options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.NetworkingV1alpha3().DestinationRules(namespace).Watch(options) + }, + }, + &istiov1alpha3.DestinationRule{}, + resyncPeriod, + indexers, + ) +} + +func (f *destinationRuleInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredDestinationRuleInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *destinationRuleInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&istiov1alpha3.DestinationRule{}, f.defaultInformer) +} + +func (f *destinationRuleInformer) Lister() v1alpha3.DestinationRuleLister { + return v1alpha3.NewDestinationRuleLister(f.Informer().GetIndexer()) +} diff --git a/client/informers/externalversions/istio/v1alpha3/interface.go b/client/informers/externalversions/istio/v1alpha3/interface.go index 6bda46ee8..c03f5b447 100644 --- a/client/informers/externalversions/istio/v1alpha3/interface.go +++ b/client/informers/externalversions/istio/v1alpha3/interface.go @@ -24,6 +24,8 @@ import ( // Interface provides access to all the informers in this group version. type Interface interface { + // DestinationRules returns a DestinationRuleInformer. + DestinationRules() DestinationRuleInformer // Gateways returns a GatewayInformer. Gateways() GatewayInformer // VirtualServices returns a VirtualServiceInformer. @@ -41,6 +43,11 @@ func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakList return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} } +// DestinationRules returns a DestinationRuleInformer. +func (v *version) DestinationRules() DestinationRuleInformer { + return &destinationRuleInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + // Gateways returns a GatewayInformer. func (v *version) Gateways() GatewayInformer { return &gatewayInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} diff --git a/client/listers/authentication/v1alpha1/expansion_generated.go b/client/listers/authentication/v1alpha1/expansion_generated.go new file mode 100644 index 000000000..a80338584 --- /dev/null +++ b/client/listers/authentication/v1alpha1/expansion_generated.go @@ -0,0 +1,27 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// PolicyListerExpansion allows custom methods to be added to +// PolicyLister. +type PolicyListerExpansion interface{} + +// PolicyNamespaceListerExpansion allows custom methods to be added to +// PolicyNamespaceLister. +type PolicyNamespaceListerExpansion interface{} diff --git a/client/listers/authentication/v1alpha1/policy.go b/client/listers/authentication/v1alpha1/policy.go new file mode 100644 index 000000000..73bef4463 --- /dev/null +++ b/client/listers/authentication/v1alpha1/policy.go @@ -0,0 +1,94 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/knative/pkg/apis/istio/authentication/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// PolicyLister helps list Policies. +type PolicyLister interface { + // List lists all Policies in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.Policy, err error) + // Policies returns an object that can list and get Policies. + Policies(namespace string) PolicyNamespaceLister + PolicyListerExpansion +} + +// policyLister implements the PolicyLister interface. +type policyLister struct { + indexer cache.Indexer +} + +// NewPolicyLister returns a new PolicyLister. +func NewPolicyLister(indexer cache.Indexer) PolicyLister { + return &policyLister{indexer: indexer} +} + +// List lists all Policies in the indexer. +func (s *policyLister) List(selector labels.Selector) (ret []*v1alpha1.Policy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Policy)) + }) + return ret, err +} + +// Policies returns an object that can list and get Policies. +func (s *policyLister) Policies(namespace string) PolicyNamespaceLister { + return policyNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// PolicyNamespaceLister helps list and get Policies. +type PolicyNamespaceLister interface { + // List lists all Policies in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.Policy, err error) + // Get retrieves the Policy from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.Policy, error) + PolicyNamespaceListerExpansion +} + +// policyNamespaceLister implements the PolicyNamespaceLister +// interface. +type policyNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all Policies in the indexer for a given namespace. +func (s policyNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.Policy, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Policy)) + }) + return ret, err +} + +// Get retrieves the Policy from the indexer for a given namespace and name. +func (s policyNamespaceLister) Get(name string) (*v1alpha1.Policy, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("policy"), name) + } + return obj.(*v1alpha1.Policy), nil +} diff --git a/client/listers/istio/v1alpha3/destinationrule.go b/client/listers/istio/v1alpha3/destinationrule.go new file mode 100644 index 000000000..804b19cbb --- /dev/null +++ b/client/listers/istio/v1alpha3/destinationrule.go @@ -0,0 +1,94 @@ +/* +Copyright 2018 The Knative Authors + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha3 + +import ( + v1alpha3 "github.com/knative/pkg/apis/istio/v1alpha3" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// DestinationRuleLister helps list DestinationRules. +type DestinationRuleLister interface { + // List lists all DestinationRules in the indexer. + List(selector labels.Selector) (ret []*v1alpha3.DestinationRule, err error) + // DestinationRules returns an object that can list and get DestinationRules. + DestinationRules(namespace string) DestinationRuleNamespaceLister + DestinationRuleListerExpansion +} + +// destinationRuleLister implements the DestinationRuleLister interface. +type destinationRuleLister struct { + indexer cache.Indexer +} + +// NewDestinationRuleLister returns a new DestinationRuleLister. +func NewDestinationRuleLister(indexer cache.Indexer) DestinationRuleLister { + return &destinationRuleLister{indexer: indexer} +} + +// List lists all DestinationRules in the indexer. +func (s *destinationRuleLister) List(selector labels.Selector) (ret []*v1alpha3.DestinationRule, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha3.DestinationRule)) + }) + return ret, err +} + +// DestinationRules returns an object that can list and get DestinationRules. +func (s *destinationRuleLister) DestinationRules(namespace string) DestinationRuleNamespaceLister { + return destinationRuleNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// DestinationRuleNamespaceLister helps list and get DestinationRules. +type DestinationRuleNamespaceLister interface { + // List lists all DestinationRules in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha3.DestinationRule, err error) + // Get retrieves the DestinationRule from the indexer for a given namespace and name. + Get(name string) (*v1alpha3.DestinationRule, error) + DestinationRuleNamespaceListerExpansion +} + +// destinationRuleNamespaceLister implements the DestinationRuleNamespaceLister +// interface. +type destinationRuleNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all DestinationRules in the indexer for a given namespace. +func (s destinationRuleNamespaceLister) List(selector labels.Selector) (ret []*v1alpha3.DestinationRule, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha3.DestinationRule)) + }) + return ret, err +} + +// Get retrieves the DestinationRule from the indexer for a given namespace and name. +func (s destinationRuleNamespaceLister) Get(name string) (*v1alpha3.DestinationRule, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha3.Resource("destinationrule"), name) + } + return obj.(*v1alpha3.DestinationRule), nil +} diff --git a/client/listers/istio/v1alpha3/expansion_generated.go b/client/listers/istio/v1alpha3/expansion_generated.go index 3e06aa85b..2b9f90f67 100644 --- a/client/listers/istio/v1alpha3/expansion_generated.go +++ b/client/listers/istio/v1alpha3/expansion_generated.go @@ -18,6 +18,14 @@ limitations under the License. package v1alpha3 +// DestinationRuleListerExpansion allows custom methods to be added to +// DestinationRuleLister. +type DestinationRuleListerExpansion interface{} + +// DestinationRuleNamespaceListerExpansion allows custom methods to be added to +// DestinationRuleNamespaceLister. +type DestinationRuleNamespaceListerExpansion interface{} + // GatewayListerExpansion allows custom methods to be added to // GatewayLister. type GatewayListerExpansion interface{} diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh index cc9fb2a9d..de900a65b 100755 --- a/hack/update-codegen.sh +++ b/hack/update-codegen.sh @@ -29,7 +29,7 @@ go install ./vendor/k8s.io/code-generator/cmd/deepcopy-gen # instead of the $GOPATH directly. For normal projects this can be dropped. ${CODEGEN_PKG}/generate-groups.sh "deepcopy,client,informer,lister" \ github.com/knative/pkg/client github.com/knative/pkg/apis \ - "istio:v1alpha3" \ + "istio:v1alpha3 istio/authentication:v1alpha1" \ --go-header-file ${PKG_ROOT}/hack/boilerplate/boilerplate.go.txt # Depends on generate-groups.sh to install bin/deepcopy-gen