Skip to content

Commit

Permalink
Revert "removed api-gateway component from components list (#18345)" (#…
Browse files Browse the repository at this point in the history
…18365)

This reverts commit c8441e5.
  • Loading branch information
strekm authored Oct 26, 2023
1 parent 85acdfb commit 8f200bb
Show file tree
Hide file tree
Showing 3 changed files with 418 additions and 0 deletions.
4 changes: 4 additions & 0 deletions installation/resources/components.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ defaultNamespace: kyma-system
prerequisites:
- name: "istio"
namespace: "istio-system"
- name: "certificates"
namespace: "istio-system"
components:
- name: "eventing"
- name: "ory"
- name: "api-gateway"
- name: "application-connector"
275 changes: 275 additions & 0 deletions installation/resources/crds/api-gateway/apirules.gateway.crd.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,275 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
creationTimestamp: null
name: apirules.gateway.kyma-project.io
spec:
group: gateway.kyma-project.io
names:
kind: APIRule
listKind: APIRuleList
plural: apirules
singular: apirule
scope: Namespaced
preserveUnknownFields: false
versions:
- additionalPrinterColumns:
- jsonPath: .status.APIRuleStatus.code
name: Status
type: string
- jsonPath: .spec.host
name: Host
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: APIRule is the Schema for ApiRule APIs.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Defines the desired state of APIRule.
properties:
gateway:
description: Specifies the Istio Gateway to be used.
pattern: ^[0-9a-z-_]+(\/[0-9a-z-_]+|(\.[0-9a-z-_]+)*)$
type: string
host:
description: Specifies the URL of the exposed service.
maxLength: 256
minLength: 3
pattern: ^([a-zA-Z0-9][a-zA-Z0-9-_]*\.)*[a-zA-Z0-9]*[a-zA-Z0-9-_]*[[a-zA-Z0-9]+$
type: string
rules:
description: Represents the array of Oathkeeper access rules to be
applied.
items:
properties:
accessStrategies:
description: Specifies the list of access strategies. All strategies
listed in [Oathkeeper documentation](https://www.ory.sh/docs/oathkeeper/pipeline/authn)
are supported.
items:
description: Represents a handler that authenticates provided
credentials. See the corresponding type in the oathkeeper-maester
project.
properties:
config:
description: Configures the handler. Configuration keys
vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
properties:
jwks_urls:
description: Specifies the array of URLs from which Ory Oathkeeper can retrieve JSON Web Keys for validating JSON Web Token.
The value must begin with either `http://`, `https://`, or `file://`.
type: array
items:
type: string
pattern: ^(http://|https://|file://).*$
trusted_issuers:
description: If the **trusted_issuers** field is set, the JWT must contain a value for the claim `iss`
that matches exactly (case-sensitive) one of the values of **trusted_issuers**.
The value must begin with either `http://`, `https://`, or `file://`.
type: array
items:
type: string
pattern: ^(http://|https://|file://).*$
handler:
description: Specifies the name of the handler.
type: string
required:
- handler
type: object
minItems: 1
type: array
methods:
description: Represents the list of allowed HTTP request methods
available for the **spec.rules.path**.
items:
type: string
minItems: 1
type: array
mutators:
description: Specifies the list of [Ory Oathkeeper mutators](https://www.ory.sh/docs/oathkeeper/pipeline/mutator).
items:
description: Mutator represents a handler that transforms
the HTTP request before forwarding it. See the corresponding
in the oathkeeper-maester project.
properties:
config:
description: Configures the handler. Configuration keys
vary per handler.
type: object
x-kubernetes-preserve-unknown-fields: true
handler:
description: Specifies the name of the handler.
type: string
required:
- handler
type: object
type: array
path:
description: Specifies the path of the exposed service.
pattern: ^([0-9a-zA-Z./*()?!\\_-]+)
type: string
service:
description: Describes the service to expose. Overwrites the
**spec** level service if defined.
properties:
external:
description: Specifies if the service is internal (in cluster)
or external.
type: boolean
name:
description: Specifies the name of the exposed service.
type: string
namespace:
description: Specifies the Namespace of the exposed service.
If not defined, it defaults to the APIRule Namespace.
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
port:
description: Specifies the communication port of the exposed
service.
format: int32
maximum: 65535
minimum: 1
type: integer
required:
- name
- port
type: object
timeout:
description: Specifies the timeout, in seconds, for
HTTP requests made to **spec.rules.path**. The maximum timeout is limited
to 3900 seconds (65 minutes). Timeout definitions set at this level
take precedence over any timeout defined at the **spec.timeout** level.
maximum: 3900
minimum: 1
type: integer
required:
- accessStrategies
- methods
- path
type: object
minItems: 1
type: array
service:
description: Describes the service to expose.
properties:
external:
description: Specifies if the service is internal (in cluster)
or external.
type: boolean
name:
description: Specifies the name of the exposed service.
type: string
namespace:
description: Specifies the Namespace of the exposed service. If
not defined, it defaults to the APIRule Namespace.
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
port:
description: Specifies the communication port of the exposed service.
format: int32
maximum: 65535
minimum: 1
type: integer
required:
- name
- port
type: object
timeout:
description: Specifies the timeout, in seconds, for HTTP requests for all Oathkeeper access rules.
However, this value can be overridden for each individual rule.
The maximum timeout is limited to 3900 seconds (65 minutes).
If no timeout is specified, the default timeout of 180 seconds applies.
maximum: 3900
minimum: 1
type: integer
required:
- gateway
- host
- rules
type: object
status:
description: Describes the observed state of ApiRule.
properties:
APIRuleStatus:
description: Describes the status of APIRule.
properties:
code:
description: Status code describing APIRule.
type: string
desc:
description: Explains the status of APIRule.
type: string
type: object
accessRuleStatus:
description: Describes the status of ORY Oathkeeper Rule.
properties:
code:
description: Status code describing ORY Oathkeeper Rule.
type: string
desc:
description: Explains the status of ORY Oathkeeper Rule.
type: string
type: object
authorizationPolicyStatus:
description: Describes the status of the Istio Authorization Policy subresource.
properties:
code:
description: Status code describing the Istio Authorization Policy subresource.
type: string
desc:
description: Explains the status of the Istio Authorization Policy subresource.
type: string
type: object
lastProcessedTime:
description: Indicates the timestamp when the API Gateway controller last processed APIRule.
format: date-time
type: string
observedGeneration:
description: Specifies the generation of the resource that was observed by the API Gateway controller.
format: int64
type: integer
requestAuthenticationStatus:
description: Describes the status of the Istio Request Authentication subresource.
properties:
code:
description: Status code describing the state of the Istio Authorization Policy subresource.
type: string
desc:
description: Explains the status of the Istio Request Authentication subresource.
type: string
type: object
virtualServiceStatus:
description: Describes the status of Istio VirtualService.
properties:
code:
description: Status code describing Istio VirtualService.
type: string
desc:
description: Explains the status of Istio VirtualService.
type: string
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
Loading

0 comments on commit 8f200bb

Please sign in to comment.