From c2140f84ad1cd496d33105bc3a81427a957597c2 Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Fri, 27 Oct 2023 15:47:01 +0100 Subject: [PATCH 1/7] Update gateway-api go pkg to v1.0.0 --- api/v1beta2/authpolicy_types.go | 6 +- api/v1beta2/authpolicy_types_test.go | 36 +- api/v1beta2/ratelimitpolicy_types.go | 10 +- api/v1beta2/ratelimitpolicy_types_test.go | 14 +- api/v1beta2/route_selectors.go | 20 +- api/v1beta2/route_selectors_test.go | 120 +++--- api/v1beta2/zz_generated.deepcopy.go | 6 +- controllers/authpolicy_authconfig.go | 48 +-- controllers/authpolicy_authconfig_test.go | 146 +++---- controllers/authpolicy_controller.go | 10 +- controllers/authpolicy_controller_test.go | 54 +-- .../authpolicy_istio_authorizationpolicy.go | 32 +- ...thpolicy_istio_authorizationpolicy_test.go | 110 ++--- controllers/gateway_eventmapper.go | 6 +- controllers/gateway_kuadrant_controller.go | 10 +- .../gateway_kuadrant_controller_test.go | 10 +- controllers/helper_test.go | 68 +-- .../httprouteparentrefs_eventmapper.go | 10 +- controllers/kuadrant_controller.go | 6 +- ...imitador_cluster_envoyfilter_controller.go | 10 +- ...dor_cluster_envoyfilter_controller_test.go | 8 +- controllers/ratelimitpolicy_controller.go | 6 +- .../ratelimitpolicy_controller_test.go | 66 +-- .../ratelimitpolicy_istio_wasmplugin.go | 12 +- controllers/suite_test.go | 4 +- go.mod | 64 +-- go.sum | 186 ++++---- main.go | 4 +- pkg/common/common.go | 16 +- pkg/common/common_test.go | 50 +-- pkg/common/gatewayapi_utils.go | 82 ++-- pkg/common/gatewayapi_utils_test.go | 400 +++++++++--------- pkg/common/istio_utils.go | 4 +- pkg/common/istio_utils_test.go | 16 +- pkg/reconcilers/targetref_reconciler.go | 24 +- pkg/reconcilers/targetref_reconciler_test.go | 122 +++--- pkg/rlptools/wasm/types.go | 10 +- pkg/rlptools/wasm_utils.go | 18 +- pkg/rlptools/wasm_utils_test.go | 46 +- 39 files changed, 958 insertions(+), 912 deletions(-) diff --git a/api/v1beta2/authpolicy_types.go b/api/v1beta2/authpolicy_types.go index af7287341..85dfb9500 100644 --- a/api/v1beta2/authpolicy_types.go +++ b/api/v1beta2/authpolicy_types.go @@ -7,8 +7,8 @@ import ( "github.com/google/go-cmp/cmp" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" authorinoapi "github.com/kuadrant/authorino/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -266,8 +266,8 @@ func (ap *AuthPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { return ap.Spec.TargetRef } -func (ap *AuthPolicy) GetWrappedNamespace() gatewayapiv1beta1.Namespace { - return gatewayapiv1beta1.Namespace(ap.Namespace) +func (ap *AuthPolicy) GetWrappedNamespace() gatewayapiv1.Namespace { + return gatewayapiv1.Namespace(ap.Namespace) } // GetRulesHostnames returns all hostnames referenced in the route selectors of the policy. diff --git a/api/v1beta2/authpolicy_types_test.go b/api/v1beta2/authpolicy_types_test.go index 9e5bb6b6f..5f11f3f86 100644 --- a/api/v1beta2/authpolicy_types_test.go +++ b/api/v1beta2/authpolicy_types_test.go @@ -8,8 +8,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" authorinoapi "github.com/kuadrant/authorino/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -68,7 +68,7 @@ func TestAuthPolicyTargetKey(t *testing.T) { } // targetRef with namespace - policy.Spec.TargetRef.Namespace = ptr.To(gatewayapiv1beta1.Namespace("route-namespace")) + policy.Spec.TargetRef.Namespace = ptr.To(gatewayapiv1.Namespace("route-namespace")) expected = "route-namespace/my-route" if result := policy.TargetKey().String(); result != expected { t.Errorf("Expected target key %s, got %s", expected, result) @@ -113,7 +113,7 @@ func TestAuthPolicyGetRulesHostnames(t *testing.T) { } policy.Spec.RouteSelectors = []RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{"*.kuadrant.io", "toystore.kuadrant.io"}, + Hostnames: []gatewayapiv1.Hostname{"*.kuadrant.io", "toystore.kuadrant.io"}, }, } // 1 top-level route selectors with 2 hostnames @@ -190,7 +190,7 @@ func TestAuthPolicyGetRulesHostnames(t *testing.T) { CommonAuthRuleSpec: CommonAuthRuleSpec{ RouteSelectors: []RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{"*.kuadrant.io", "toystore.kuadrant.io"}, + Hostnames: []gatewayapiv1.Hostname{"*.kuadrant.io", "toystore.kuadrant.io"}, }, }, }, @@ -202,7 +202,7 @@ func TestAuthPolicyGetRulesHostnames(t *testing.T) { CommonAuthRuleSpec: CommonAuthRuleSpec{ RouteSelectors: []RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{"*.kuadrant.io"}, + Hostnames: []gatewayapiv1.Hostname{"*.kuadrant.io"}, }, }, }, @@ -330,10 +330,10 @@ func TestAuthPolicyValidate(t *testing.T) { }, RouteSelectors: []RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{"*.foo.io"}, - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Hostnames: []gatewayapiv1.Hostname{"*.foo.io"}, + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ + Path: &gatewayapiv1.HTTPPathMatch{ Value: ptr.To("/foo"), }, }, @@ -368,10 +368,10 @@ func TestAuthPolicyValidate(t *testing.T) { CommonAuthRuleSpec: CommonAuthRuleSpec{ RouteSelectors: []RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{"*.foo.io"}, - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Hostnames: []gatewayapiv1.Hostname{"*.foo.io"}, + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ + Path: &gatewayapiv1.HTTPPathMatch{ Value: ptr.To("/foo"), }, }, @@ -398,7 +398,7 @@ func TestAuthPolicyValidate(t *testing.T) { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: "my-route", - Namespace: ptr.To(gatewayapiv1beta1.Namespace("other-namespace")), + Namespace: ptr.To(gatewayapiv1.Namespace("other-namespace")), }, AuthScheme: AuthSchemeSpec{ Authentication: map[string]AuthenticationSpec{ @@ -411,10 +411,10 @@ func TestAuthPolicyValidate(t *testing.T) { CommonAuthRuleSpec: CommonAuthRuleSpec{ RouteSelectors: []RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{"*.foo.io"}, - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Hostnames: []gatewayapiv1.Hostname{"*.foo.io"}, + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ + Path: &gatewayapiv1.HTTPPathMatch{ Value: ptr.To("/foo"), }, }, @@ -445,10 +445,10 @@ func TestAuthPolicyValidate(t *testing.T) { func testBuildRouteSelector() RouteSelector { return RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ + Path: &gatewayapiv1.HTTPPathMatch{ Value: ptr.To("/toy"), }, }, diff --git a/api/v1beta2/ratelimitpolicy_types.go b/api/v1beta2/ratelimitpolicy_types.go index 1ba25a4a2..397420d63 100644 --- a/api/v1beta2/ratelimitpolicy_types.go +++ b/api/v1beta2/ratelimitpolicy_types.go @@ -24,8 +24,8 @@ import ( "github.com/kuadrant/kuadrant-operator/pkg/common" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) // EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! @@ -70,7 +70,7 @@ type Rate struct { } // RouteSelector defines semantics for matching an HTTP request based on conditions -// https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec +// https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec type WhenCondition struct { // Selector defines one item from the well known selectors // TODO Document properly "Well-known selector" https://github.com/Kuadrant/architecture/blob/main/rfcs/0001-rlp-v2.md#well-known-selectors @@ -226,15 +226,15 @@ func (r *RateLimitPolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReferenc return r.Spec.TargetRef } -func (r *RateLimitPolicy) GetWrappedNamespace() gatewayapiv1beta1.Namespace { - return gatewayapiv1beta1.Namespace(r.Namespace) +func (r *RateLimitPolicy) GetWrappedNamespace() gatewayapiv1.Namespace { + return gatewayapiv1.Namespace(r.Namespace) } func (r *RateLimitPolicy) GetRulesHostnames() (ruleHosts []string) { ruleHosts = make([]string, 0) for _, limit := range r.Spec.Limits { for _, routeSelector := range limit.RouteSelectors { - convertHostnamesToString := func(gwHostnames []gatewayapiv1beta1.Hostname) []string { + convertHostnamesToString := func(gwHostnames []gatewayapiv1.Hostname) []string { hostnames := make([]string, 0, len(gwHostnames)) for _, gwHostName := range gwHostnames { hostnames = append(hostnames, string(gwHostName)) diff --git a/api/v1beta2/ratelimitpolicy_types_test.go b/api/v1beta2/ratelimitpolicy_types_test.go index 140e82e13..b1fec0b24 100644 --- a/api/v1beta2/ratelimitpolicy_types_test.go +++ b/api/v1beta2/ratelimitpolicy_types_test.go @@ -7,13 +7,13 @@ import ( "testing" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/common" ) -func testBuildBasicRLP(name string, kind gatewayapiv1beta1.Kind) *RateLimitPolicy { +func testBuildBasicRLP(name string, kind gatewayapiv1.Kind) *RateLimitPolicy { return &RateLimitPolicy{ TypeMeta: metav1.TypeMeta{ Kind: "RateLimitPolicy", @@ -34,11 +34,11 @@ func testBuildBasicRLP(name string, kind gatewayapiv1beta1.Kind) *RateLimitPolic } func testBuildBasicGatewayRLP(name string) *RateLimitPolicy { - return testBuildBasicRLP(name, gatewayapiv1beta1.Kind("Gateway")) + return testBuildBasicRLP(name, gatewayapiv1.Kind("Gateway")) } func testBuildBasicHTTPRouteRLP(name string) *RateLimitPolicy { - return testBuildBasicRLP(name, gatewayapiv1beta1.Kind("HTTPRoute")) + return testBuildBasicRLP(name, gatewayapiv1.Kind("HTTPRoute")) } // TestRateLimitPolicyValidation calls rlp.Validate() @@ -62,7 +62,7 @@ func TestRateLimitPolicyValidation(t *testing.T) { // invalid group rlp = testBuildBasicHTTPRouteRLP(name) - rlp.Spec.TargetRef.Group = gatewayapiv1beta1.Group("foo.example.com") + rlp.Spec.TargetRef.Group = gatewayapiv1.Group("foo.example.com") err = rlp.Validate() if err == nil { t.Fatal(`rlp.Validate() did not return error and should`) @@ -73,7 +73,7 @@ func TestRateLimitPolicyValidation(t *testing.T) { // invalid kind rlp = testBuildBasicHTTPRouteRLP(name) - rlp.Spec.TargetRef.Kind = gatewayapiv1beta1.Kind("Foo") + rlp.Spec.TargetRef.Kind = gatewayapiv1.Kind("Foo") err = rlp.Validate() if err == nil { t.Fatal(`rlp.Validate() did not return error and should`) @@ -84,7 +84,7 @@ func TestRateLimitPolicyValidation(t *testing.T) { // Different namespace rlp = testBuildBasicHTTPRouteRLP(name) - otherNS := gatewayapiv1beta1.Namespace(rlp.GetNamespace() + "other") + otherNS := gatewayapiv1.Namespace(rlp.GetNamespace() + "other") rlp.Spec.TargetRef.Namespace = &otherNS err = rlp.Validate() if err == nil { diff --git a/api/v1beta2/route_selectors.go b/api/v1beta2/route_selectors.go index a40af94f2..c13c1237a 100644 --- a/api/v1beta2/route_selectors.go +++ b/api/v1beta2/route_selectors.go @@ -1,7 +1,7 @@ package v1beta2 import ( - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" orderedmap "github.com/elliotchance/orderedmap/v2" @@ -9,17 +9,17 @@ import ( ) // RouteSelector defines semantics for matching an HTTP request based on conditions -// https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec +// https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec type RouteSelector struct { // Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process the request - // https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + // https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec // +optional - Hostnames []gatewayapiv1beta1.Hostname `json:"hostnames,omitempty"` + Hostnames []gatewayapiv1.Hostname `json:"hostnames,omitempty"` // Matches define conditions used for matching the rule against incoming HTTP requests. - // https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + // https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec // +optional - Matches []gatewayapiv1beta1.HTTPRouteMatch `json:"matches,omitempty"` + Matches []gatewayapiv1.HTTPRouteMatch `json:"matches,omitempty"` } // SelectRules returns, from a HTTPRoute, all HTTPRouteRules that either specify no HTTRouteMatches or that contain at @@ -29,8 +29,8 @@ type RouteSelector struct { // Additionally, if the selector specifies a non-empty list of hostnames, a non-empty intersection between the literal // hostnames of the selector and set of hostnames specified in the HTTPRoute must exist. Otherwise, the function // returns nil. -func (s *RouteSelector) SelectRules(route *gatewayapiv1beta1.HTTPRoute) (rules []gatewayapiv1beta1.HTTPRouteRule) { - rulesIndices := orderedmap.NewOrderedMap[int, gatewayapiv1beta1.HTTPRouteRule]() +func (s *RouteSelector) SelectRules(route *gatewayapiv1.HTTPRoute) (rules []gatewayapiv1.HTTPRouteRule) { + rulesIndices := orderedmap.NewOrderedMap[int, gatewayapiv1.HTTPRouteRule]() if len(s.Hostnames) > 0 && !common.Intersect(s.Hostnames, route.Spec.Hostnames) { return nil } @@ -54,7 +54,7 @@ func (s *RouteSelector) SelectRules(route *gatewayapiv1beta1.HTTPRoute) (rules [ // HostnamesForConditions allows avoiding building conditions for hostnames that are excluded by the selector // or when the hostname is irrelevant (i.e. matches all hostnames) -func (s *RouteSelector) HostnamesForConditions(route *gatewayapiv1beta1.HTTPRoute) []gatewayapiv1beta1.Hostname { +func (s *RouteSelector) HostnamesForConditions(route *gatewayapiv1.HTTPRoute) []gatewayapiv1.Hostname { hostnames := route.Spec.Hostnames if len(s.Hostnames) > 0 { @@ -62,7 +62,7 @@ func (s *RouteSelector) HostnamesForConditions(route *gatewayapiv1beta1.HTTPRout } if common.SameElements(hostnames, route.Spec.Hostnames) { - return []gatewayapiv1beta1.Hostname{"*"} + return []gatewayapiv1.Hostname{"*"} } return hostnames diff --git a/api/v1beta2/route_selectors_test.go b/api/v1beta2/route_selectors_test.go index ee2cf9095..7e061ab8e 100644 --- a/api/v1beta2/route_selectors_test.go +++ b/api/v1beta2/route_selectors_test.go @@ -9,7 +9,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/kuadrant/kuadrant-operator/pkg/common" ) @@ -20,8 +20,8 @@ func TestRouteSelectors(t *testing.T) { testCases := []struct { name string routeSelector RouteSelector - route *gatewayapiv1beta1.HTTPRoute - expected []gatewayapiv1beta1.HTTPRouteRule + route *gatewayapiv1.HTTPRoute + expected []gatewayapiv1.HTTPRouteRule }{ { name: "empty route selector selects all HTTPRouteRules", @@ -32,56 +32,56 @@ func TestRouteSelectors(t *testing.T) { { name: "route selector selects the HTTPRouteRules whose set of HTTPRouteMatch is a perfect match", routeSelector: RouteSelector{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/assets"}[0], }, }, }, }, route: route, - expected: []gatewayapiv1beta1.HTTPRouteRule{route.Spec.Rules[1]}, + expected: []gatewayapiv1.HTTPRouteRule{route.Spec.Rules[1]}, }, { name: "route selector selects the HTTPRouteRules whose set of HTTPRouteMatch contains at least one match", routeSelector: RouteSelector{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethod("POST")}[0], + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethod("POST")}[0], }, }, }, route: route, - expected: []gatewayapiv1beta1.HTTPRouteRule{route.Spec.Rules[0]}, + expected: []gatewayapiv1.HTTPRouteRule{route.Spec.Rules[0]}, }, { name: "route selector with missing part of a HTTPRouteMatch still selects the HTTPRouteRules that match", routeSelector: RouteSelector{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, }, }, }, route: route, - expected: []gatewayapiv1beta1.HTTPRouteRule{route.Spec.Rules[0]}, + expected: []gatewayapiv1.HTTPRouteRule{route.Spec.Rules[0]}, }, { name: "route selector selects no HTTPRouteRule when no criterion matches", routeSelector: RouteSelector{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchExact}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchExact}[0], Value: &[]string{"/toy"}[0], }, }, @@ -93,7 +93,7 @@ func TestRouteSelectors(t *testing.T) { { name: "route selector selects the HTTPRouteRules whose HTTPRoute's hostnames match the selector", routeSelector: RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"api.toystore.com"}, + Hostnames: []gatewayapiv1.Hostname{"api.toystore.com"}, }, route: route, expected: route.Spec.Rules, @@ -101,23 +101,23 @@ func TestRouteSelectors(t *testing.T) { { name: "route selector selects the HTTPRouteRules whose HTTPRoute's hostnames match the selector additionally to other criteria", routeSelector: RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"api.toystore.com"}, - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Hostnames: []gatewayapiv1.Hostname{"api.toystore.com"}, + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, }, }, }, route: route, - expected: []gatewayapiv1beta1.HTTPRouteRule{route.Spec.Rules[0]}, + expected: []gatewayapiv1.HTTPRouteRule{route.Spec.Rules[0]}, }, { name: "route selector does not select HTTPRouteRules whose HTTPRoute's hostnames do not match the selector", routeSelector: RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"www.toystore.com"}, + Hostnames: []gatewayapiv1.Hostname{"www.toystore.com"}, }, route: route, expected: nil, @@ -125,11 +125,11 @@ func TestRouteSelectors(t *testing.T) { { name: "route selector does not select HTTPRouteRules whose HTTPRoute's hostnames do not match the selector even when other criteria match", routeSelector: RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"www.toystore.com"}, - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Hostnames: []gatewayapiv1.Hostname{"www.toystore.com"}, + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, }, @@ -143,7 +143,7 @@ func TestRouteSelectors(t *testing.T) { for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { rules := tc.routeSelector.SelectRules(tc.route) - rulesToStringSlice := func(rules []gatewayapiv1beta1.HTTPRouteRule) []string { + rulesToStringSlice := func(rules []gatewayapiv1.HTTPRouteRule) []string { return common.Map(common.Map(rules, common.HTTPRouteRuleToString), func(r string) string { return fmt.Sprintf("{%s}", r) }) } if !reflect.DeepEqual(rules, tc.expected) { @@ -155,11 +155,11 @@ func TestRouteSelectors(t *testing.T) { func TestRouteSelectorsHostnamesForConditions(t *testing.T) { route := testBuildHttpRoute(testBuildGateway()) - route.Spec.Hostnames = append(route.Spec.Hostnames, gatewayapiv1beta1.Hostname("www.toystore.com")) + route.Spec.Hostnames = append(route.Spec.Hostnames, gatewayapiv1.Hostname("www.toystore.com")) // route and selector with exact same hostnames selector := RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"api.toystore.com", "www.toystore.com"}, + Hostnames: []gatewayapiv1.Hostname{"api.toystore.com", "www.toystore.com"}, } result := selector.HostnamesForConditions(route) if expected := 1; len(result) != expected { @@ -171,7 +171,7 @@ func TestRouteSelectorsHostnamesForConditions(t *testing.T) { // route and selector with some overlapping hostnames selector = RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"api.toystore.com", "other.io"}, + Hostnames: []gatewayapiv1.Hostname{"api.toystore.com", "other.io"}, } result = selector.HostnamesForConditions(route) if expected := 1; len(result) != expected { @@ -183,7 +183,7 @@ func TestRouteSelectorsHostnamesForConditions(t *testing.T) { // route and selector with no overlapping hostnames selector = RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"other.io"}, + Hostnames: []gatewayapiv1.Hostname{"other.io"}, } result = selector.HostnamesForConditions(route) if expected := 0; len(result) != expected { @@ -201,9 +201,9 @@ func TestRouteSelectorsHostnamesForConditions(t *testing.T) { } // route without hostnames and selector with hostnames - route.Spec.Hostnames = []gatewayapiv1beta1.Hostname{} + route.Spec.Hostnames = []gatewayapiv1.Hostname{} selector = RouteSelector{ - Hostnames: []gatewayapiv1beta1.Hostname{"api.toystore.com"}, + Hostnames: []gatewayapiv1.Hostname{"api.toystore.com"}, } result = selector.HostnamesForConditions(route) if expected := 1; len(result) != expected { @@ -221,59 +221,59 @@ func TestRouteSelectorsHostnamesForConditions(t *testing.T) { } } -func testBuildGateway() *gatewayapiv1beta1.Gateway { - return &gatewayapiv1beta1.Gateway{ +func testBuildGateway() *gatewayapiv1.Gateway { + return &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Name: "my-gateway", }, - Spec: gatewayapiv1beta1.GatewaySpec{ - Listeners: []gatewayapiv1beta1.Listener{ + Spec: gatewayapiv1.GatewaySpec{ + Listeners: []gatewayapiv1.Listener{ { - Hostname: ptr.To(gatewayapiv1beta1.Hostname("*.toystore.com")), + Hostname: ptr.To(gatewayapiv1.Hostname("*.toystore.com")), }, }, }, } } -func testBuildHttpRoute(parentGateway *gatewayapiv1beta1.Gateway) *gatewayapiv1beta1.HTTPRoute { - return &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ +func testBuildHttpRoute(parentGateway *gatewayapiv1.Gateway) *gatewayapiv1.HTTPRoute { + return &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { - Name: gatewayapiv1beta1.ObjectName(parentGateway.Name), + Name: gatewayapiv1.ObjectName(parentGateway.Name), }, }, }, - Hostnames: []gatewayapiv1beta1.Hostname{"api.toystore.com"}, - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + Hostnames: []gatewayapiv1.Hostname{"api.toystore.com"}, + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ // get /toys* { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethod("GET")}[0], + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethod("GET")}[0], }, // post /toys* { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethod("POST")}[0], + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethod("POST")}[0], }, }, }, { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ // /assets* { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/assets"}[0], }, }, diff --git a/api/v1beta2/zz_generated.deepcopy.go b/api/v1beta2/zz_generated.deepcopy.go index e34640951..e7df27649 100644 --- a/api/v1beta2/zz_generated.deepcopy.go +++ b/api/v1beta2/zz_generated.deepcopy.go @@ -24,7 +24,7 @@ import ( apiv1beta2 "github.com/kuadrant/authorino/api/v1beta2" "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/gateway-api/apis/v1beta1" + apisv1 "sigs.k8s.io/gateway-api/apis/v1" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. @@ -496,12 +496,12 @@ func (in *RouteSelector) DeepCopyInto(out *RouteSelector) { *out = *in if in.Hostnames != nil { in, out := &in.Hostnames, &out.Hostnames - *out = make([]v1beta1.Hostname, len(*in)) + *out = make([]apisv1.Hostname, len(*in)) copy(*out, *in) } if in.Matches != nil { in, out := &in.Matches, &out.Matches - *out = make([]v1beta1.HTTPRouteMatch, len(*in)) + *out = make([]apisv1.HTTPRouteMatch, len(*in)) for i := range *in { (*in)[i].DeepCopyInto(&(*out)[i]) } diff --git a/controllers/authpolicy_authconfig.go b/controllers/authpolicy_authconfig.go index a0fbe65cb..478ae54bd 100644 --- a/controllers/authpolicy_authconfig.go +++ b/controllers/authpolicy_authconfig.go @@ -11,7 +11,7 @@ import ( apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" authorinoapi "github.com/kuadrant/authorino/api/v1beta2" api "github.com/kuadrant/kuadrant-operator/api/v1beta2" @@ -79,28 +79,28 @@ func (r *AuthPolicyReconciler) desiredAuthConfig(ctx context.Context, ap *api.Au Spec: authorinoapi.AuthConfigSpec{}, } - var route *gatewayapiv1beta1.HTTPRoute + var route *gatewayapiv1.HTTPRoute var hosts []string switch obj := targetNetworkObject.(type) { - case *gatewayapiv1beta1.HTTPRoute: + case *gatewayapiv1.HTTPRoute: route = obj var err error hosts, err = common.HostnamesFromHTTPRoute(ctx, obj, r.Client()) if err != nil { return nil, err } - case *gatewayapiv1beta1.Gateway: + case *gatewayapiv1.Gateway: // fake a single httproute with all rules from all httproutes accepted by the gateway, // that do not have an authpolicy of its own, so we can generate wasm rules for those cases gw := common.GatewayWrapper{Gateway: obj} gwHostnames := gw.Hostnames() if len(hosts) == 0 { - gwHostnames = []gatewayapiv1beta1.Hostname{"*"} + gwHostnames = []gatewayapiv1.Hostname{"*"} } hosts = common.HostnamesToStrings(gwHostnames) - rules := make([]gatewayapiv1beta1.HTTPRouteRule, 0) + rules := make([]gatewayapiv1.HTTPRouteRule, 0) routes := r.FetchAcceptedGatewayHTTPRoutes(ctx, ap.TargetKey()) for idx := range routes { route := routes[idx] @@ -115,8 +115,8 @@ func (r *AuthPolicyReconciler) desiredAuthConfig(ctx context.Context, ap *api.Au common.TagObjectToDelete(authConfig) return authConfig, nil } - route = &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ + route = &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ Hostnames: gwHostnames, Rules: rules, }, @@ -196,7 +196,7 @@ func authorinoSpecsFromConfigs[T, U any](configs map[string]U, extractAuthorinoS return specs } -func mergeConditionsFromRouteSelectorsIntoConfigs(ap *api.AuthPolicy, route *gatewayapiv1beta1.HTTPRoute, authConfig *authorinoapi.AuthConfig) (*authorinoapi.AuthConfig, error) { +func mergeConditionsFromRouteSelectorsIntoConfigs(ap *api.AuthPolicy, route *gatewayapiv1.HTTPRoute, authConfig *authorinoapi.AuthConfig) (*authorinoapi.AuthConfig, error) { // authentication for name, config := range ap.Spec.AuthScheme.Authentication { conditions, err := authorinoConditionsFromRouteSelectors(route, config) @@ -288,7 +288,7 @@ func mergeConditionsFromRouteSelectorsIntoConfigs(ap *api.AuthPolicy, route *gat } // authorinoConditionFromRouteSelectors builds a list of Authorino conditions from a config that may specify route selectors -func authorinoConditionsFromRouteSelectors(route *gatewayapiv1beta1.HTTPRoute, config api.RouteSelectorsGetter) ([]authorinoapi.PatternExpressionOrRef, error) { +func authorinoConditionsFromRouteSelectors(route *gatewayapiv1.HTTPRoute, config api.RouteSelectorsGetter) ([]authorinoapi.PatternExpressionOrRef, error) { routeSelectors := config.GetRouteSelectors() if len(routeSelectors) == 0 { @@ -311,7 +311,7 @@ func authorinoConditionsFromRouteSelectors(route *gatewayapiv1beta1.HTTPRoute, c } // authorinoConditionsFromHTTPRoute builds a list of Authorino conditions from an HTTPRoute, without using route selectors. -func authorinoConditionsFromHTTPRoute(route *gatewayapiv1beta1.HTTPRoute) []authorinoapi.PatternExpressionOrRef { +func authorinoConditionsFromHTTPRoute(route *gatewayapiv1.HTTPRoute) []authorinoapi.PatternExpressionOrRef { conditions := []authorinoapi.PatternExpressionOrRef{} hostnamesForConditions := (&api.RouteSelector{}).HostnamesForConditions(route) for _, rule := range route.Spec.Rules { @@ -324,7 +324,7 @@ func authorinoConditionsFromHTTPRoute(route *gatewayapiv1beta1.HTTPRoute) []auth // * Each combination of HTTPRouteMatch and hostname yields one condition. // * Rules that specify no explicit HTTPRouteMatch are assumed to match all requests (i.e. implicit catch-all rule.) // * Empty list of hostnames yields a condition without a hostname pattern expression. -func authorinoConditionsFromHTTPRouteRule(rule gatewayapiv1beta1.HTTPRouteRule, hostnames []gatewayapiv1beta1.Hostname) []authorinoapi.PatternExpressionOrRef { +func authorinoConditionsFromHTTPRouteRule(rule gatewayapiv1.HTTPRouteRule, hostnames []gatewayapiv1.Hostname) []authorinoapi.PatternExpressionOrRef { hosts := []string{} for _, hostname := range hostnames { if hostname == "*" { @@ -397,7 +397,7 @@ func hostnamesToRegex(hostnames []string) string { }), "|") } -func httpMethodRuleToAuthorinoCondition(method gatewayapiv1beta1.HTTPMethod) authorinoapi.PatternExpressionOrRef { +func httpMethodRuleToAuthorinoCondition(method gatewayapiv1.HTTPMethod) authorinoapi.PatternExpressionOrRef { return authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ Selector: "request.method", @@ -407,7 +407,7 @@ func httpMethodRuleToAuthorinoCondition(method gatewayapiv1beta1.HTTPMethod) aut } } -func httpPathRuleToAuthorinoCondition(path gatewayapiv1beta1.HTTPPathMatch) authorinoapi.PatternExpressionOrRef { +func httpPathRuleToAuthorinoCondition(path gatewayapiv1.HTTPPathMatch) authorinoapi.PatternExpressionOrRef { value := "/" if path.Value != nil { value = *path.Value @@ -416,17 +416,17 @@ func httpPathRuleToAuthorinoCondition(path gatewayapiv1beta1.HTTPPathMatch) auth matchType := path.Type if matchType == nil { - p := gatewayapiv1beta1.PathMatchPathPrefix + p := gatewayapiv1.PathMatchPathPrefix matchType = &p // gateway api defaults to PathMatchPathPrefix } switch *matchType { - case gatewayapiv1beta1.PathMatchExact: + case gatewayapiv1.PathMatchExact: operator = "eq" - case gatewayapiv1beta1.PathMatchPathPrefix: + case gatewayapiv1.PathMatchPathPrefix: operator = "matches" value += ".*" - case gatewayapiv1beta1.PathMatchRegularExpression: + case gatewayapiv1.PathMatchRegularExpression: operator = "matches" } @@ -439,7 +439,7 @@ func httpPathRuleToAuthorinoCondition(path gatewayapiv1beta1.HTTPPathMatch) auth } } -func httpHeadersRuleToAuthorinoConditions(headers []gatewayapiv1beta1.HTTPHeaderMatch) []authorinoapi.PatternExpressionOrRef { +func httpHeadersRuleToAuthorinoConditions(headers []gatewayapiv1.HTTPHeaderMatch) []authorinoapi.PatternExpressionOrRef { conditions := make([]authorinoapi.PatternExpressionOrRef, 0, len(headers)) for _, header := range headers { condition := httpHeaderRuleToAuthorinoCondition(header) @@ -448,9 +448,9 @@ func httpHeadersRuleToAuthorinoConditions(headers []gatewayapiv1beta1.HTTPHeader return conditions } -func httpHeaderRuleToAuthorinoCondition(header gatewayapiv1beta1.HTTPHeaderMatch) authorinoapi.PatternExpressionOrRef { +func httpHeaderRuleToAuthorinoCondition(header gatewayapiv1.HTTPHeaderMatch) authorinoapi.PatternExpressionOrRef { operator := "eq" // gateway api defaults to HeaderMatchExact - if header.Type != nil && *header.Type == gatewayapiv1beta1.HeaderMatchRegularExpression { + if header.Type != nil && *header.Type == gatewayapiv1.HeaderMatchRegularExpression { operator = "matches" } return authorinoapi.PatternExpressionOrRef{ @@ -462,7 +462,7 @@ func httpHeaderRuleToAuthorinoCondition(header gatewayapiv1beta1.HTTPHeaderMatch } } -func httpQueryParamsRuleToAuthorinoConditions(queryParams []gatewayapiv1beta1.HTTPQueryParamMatch) []authorinoapi.PatternExpressionOrRef { +func httpQueryParamsRuleToAuthorinoConditions(queryParams []gatewayapiv1.HTTPQueryParamMatch) []authorinoapi.PatternExpressionOrRef { conditions := make([]authorinoapi.PatternExpressionOrRef, 0, len(queryParams)) for _, queryParam := range queryParams { condition := httpQueryParamRuleToAuthorinoCondition(queryParam) @@ -471,9 +471,9 @@ func httpQueryParamsRuleToAuthorinoConditions(queryParams []gatewayapiv1beta1.HT return conditions } -func httpQueryParamRuleToAuthorinoCondition(queryParam gatewayapiv1beta1.HTTPQueryParamMatch) authorinoapi.PatternExpressionOrRef { +func httpQueryParamRuleToAuthorinoCondition(queryParam gatewayapiv1.HTTPQueryParamMatch) authorinoapi.PatternExpressionOrRef { operator := "eq" // gateway api defaults to QueryParamMatchExact - if queryParam.Type != nil && *queryParam.Type == gatewayapiv1beta1.QueryParamMatchRegularExpression { + if queryParam.Type != nil && *queryParam.Type == gatewayapiv1.QueryParamMatchRegularExpression { operator = "matches" } return authorinoapi.PatternExpressionOrRef{ diff --git a/controllers/authpolicy_authconfig_test.go b/controllers/authpolicy_authconfig_test.go index bef86f20b..37784cd66 100644 --- a/controllers/authpolicy_authconfig_test.go +++ b/controllers/authpolicy_authconfig_test.go @@ -8,20 +8,20 @@ import ( authorinoapi "github.com/kuadrant/authorino/api/v1beta2" "k8s.io/utils/ptr" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" ) func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { testCases := []struct { name string - hostnames []gatewayapiv1beta1.Hostname - rule gatewayapiv1beta1.HTTPRouteRule + hostnames []gatewayapiv1.Hostname + rule gatewayapiv1.HTTPRouteRule expected []authorinoapi.PatternExpressionOrRef }{ { name: "No HTTPRouteMatch", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{}, + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{}, expected: []authorinoapi.PatternExpressionOrRef{ { PatternExpression: authorinoapi.PatternExpression{ @@ -34,12 +34,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Single HTTPRouteMatch", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -78,18 +78,18 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple HTTPRouteMatches", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("Exact")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("Exact")), Value: ptr.To("/foo"), }, }, @@ -152,12 +152,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple hosts", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io", "gamestore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io", "gamestore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -196,12 +196,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Host wildcard", - hostnames: []gatewayapiv1beta1.Hostname{"*.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"*.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -240,12 +240,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Catch-all host is ignored", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io", "*"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io", "*"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -284,10 +284,10 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Method", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("GET")), + Method: ptr.To(gatewayapiv1.HTTPMethod("GET")), }, }, }, @@ -315,11 +315,11 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "PathMatchExact", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("Exact")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("Exact")), Value: ptr.To("/toy"), }, }, @@ -349,11 +349,11 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "PathMatchPrefix", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -383,11 +383,11 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "PathMatchRegularExpression", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("RegularExpression")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("RegularExpression")), Value: ptr.To("^/(dolls|cars)"), }, }, @@ -417,12 +417,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Single header match", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("Exact")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("Exact")), Name: "X-Foo", Value: "a-value", }, @@ -454,17 +454,17 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple header matches", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("Exact")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("Exact")), Name: "x-foo", Value: "a-value", }, { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("Exact")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("Exact")), Name: "x-bar", Value: "other-value", }, @@ -505,12 +505,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "HeaderMatchRegularExpression", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("RegularExpression")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("RegularExpression")), Name: "x-foo", Value: "^a+.*$", }, @@ -542,12 +542,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Single query param match", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - QueryParams: []gatewayapiv1beta1.HTTPQueryParamMatch{ + QueryParams: []gatewayapiv1.HTTPQueryParamMatch{ { - Type: ptr.To(gatewayapiv1beta1.QueryParamMatchType("Exact")), + Type: ptr.To(gatewayapiv1.QueryParamMatchType("Exact")), Name: "x-foo", Value: "a-value", }, @@ -594,17 +594,17 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple query param matches", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - QueryParams: []gatewayapiv1beta1.HTTPQueryParamMatch{ + QueryParams: []gatewayapiv1.HTTPQueryParamMatch{ { - Type: ptr.To(gatewayapiv1beta1.QueryParamMatchType("Exact")), + Type: ptr.To(gatewayapiv1.QueryParamMatchType("Exact")), Name: "x-foo", Value: "a-value", }, { - Type: ptr.To(gatewayapiv1beta1.QueryParamMatchType("Exact")), + Type: ptr.To(gatewayapiv1.QueryParamMatchType("Exact")), Name: "x-bar", Value: "other-value", }, @@ -675,12 +675,12 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { }, { name: "QueryParamMatchRegularExpression", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - QueryParams: []gatewayapiv1beta1.HTTPQueryParamMatch{ + QueryParams: []gatewayapiv1.HTTPQueryParamMatch{ { - Type: ptr.To(gatewayapiv1beta1.QueryParamMatchType("RegularExpression")), + Type: ptr.To(gatewayapiv1.QueryParamMatchType("RegularExpression")), Name: "x-foo", Value: "^a+.*$", }, diff --git a/controllers/authpolicy_controller.go b/controllers/authpolicy_controller.go index 0ff208ed2..490ab653f 100644 --- a/controllers/authpolicy_controller.go +++ b/controllers/authpolicy_controller.go @@ -10,7 +10,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" api "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -119,7 +119,7 @@ func (r *AuthPolicyReconciler) Reconcile(eventCtx context.Context, req ctrl.Requ // trigger concurrent reconciliations of possibly affected gateway policies switch route := targetNetworkObject.(type) { - case *gatewayapiv1beta1.HTTPRoute: + case *gatewayapiv1.HTTPRoute: if err := r.reconcileRouteParentGatewayPolicies(ctx, route); err != nil { return ctrl.Result{}, err } @@ -198,7 +198,7 @@ func (r *AuthPolicyReconciler) deleteNetworkResourceDirectBackReference(ctx cont } // reconcileRouteParentGatewayPolicies triggers the concurrent reconciliation of all policies that target gateways that are parents of a route -func (r *AuthPolicyReconciler) reconcileRouteParentGatewayPolicies(ctx context.Context, route *gatewayapiv1beta1.HTTPRoute) error { +func (r *AuthPolicyReconciler) reconcileRouteParentGatewayPolicies(ctx context.Context, route *gatewayapiv1.HTTPRoute) error { logger, err := logr.FromContext(ctx) if err != nil { return err @@ -227,10 +227,10 @@ func (r *AuthPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). For(&api.AuthPolicy{}). Watches( - &gatewayapiv1beta1.HTTPRoute{}, + &gatewayapiv1.HTTPRoute{}, handler.EnqueueRequestsFromMapFunc(httpRouteEventMapper.MapToAuthPolicy), ). - Watches(&gatewayapiv1beta1.Gateway{}, + Watches(&gatewayapiv1.Gateway{}, handler.EnqueueRequestsFromMapFunc(gatewayEventMapper.MapToAuthPolicy)). Complete(r) } diff --git a/controllers/authpolicy_controller_test.go b/controllers/authpolicy_controller_test.go index fbe3a39f4..3d1fd7d28 100644 --- a/controllers/authpolicy_controller_test.go +++ b/controllers/authpolicy_controller_test.go @@ -20,8 +20,8 @@ import ( "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" authorinoapi "github.com/kuadrant/authorino/api/v1beta2" api "github.com/kuadrant/kuadrant-operator/api/v1beta2" @@ -44,7 +44,7 @@ var _ = Describe("AuthPolicy controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) return err == nil && meta.IsStatusConditionTrue(existingGateway.Status.Conditions, common.GatewayProgrammedConditionType) }, 15*time.Second, 5*time.Second).Should(BeTrue()) @@ -64,7 +64,7 @@ var _ = Describe("AuthPolicy controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingRoute := &gatewayapiv1beta1.HTTPRoute{} + existingRoute := &gatewayapiv1.HTTPRoute{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(route), existingRoute) return err == nil && common.IsHTTPRouteAccepted(existingRoute) }, 15*time.Second, 5*time.Second).Should(BeTrue()) @@ -81,7 +81,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "Gateway", Name: testGatewayName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -143,7 +143,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -203,7 +203,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -218,11 +218,11 @@ var _ = Describe("AuthPolicy controller", func() { // create second (policyless) httproute otherRoute := testBuildBasicHttpRoute("policyless-route", testGatewayName, testNamespace, []string{"*.other"}) - otherRoute.Spec.Rules = []gatewayapiv1beta1.HTTPRouteRule{ + otherRoute.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("POST")), + Method: ptr.To(gatewayapiv1.HTTPMethod("POST")), }, }, }, @@ -241,7 +241,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "Gateway", Name: testGatewayName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -302,7 +302,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -326,7 +326,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "Gateway", Name: testGatewayName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -374,7 +374,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, RouteSelectors: []api.RouteSelector{ { // does not select any HTTPRouteRule @@ -431,7 +431,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -496,7 +496,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -540,7 +540,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, NamedPatterns: map[string]authorinoapi.PatternExpressions{ "internal-source": []authorinoapi.PatternExpression{ @@ -784,7 +784,7 @@ var _ = Describe("AuthPolicy controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingRoute := &gatewayapiv1beta1.HTTPRoute{} + existingRoute := &gatewayapiv1.HTTPRoute{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(route), existingRoute) return err == nil && common.IsHTTPRouteAccepted(existingRoute) }, 15*time.Second, 5*time.Second).Should(BeTrue()) @@ -801,7 +801,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -886,7 +886,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, RouteSelectors: []api.RouteSelector{ { // Selects: POST|DELETE *.admin.toystore.com/admin* @@ -898,7 +898,7 @@ var _ = Describe("AuthPolicy controller", func() { }, }, }, - Hostnames: []gatewayapiv1beta1.Hostname{"*.admin.toystore.com"}, + Hostnames: []gatewayapiv1.Hostname{"*.admin.toystore.com"}, }, { // Selects: GET /private* Matches: []gatewayapiv1alpha2.HTTPRouteMatch{ @@ -1003,7 +1003,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -1019,7 +1019,7 @@ var _ = Describe("AuthPolicy controller", func() { }, }, }, - Hostnames: []gatewayapiv1beta1.Hostname{"*.admin.toystore.com"}, + Hostnames: []gatewayapiv1.Hostname{"*.admin.toystore.com"}, }, } policy.Spec.AuthScheme.Authentication["apiKey"] = config @@ -1130,7 +1130,7 @@ var _ = Describe("AuthPolicy controller", func() { Group: "gateway.networking.k8s.io", Kind: "HTTPRoute", Name: testHTTPRouteName, - Namespace: ptr.To(gatewayapiv1beta1.Namespace(testNamespace)), + Namespace: ptr.To(gatewayapiv1.Namespace(testNamespace)), }, AuthScheme: testBasicAuthScheme(), }, @@ -1138,13 +1138,13 @@ var _ = Describe("AuthPolicy controller", func() { config := policy.Spec.AuthScheme.Authentication["apiKey"] config.RouteSelectors = []api.RouteSelector{ { // Selects: GET /private* - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/private"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("GET")), + Method: ptr.To(gatewayapiv1.HTTPMethod("GET")), }, }, }, diff --git a/controllers/authpolicy_istio_authorizationpolicy.go b/controllers/authpolicy_istio_authorizationpolicy.go index 4a498aa14..b4fdfe92c 100644 --- a/controllers/authpolicy_istio_authorizationpolicy.go +++ b/controllers/authpolicy_istio_authorizationpolicy.go @@ -11,8 +11,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/labels" "sigs.k8s.io/controller-runtime/pkg/client" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" istiosecurity "istio.io/api/security/v1beta1" istio "istio.io/client-go/pkg/apis/security/v1beta1" @@ -101,26 +101,26 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap }, } - var route *gatewayapiv1beta1.HTTPRoute + var route *gatewayapiv1.HTTPRoute gwHostnames := gw.Hostnames() if len(gwHostnames) == 0 { - gwHostnames = []gatewayapiv1beta1.Hostname{"*"} + gwHostnames = []gatewayapiv1.Hostname{"*"} } - var routeHostnames []gatewayapiv1beta1.Hostname + var routeHostnames []gatewayapiv1.Hostname switch obj := targetNetworkObject.(type) { - case *gatewayapiv1beta1.HTTPRoute: + case *gatewayapiv1.HTTPRoute: route = obj if len(route.Spec.Hostnames) > 0 { routeHostnames = common.FilterValidSubdomains(gwHostnames, route.Spec.Hostnames) } else { routeHostnames = gwHostnames } - case *gatewayapiv1beta1.Gateway: + case *gatewayapiv1.Gateway: // fake a single httproute with all rules from all httproutes accepted by the gateway, // that do not have an authpolicy of its own, so we can generate wasm rules for those cases - rules := make([]gatewayapiv1beta1.HTTPRouteRule, 0) + rules := make([]gatewayapiv1.HTTPRouteRule, 0) routes := r.FetchAcceptedGatewayHTTPRoutes(ctx, ap.TargetKey()) for idx := range routes { route := routes[idx] @@ -135,8 +135,8 @@ func (r *AuthPolicyReconciler) istioAuthorizationPolicy(ctx context.Context, ap common.TagObjectToDelete(iap) return iap, nil } - route = &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ + route = &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ Hostnames: gwHostnames, Rules: rules, }, @@ -190,7 +190,7 @@ func istioAuthorizationPolicyLabels(gwKey, apKey client.ObjectKey) map[string]st // These rules are the conditions that, when matched, will make the gateway to call external authorization. // If no rules are specified, the gateway will call external authorization for all requests. // If the route selectors specified in the policy do not match any route rules, an error is returned. -func istioAuthorizationPolicyRules(ap *api.AuthPolicy, route *gatewayapiv1beta1.HTTPRoute) ([]*istiosecurity.Rule, error) { +func istioAuthorizationPolicyRules(ap *api.AuthPolicy, route *gatewayapiv1.HTTPRoute) ([]*istiosecurity.Rule, error) { // use only the top level route selectors if defined if topLevelRouteSelectors := ap.Spec.RouteSelectors; len(topLevelRouteSelectors) > 0 { return istioAuthorizationPolicyRulesFromRouteSelectors(route, topLevelRouteSelectors) @@ -200,7 +200,7 @@ func istioAuthorizationPolicyRules(ap *api.AuthPolicy, route *gatewayapiv1beta1. // istioAuthorizationPolicyRulesFromRouteSelectors builds a list of Istio AuthorizationPolicy rules from an HTTPRoute, // filtered to the HTTPRouteRules and hostnames selected by the route selectors. -func istioAuthorizationPolicyRulesFromRouteSelectors(route *gatewayapiv1beta1.HTTPRoute, routeSelectors []api.RouteSelector) ([]*istiosecurity.Rule, error) { +func istioAuthorizationPolicyRulesFromRouteSelectors(route *gatewayapiv1.HTTPRoute, routeSelectors []api.RouteSelector) ([]*istiosecurity.Rule, error) { istioRules := []*istiosecurity.Rule{} if len(routeSelectors) > 0 { @@ -223,7 +223,7 @@ func istioAuthorizationPolicyRulesFromRouteSelectors(route *gatewayapiv1beta1.HT // istioAuthorizationPolicyRulesFromHTTPRoute builds a list of Istio AuthorizationPolicy rules from an HTTPRoute, // without using route selectors. -func istioAuthorizationPolicyRulesFromHTTPRoute(route *gatewayapiv1beta1.HTTPRoute) []*istiosecurity.Rule { +func istioAuthorizationPolicyRulesFromHTTPRoute(route *gatewayapiv1.HTTPRoute) []*istiosecurity.Rule { istioRules := []*istiosecurity.Rule{} hostnamesForConditions := (&api.RouteSelector{}).HostnamesForConditions(route) @@ -239,7 +239,7 @@ func istioAuthorizationPolicyRulesFromHTTPRoute(route *gatewayapiv1beta1.HTTPRou // * Each combination of HTTPRouteMatch and hostname yields one condition. // * Rules that specify no explicit HTTPRouteMatch are assumed to match all requests (i.e. implicit catch-all rule.) // * Empty list of hostnames yields a condition without a hostname pattern expression. -func istioAuthorizationPolicyRulesFromHTTPRouteRule(rule gatewayapiv1beta1.HTTPRouteRule, hostnames []gatewayapiv1beta1.Hostname) (istioRules []*istiosecurity.Rule) { +func istioAuthorizationPolicyRulesFromHTTPRouteRule(rule gatewayapiv1.HTTPRouteRule, hostnames []gatewayapiv1.Hostname) (istioRules []*istiosecurity.Rule) { hosts := []string{} for _, hostname := range hostnames { if hostname == "*" { @@ -294,9 +294,9 @@ func istioAuthorizationPolicyRulesFromHTTPRouteRule(rule gatewayapiv1beta1.HTTPR skip := false if path.Type != nil { switch *path.Type { - case gatewayapiv1beta1.PathMatchExact: + case gatewayapiv1.PathMatchExact: operator = "" - case gatewayapiv1beta1.PathMatchRegularExpression: + case gatewayapiv1.PathMatchRegularExpression: // ignore this rule as it is not supported by Istio - Authorino will check it anyway skip = true } @@ -322,7 +322,7 @@ func istioAuthorizationPolicyRulesFromHTTPRouteRule(rule gatewayapiv1beta1.HTTPR for idx := range match.Headers { header := match.Headers[idx] - if header.Type != nil && *header.Type == gatewayapiv1beta1.HeaderMatchRegularExpression { + if header.Type != nil && *header.Type == gatewayapiv1.HeaderMatchRegularExpression { // skip this rule as it is not supported by Istio - Authorino will check it anyway continue } diff --git a/controllers/authpolicy_istio_authorizationpolicy_test.go b/controllers/authpolicy_istio_authorizationpolicy_test.go index 9c300569f..a64baf5d7 100644 --- a/controllers/authpolicy_istio_authorizationpolicy_test.go +++ b/controllers/authpolicy_istio_authorizationpolicy_test.go @@ -8,20 +8,20 @@ import ( istiosecurity "istio.io/api/security/v1beta1" "k8s.io/utils/ptr" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" ) func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { testCases := []struct { name string - hostnames []gatewayapiv1beta1.Hostname - rule gatewayapiv1beta1.HTTPRouteRule + hostnames []gatewayapiv1.Hostname + rule gatewayapiv1.HTTPRouteRule expected []*istiosecurity.Rule }{ { name: "No HTTPRouteMatch", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{}, + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{}, expected: []*istiosecurity.Rule{ { To: []*istiosecurity.Rule_To{ @@ -36,12 +36,12 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Single HTTPRouteMatch", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -62,18 +62,18 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple HTTPRouteMatches", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("Exact")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("Exact")), Value: ptr.To("/foo"), }, }, @@ -104,12 +104,12 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple hosts", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io", "gamestore.kuadrant.io"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io", "gamestore.kuadrant.io"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -130,12 +130,12 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Catch-all host is ignored", - hostnames: []gatewayapiv1beta1.Hostname{"toystore.kuadrant.io", "*"}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + hostnames: []gatewayapiv1.Hostname{"toystore.kuadrant.io", "*"}, + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -156,10 +156,10 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Method", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("GET")), + Method: ptr.To(gatewayapiv1.HTTPMethod("GET")), }, }, }, @@ -177,11 +177,11 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "PathMatchExact", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("Exact")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("Exact")), Value: ptr.To("/toy"), }, }, @@ -201,11 +201,11 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "PathMatchPrefix", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/toy"), }, }, @@ -225,11 +225,11 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "PathMatchRegularExpression", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("RegularExpression")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("RegularExpression")), Value: ptr.To("/toy"), }, }, @@ -247,12 +247,12 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Single header match", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("Exact")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("Exact")), Name: "x-foo", Value: "a-value", }, @@ -273,17 +273,17 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "Multiple header matches", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("Exact")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("Exact")), Name: "x-foo", Value: "a-value", }, { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("Exact")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("Exact")), Name: "x-bar", Value: "other-value", }, @@ -308,12 +308,12 @@ func TestIstioAuthorizationPolicyRulesFromHTTPRouteRule(t *testing.T) { }, { name: "HeaderMatchRegularExpression", - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: ptr.To(gatewayapiv1beta1.HeaderMatchType("RegularExpression")), + Type: ptr.To(gatewayapiv1.HeaderMatchType("RegularExpression")), Name: "x-foo", Value: "^a+.*$", }, diff --git a/controllers/gateway_eventmapper.go b/controllers/gateway_eventmapper.go index 0708ee3b8..bd9e7a8f1 100644 --- a/controllers/gateway_eventmapper.go +++ b/controllers/gateway_eventmapper.go @@ -7,7 +7,7 @@ import ( "github.com/go-logr/logr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/kuadrant/kuadrant-operator/pkg/common" ) @@ -28,9 +28,9 @@ func (m *GatewayEventMapper) MapToAuthPolicy(_ context.Context, obj client.Objec func (m *GatewayEventMapper) mapToPolicyRequest(obj client.Object, policyKind string, policyRefsConfig common.PolicyRefsConfig) []reconcile.Request { logger := m.Logger.V(1).WithValues("object", client.ObjectKeyFromObject(obj)) - gateway, ok := obj.(*gatewayapiv1beta1.Gateway) + gateway, ok := obj.(*gatewayapiv1.Gateway) if !ok { - logger.Info("mapToPolicyRequest:", "error", fmt.Sprintf("%T is not a *gatewayapiv1beta1.Gateway", obj)) + logger.Info("mapToPolicyRequest:", "error", fmt.Sprintf("%T is not a *gatewayapiv1.Gateway", obj)) return []reconcile.Request{} } diff --git a/controllers/gateway_kuadrant_controller.go b/controllers/gateway_kuadrant_controller.go index 9f39c529a..21a5cd919 100644 --- a/controllers/gateway_kuadrant_controller.go +++ b/controllers/gateway_kuadrant_controller.go @@ -27,7 +27,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/predicate" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -49,7 +49,7 @@ func (r *GatewayKuadrantReconciler) Reconcile(eventCtx context.Context, req ctrl logger.Info("Reconciling Kuadrant annotations") ctx := logr.NewContext(eventCtx, logger) - gw := &gatewayapiv1beta1.Gateway{} + gw := &gatewayapiv1.Gateway{} if err := r.Client().Get(ctx, req.NamespacedName, gw); err != nil { if apierrors.IsNotFound(err) { logger.Info("no gateway found") @@ -77,7 +77,7 @@ func (r *GatewayKuadrantReconciler) Reconcile(eventCtx context.Context, req ctrl return ctrl.Result{}, nil } -func (r *GatewayKuadrantReconciler) reconcileGatewayKuadrantMetadata(ctx context.Context, gw *gatewayapiv1beta1.Gateway) error { +func (r *GatewayKuadrantReconciler) reconcileGatewayKuadrantMetadata(ctx context.Context, gw *gatewayapiv1.Gateway) error { updated, err := r.reconcileKuadrantNamespaceAnnotation(ctx, gw) if err != nil { return err @@ -92,7 +92,7 @@ func (r *GatewayKuadrantReconciler) reconcileGatewayKuadrantMetadata(ctx context return nil } -func (r *GatewayKuadrantReconciler) reconcileKuadrantNamespaceAnnotation(ctx context.Context, gw *gatewayapiv1beta1.Gateway) (bool, error) { +func (r *GatewayKuadrantReconciler) reconcileKuadrantNamespaceAnnotation(ctx context.Context, gw *gatewayapiv1.Gateway) (bool, error) { logger, err := logr.FromContext(ctx) if err != nil { return false, err @@ -131,6 +131,6 @@ func (r *GatewayKuadrantReconciler) reconcileKuadrantNamespaceAnnotation(ctx con func (r *GatewayKuadrantReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). // Gateway Kuadrant controller only cares about the annotations - For(&gatewayapiv1beta1.Gateway{}, builder.WithPredicates(predicate.AnnotationChangedPredicate{})). + For(&gatewayapiv1.Gateway{}, builder.WithPredicates(predicate.AnnotationChangedPredicate{})). Complete(r) } diff --git a/controllers/gateway_kuadrant_controller_test.go b/controllers/gateway_kuadrant_controller_test.go index 443ec7b50..374395856 100644 --- a/controllers/gateway_kuadrant_controller_test.go +++ b/controllers/gateway_kuadrant_controller_test.go @@ -12,7 +12,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -40,7 +40,7 @@ var _ = Describe("Kuadrant Gateway controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) if err != nil { logf.Log.V(1).Info("[WARN] Getting gateway failed", "error", err) @@ -57,7 +57,7 @@ var _ = Describe("Kuadrant Gateway controller", func() { // Check gateway is annotated with kuadrant annotation Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) if err != nil { logf.Log.V(1).Info("[WARN] Getting gateway failed", "error", err) @@ -98,7 +98,7 @@ var _ = Describe("Kuadrant Gateway controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) if err != nil { logf.Log.V(1).Info("[WARN] Getting gateway failed", "error", err) @@ -115,7 +115,7 @@ var _ = Describe("Kuadrant Gateway controller", func() { // Check gateway is not annotated with kuadrant annotation Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) if err != nil { logf.Log.V(1).Info("[WARN] Getting gateway failed", "error", err) diff --git a/controllers/helper_test.go b/controllers/helper_test.go index 92799c556..3dcd62805 100644 --- a/controllers/helper_test.go +++ b/controllers/helper_test.go @@ -29,7 +29,7 @@ import ( "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" ) func ApplyKuadrantCR(namespace string) { @@ -182,11 +182,11 @@ func CreateOrUpdateK8SObject(obj runtime.Object, k8sClient client.Client) error return k8sClient.Update(context.Background(), k8sObjCopy) } -func testBuildBasicGateway(gwName, ns string) *gatewayapiv1beta1.Gateway { - return &gatewayapiv1beta1.Gateway{ +func testBuildBasicGateway(gwName, ns string) *gatewayapiv1.Gateway { + return &gatewayapiv1.Gateway{ TypeMeta: metav1.TypeMeta{ Kind: "Gateway", - APIVersion: gatewayapiv1beta1.GroupVersion.String(), + APIVersion: gatewayapiv1.GroupVersion.String(), }, ObjectMeta: metav1.ObjectMeta{ Name: gwName, @@ -194,12 +194,12 @@ func testBuildBasicGateway(gwName, ns string) *gatewayapiv1beta1.Gateway { Labels: map[string]string{"app": "rlptest"}, Annotations: map[string]string{"networking.istio.io/service-type": string(corev1.ServiceTypeClusterIP)}, }, - Spec: gatewayapiv1beta1.GatewaySpec{ + Spec: gatewayapiv1.GatewaySpec{ GatewayClassName: "istio", - Listeners: []gatewayapiv1beta1.Listener{ + Listeners: []gatewayapiv1.Listener{ { Name: "default", - Port: gatewayapiv1beta1.PortNumber(80), + Port: gatewayapiv1.PortNumber(80), Protocol: "HTTP", }, }, @@ -207,36 +207,36 @@ func testBuildBasicGateway(gwName, ns string) *gatewayapiv1beta1.Gateway { } } -func testBuildBasicHttpRoute(routeName, gwName, ns string, hostnames []string) *gatewayapiv1beta1.HTTPRoute { - return &gatewayapiv1beta1.HTTPRoute{ +func testBuildBasicHttpRoute(routeName, gwName, ns string, hostnames []string) *gatewayapiv1.HTTPRoute { + return &gatewayapiv1.HTTPRoute{ TypeMeta: metav1.TypeMeta{ Kind: "HTTPRoute", - APIVersion: gatewayapiv1beta1.GroupVersion.String(), + APIVersion: gatewayapiv1.GroupVersion.String(), }, ObjectMeta: metav1.ObjectMeta{ Name: routeName, Namespace: ns, Labels: map[string]string{"app": "rlptest"}, }, - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { - Name: gatewayapiv1beta1.ObjectName(gwName), - Namespace: ptr.To(gatewayapiv1beta1.Namespace(ns)), + Name: gatewayapiv1.ObjectName(gwName), + Namespace: ptr.To(gatewayapiv1.Namespace(ns)), }, }, }, - Hostnames: common.Map(hostnames, func(hostname string) gatewayapiv1beta1.Hostname { return gatewayapiv1beta1.Hostname(hostname) }), - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + Hostnames: common.Map(hostnames, func(hostname string) gatewayapiv1.Hostname { return gatewayapiv1.Hostname(hostname) }), + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchPathPrefix), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchPathPrefix), Value: ptr.To("/toy"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("GET")), + Method: ptr.To(gatewayapiv1.HTTPMethod("GET")), }, }, }, @@ -245,35 +245,35 @@ func testBuildBasicHttpRoute(routeName, gwName, ns string, hostnames []string) * } } -func testBuildMultipleRulesHttpRoute(routeName, gwName, ns string, hostnames []string) *gatewayapiv1beta1.HTTPRoute { +func testBuildMultipleRulesHttpRoute(routeName, gwName, ns string, hostnames []string) *gatewayapiv1.HTTPRoute { route := testBuildBasicHttpRoute(routeName, gwName, ns, hostnames) - route.Spec.Rules = []gatewayapiv1beta1.HTTPRouteRule{ + route.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { // POST|DELETE /admin* - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/admin"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("POST")), + Method: ptr.To(gatewayapiv1.HTTPMethod("POST")), }, { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/admin"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("DELETE")), + Method: ptr.To(gatewayapiv1.HTTPMethod("DELETE")), }, }, }, { // GET /private* - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchType("PathPrefix")), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchType("PathPrefix")), Value: ptr.To("/private"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("GET")), + Method: ptr.To(gatewayapiv1.HTTPMethod("GET")), }, }, }, diff --git a/controllers/httprouteparentrefs_eventmapper.go b/controllers/httprouteparentrefs_eventmapper.go index 0fcebcddb..70bbed511 100644 --- a/controllers/httprouteparentrefs_eventmapper.go +++ b/controllers/httprouteparentrefs_eventmapper.go @@ -7,7 +7,7 @@ import ( "github.com/go-logr/logr" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" api "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -35,9 +35,9 @@ func (m *HTTPRouteParentRefsEventMapper) mapToPolicyRequest(obj client.Object, p "policyKind", policyKind, ) - route, ok := obj.(*gatewayapiv1beta1.HTTPRoute) + route, ok := obj.(*gatewayapiv1.HTTPRoute) if !ok { - logger.Info("mapToPolicyRequest:", "error", fmt.Sprintf("%T is not a *gatewayapiv1beta1.HTTPRoute", obj)) + logger.Info("mapToPolicyRequest:", "error", fmt.Sprintf("%T is not a *gatewayapiv1.HTTPRoute", obj)) return []reconcile.Request{} } @@ -51,7 +51,7 @@ func (m *HTTPRouteParentRefsEventMapper) mapToPolicyRequest(obj client.Object, p // list policies in the same namespace as the parent gateway of the route parentRefNamespace := parentRef.Namespace if parentRefNamespace == nil { - ns := gatewayapiv1beta1.Namespace(route.GetNamespace()) + ns := gatewayapiv1.Namespace(route.GetNamespace()) parentRefNamespace = &ns } if err := m.Client.List(context.Background(), policyList, &client.ListOptions{Namespace: string(*parentRefNamespace)}); err != nil { @@ -70,7 +70,7 @@ func (m *HTTPRouteParentRefsEventMapper) mapToPolicyRequest(obj client.Object, p } targetRefNamespace := targetRef.Namespace if targetRefNamespace == nil { - ns := gatewayapiv1beta1.Namespace(policy.GetNamespace()) + ns := gatewayapiv1.Namespace(policy.GetNamespace()) targetRefNamespace = &ns } if *parentRefNamespace == *targetRefNamespace && parentRef.Name == targetRef.Name { diff --git a/controllers/kuadrant_controller.go b/controllers/kuadrant_controller.go index 5798a3f11..3aa126ac7 100644 --- a/controllers/kuadrant_controller.go +++ b/controllers/kuadrant_controller.go @@ -38,7 +38,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -398,7 +398,7 @@ func buildServiceMeshMember(kObj *kuadrantv1beta1.Kuadrant) *maistrav1.ServiceMe func (r *KuadrantReconciler) reconcileClusterGateways(ctx context.Context, kObj *kuadrantv1beta1.Kuadrant) error { // TODO: After the RFC defined, we might want to get the gw to label/annotate from Kuadrant.Spec or manual labeling/annotation - gwList := &gatewayapiv1beta1.GatewayList{} + gwList := &gatewayapiv1.GatewayList{} if err := r.Client().List(ctx, gwList); err != nil { return err } @@ -427,7 +427,7 @@ func (r *KuadrantReconciler) reconcileClusterGateways(ctx context.Context, kObj } func (r *KuadrantReconciler) removeAnnotationFromGateways(ctx context.Context, kObj *kuadrantv1beta1.Kuadrant) error { - gwList := &gatewayapiv1beta1.GatewayList{} + gwList := &gatewayapiv1.GatewayList{} if err := r.Client().List(ctx, gwList); err != nil { return err } diff --git a/controllers/limitador_cluster_envoyfilter_controller.go b/controllers/limitador_cluster_envoyfilter_controller.go index dafdc5f14..6f6a5cc20 100644 --- a/controllers/limitador_cluster_envoyfilter_controller.go +++ b/controllers/limitador_cluster_envoyfilter_controller.go @@ -32,7 +32,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/builder" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/predicate" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/kuadrant/kuadrant-operator/pkg/common" kuadrantistioutils "github.com/kuadrant/kuadrant-operator/pkg/istio" @@ -55,7 +55,7 @@ func (r *LimitadorClusterEnvoyFilterReconciler) Reconcile(eventCtx context.Conte logger.Info("Reconciling EnvoyFilter") ctx := logr.NewContext(eventCtx, logger) - gw := &gatewayapiv1beta1.Gateway{} + gw := &gatewayapiv1.Gateway{} if err := r.Client().Get(ctx, req.NamespacedName, gw); err != nil { if apierrors.IsNotFound(err) { logger.Info("no gateway found") @@ -83,7 +83,7 @@ func (r *LimitadorClusterEnvoyFilterReconciler) Reconcile(eventCtx context.Conte return ctrl.Result{}, nil } -func (r *LimitadorClusterEnvoyFilterReconciler) reconcileRateLimitingClusterEnvoyFilter(ctx context.Context, gw *gatewayapiv1beta1.Gateway) error { +func (r *LimitadorClusterEnvoyFilterReconciler) reconcileRateLimitingClusterEnvoyFilter(ctx context.Context, gw *gatewayapiv1.Gateway) error { desired, err := r.desiredRateLimitingClusterEnvoyFilter(ctx, gw) if err != nil { return err @@ -97,7 +97,7 @@ func (r *LimitadorClusterEnvoyFilterReconciler) reconcileRateLimitingClusterEnvo return nil } -func (r *LimitadorClusterEnvoyFilterReconciler) desiredRateLimitingClusterEnvoyFilter(ctx context.Context, gw *gatewayapiv1beta1.Gateway) (*istioclientnetworkingv1alpha3.EnvoyFilter, error) { +func (r *LimitadorClusterEnvoyFilterReconciler) desiredRateLimitingClusterEnvoyFilter(ctx context.Context, gw *gatewayapiv1.Gateway) (*istioclientnetworkingv1alpha3.EnvoyFilter, error) { logger, err := logr.FromContext(ctx) if err != nil { return nil, err @@ -166,7 +166,7 @@ func (r *LimitadorClusterEnvoyFilterReconciler) SetupWithManager(mgr ctrl.Manage // Limitador cluster EnvoyFilter controller only cares about // the annotation having references to RLP's // kuadrant.io/ratelimitpolicies - For(&gatewayapiv1beta1.Gateway{}, builder.WithPredicates(predicate.AnnotationChangedPredicate{})). + For(&gatewayapiv1.Gateway{}, builder.WithPredicates(predicate.AnnotationChangedPredicate{})). Owns(&istioclientnetworkingv1alpha3.EnvoyFilter{}). Complete(r) } diff --git a/controllers/limitador_cluster_envoyfilter_controller_test.go b/controllers/limitador_cluster_envoyfilter_controller_test.go index 217ce8d59..be2cec803 100644 --- a/controllers/limitador_cluster_envoyfilter_controller_test.go +++ b/controllers/limitador_cluster_envoyfilter_controller_test.go @@ -15,8 +15,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -38,7 +38,7 @@ var _ = Describe("Limitador Cluster EnvoyFilter controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) if err != nil { logf.Log.V(1).Info("[WARN] Creating gateway failed", "error", err) @@ -86,9 +86,9 @@ var _ = Describe("Limitador Cluster EnvoyFilter controller", func() { }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1beta1.Group("gateway.networking.k8s.io"), + Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "Gateway", - Name: gatewayapiv1beta1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(gwName), }, Limits: map[string]kuadrantv1beta2.Limit{ "l1": { diff --git a/controllers/ratelimitpolicy_controller.go b/controllers/ratelimitpolicy_controller.go index e01b30dd0..83d22affe 100644 --- a/controllers/ratelimitpolicy_controller.go +++ b/controllers/ratelimitpolicy_controller.go @@ -26,7 +26,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" "sigs.k8s.io/controller-runtime/pkg/handler" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -230,13 +230,13 @@ func (r *RateLimitPolicyReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). For(&kuadrantv1beta2.RateLimitPolicy{}). Watches( - &gatewayapiv1beta1.HTTPRoute{}, + &gatewayapiv1.HTTPRoute{}, handler.EnqueueRequestsFromMapFunc(httpRouteEventMapper.MapToRateLimitPolicy), ). // Currently the purpose is to generate events when rlp references change in gateways // so the status of the rlps targeting a route can be keep in sync Watches( - &gatewayapiv1beta1.Gateway{}, + &gatewayapiv1.Gateway{}, handler.EnqueueRequestsFromMapFunc(gatewayEventMapper.MapToRateLimitPolicy), ). Complete(r) diff --git a/controllers/ratelimitpolicy_controller_test.go b/controllers/ratelimitpolicy_controller_test.go index 54e711508..228070dac 100644 --- a/controllers/ratelimitpolicy_controller_test.go +++ b/controllers/ratelimitpolicy_controller_test.go @@ -16,8 +16,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" logf "sigs.k8s.io/controller-runtime/pkg/log" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -33,7 +33,7 @@ var _ = Describe("RateLimitPolicy controller", func() { routeName = "toystore-route" gwName = "toystore-gw" rlpName = "toystore-rlp" - gateway *gatewayapiv1beta1.Gateway + gateway *gatewayapiv1.Gateway ) beforeEachCallback := func() { @@ -43,7 +43,7 @@ var _ = Describe("RateLimitPolicy controller", func() { Expect(err).ToNot(HaveOccurred()) Eventually(func() bool { - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err := k8sClient.Get(context.Background(), client.ObjectKeyFromObject(gateway), existingGateway) if err != nil { logf.Log.V(1).Info("[WARN] Creating gateway failed", "error", err) @@ -96,9 +96,9 @@ var _ = Describe("RateLimitPolicy controller", func() { }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1beta1.Group("gateway.networking.k8s.io"), + Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "HTTPRoute", - Name: gatewayapiv1beta1.ObjectName(routeName), + Name: gatewayapiv1.ObjectName(routeName), }, Limits: map[string]kuadrantv1beta2.Limit{ "l1": { @@ -120,7 +120,7 @@ var _ = Describe("RateLimitPolicy controller", func() { // Check HTTPRoute direct back reference routeKey := client.ObjectKey{Name: routeName, Namespace: testNamespace} - existingRoute := &gatewayapiv1beta1.HTTPRoute{} + existingRoute := &gatewayapiv1.HTTPRoute{} err = k8sClient.Get(context.Background(), routeKey, existingRoute) // must exist Expect(err).ToNot(HaveOccurred()) @@ -192,7 +192,7 @@ var _ = Describe("RateLimitPolicy controller", func() { // Check gateway back references gwKey := client.ObjectKey{Name: gwName, Namespace: testNamespace} - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err = k8sClient.Get(context.Background(), gwKey, existingGateway) // must exist Expect(err).ToNot(HaveOccurred()) @@ -206,30 +206,30 @@ var _ = Describe("RateLimitPolicy controller", func() { It("Creates the correct WasmPlugin for a complex HTTPRoute and a RateLimitPolicy", func() { // create httproute httpRoute := testBuildBasicHttpRoute(routeName, gwName, testNamespace, []string{"*.toystore.acme.com", "api.toystore.io"}) - httpRoute.Spec.Rules = []gatewayapiv1beta1.HTTPRouteRule{ + httpRoute.Spec.Rules = []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { // get /toys* - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchPathPrefix), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchPathPrefix), Value: ptr.To("/toys"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("GET")), + Method: ptr.To(gatewayapiv1.HTTPMethod("GET")), }, { // post /toys* - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchPathPrefix), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchPathPrefix), Value: ptr.To("/toys"), }, - Method: ptr.To(gatewayapiv1beta1.HTTPMethod("POST")), + Method: ptr.To(gatewayapiv1.HTTPMethod("POST")), }, }, }, { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { // /assets* - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchPathPrefix), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchPathPrefix), Value: ptr.To("/assets"), }, }, @@ -251,9 +251,9 @@ var _ = Describe("RateLimitPolicy controller", func() { }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1beta1.Group("gateway.networking.k8s.io"), + Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "HTTPRoute", - Name: gatewayapiv1beta1.ObjectName(routeName), + Name: gatewayapiv1.ObjectName(routeName), }, Limits: map[string]kuadrantv1beta2.Limit{ "toys": { @@ -263,15 +263,15 @@ var _ = Describe("RateLimitPolicy controller", func() { Counters: []kuadrantv1beta2.ContextSelector{"auth.identity.username"}, RouteSelectors: []kuadrantv1beta2.RouteSelector{ { // selects the 1st HTTPRouteRule (i.e. get|post /toys*) for one of the hostnames - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchPathPrefix), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchPathPrefix), Value: ptr.To("/toys"), }, }, }, - Hostnames: []gatewayapiv1beta1.Hostname{"*.toystore.acme.com"}, + Hostnames: []gatewayapiv1.Hostname{"*.toystore.acme.com"}, }, }, When: []kuadrantv1beta2.WhenCondition{ @@ -289,10 +289,10 @@ var _ = Describe("RateLimitPolicy controller", func() { }, RouteSelectors: []kuadrantv1beta2.RouteSelector{ { // selects the 2nd HTTPRouteRule (i.e. /assets*) for all hostnames - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: ptr.To(gatewayapiv1beta1.PathMatchPathPrefix), + Path: &gatewayapiv1.HTTPPathMatch{ + Type: ptr.To(gatewayapiv1.PathMatchPathPrefix), Value: ptr.To("/assets"), }, }, @@ -434,9 +434,9 @@ var _ = Describe("RateLimitPolicy controller", func() { }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1beta1.Group("gateway.networking.k8s.io"), + Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "Gateway", - Name: gatewayapiv1beta1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(gwName), }, Limits: map[string]kuadrantv1beta2.Limit{ "l1": { @@ -458,7 +458,7 @@ var _ = Describe("RateLimitPolicy controller", func() { // Check Gateway direct back reference gwKey := client.ObjectKeyFromObject(gateway) - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err = k8sClient.Get(context.Background(), gwKey, existingGateway) // must exist Expect(err).ToNot(HaveOccurred()) @@ -551,9 +551,9 @@ var _ = Describe("RateLimitPolicy controller", func() { }, Spec: kuadrantv1beta2.RateLimitPolicySpec{ TargetRef: gatewayapiv1alpha2.PolicyTargetReference{ - Group: gatewayapiv1beta1.Group("gateway.networking.k8s.io"), + Group: gatewayapiv1.Group("gateway.networking.k8s.io"), Kind: "Gateway", - Name: gatewayapiv1beta1.ObjectName(gwName), + Name: gatewayapiv1.ObjectName(gwName), }, Limits: map[string]kuadrantv1beta2.Limit{ "l1": { @@ -575,7 +575,7 @@ var _ = Describe("RateLimitPolicy controller", func() { // Check Gateway direct back reference gwKey := client.ObjectKeyFromObject(gateway) - existingGateway := &gatewayapiv1beta1.Gateway{} + existingGateway := &gatewayapiv1.Gateway{} err = k8sClient.Get(context.Background(), gwKey, existingGateway) // must exist Expect(err).ToNot(HaveOccurred()) diff --git a/controllers/ratelimitpolicy_istio_wasmplugin.go b/controllers/ratelimitpolicy_istio_wasmplugin.go index 093e24826..0781efe44 100644 --- a/controllers/ratelimitpolicy_istio_wasmplugin.go +++ b/controllers/ratelimitpolicy_istio_wasmplugin.go @@ -10,7 +10,7 @@ import ( istioclientgoextensionv1alpha1 "istio.io/client-go/pkg/apis/extensions/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/common" @@ -127,7 +127,7 @@ func (r *RateLimitPolicyReconciler) wasmPluginConfig(ctx context.Context, gw com type store struct { rlp kuadrantv1beta2.RateLimitPolicy - route gatewayapiv1beta1.HTTPRoute + route gatewayapiv1.HTTPRoute skip bool } rlps := make(map[string]*store, len(rlpRefs)) @@ -164,13 +164,13 @@ func (r *RateLimitPolicyReconciler) wasmPluginConfig(ctx context.Context, gw com gwHostnames := gw.Hostnames() if len(gwHostnames) == 0 { - gwHostnames = []gatewayapiv1beta1.Hostname{"*"} + gwHostnames = []gatewayapiv1.Hostname{"*"} } // if there is a gateway rlp, fake a single httproute with all rules from all httproutes accepted by the gateway, // that do not have a rlp of its own, so we can generate wasm rules for those cases if gwRLPKey != "" { - rules := make([]gatewayapiv1beta1.HTTPRouteRule, 0) + rules := make([]gatewayapiv1.HTTPRouteRule, 0) routes := r.FetchAcceptedGatewayHTTPRoutes(ctx, rlps[gwRLPKey].rlp.TargetKey()) for idx := range routes { route := routes[idx] @@ -184,8 +184,8 @@ func (r *RateLimitPolicyReconciler) wasmPluginConfig(ctx context.Context, gw com logger.V(1).Info("no httproutes attached to the targeted gateway, skipping wasm config for the gateway rlp", "ratelimitpolicy", gwRLPKey) rlps[gwRLPKey].skip = true } else { - rlps[gwRLPKey].route = gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ + rlps[gwRLPKey].route = gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ Hostnames: gwHostnames, Rules: rules, }, diff --git a/controllers/suite_test.go b/controllers/suite_test.go index a842045fb..ab11764af 100644 --- a/controllers/suite_test.go +++ b/controllers/suite_test.go @@ -37,7 +37,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/envtest" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/kuadrant/kuadrant-operator/pkg/log" logf "sigs.k8s.io/controller-runtime/pkg/log" @@ -83,7 +83,7 @@ var _ = BeforeSuite(func() { err = kuadrantv1beta2.AddToScheme(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) - err = gatewayapiv1beta1.AddToScheme(scheme.Scheme) + err = gatewayapiv1.Install(scheme.Scheme) Expect(err).NotTo(HaveOccurred()) err = authorinoopapi.AddToScheme(scheme.Scheme) diff --git a/go.mod b/go.mod index d9de6f688..0ea561e4b 100644 --- a/go.mod +++ b/go.mod @@ -5,16 +5,16 @@ go 1.20 require ( github.com/elliotchance/orderedmap/v2 v2.2.0 github.com/go-logr/logr v1.2.4 - github.com/google/go-cmp v0.5.9 - github.com/google/uuid v1.3.0 + github.com/google/go-cmp v0.6.0 + github.com/google/uuid v1.3.1 github.com/kuadrant/authorino v0.15.0 github.com/kuadrant/authorino-operator v0.9.0 github.com/kuadrant/limitador-operator v0.4.0 github.com/onsi/ginkgo/v2 v2.11.0 github.com/onsi/gomega v1.27.10 - go.uber.org/zap v1.25.0 - golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 - golang.org/x/sync v0.3.0 + go.uber.org/zap v1.26.0 + golang.org/x/exp v0.0.0-20231006140011-7918f672742d + golang.org/x/sync v0.4.0 google.golang.org/protobuf v1.31.0 gotest.tools v2.2.0+incompatible istio.io/api v0.0.0-20230712174848-a2b2de508c88 @@ -27,12 +27,12 @@ require ( k8s.io/klog/v2 v2.100.1 k8s.io/utils v0.0.0-20230726121419-3b25d923346b sigs.k8s.io/controller-runtime v0.16.3 - sigs.k8s.io/gateway-api v0.6.2 + sigs.k8s.io/gateway-api v1.0.0 ) require ( - cloud.google.com/go v0.110.0 // indirect - cloud.google.com/go/compute v1.19.1 // indirect + cloud.google.com/go v0.110.2 // indirect + cloud.google.com/go/compute v1.20.1 // indirect cloud.google.com/go/compute/metadata v0.2.3 // indirect cloud.google.com/go/logging v1.7.0 // indirect cloud.google.com/go/longrunning v0.4.1 // indirect @@ -40,13 +40,13 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect - github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect - github.com/fsnotify/fsnotify v1.6.0 // indirect + github.com/evanphx/json-patch v5.7.0+incompatible // indirect + github.com/evanphx/json-patch/v5 v5.7.0 // indirect + github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/go-logr/zapr v1.2.4 // indirect - github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonpointer v0.20.0 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect - github.com/go-openapi/swag v0.22.3 // indirect + github.com/go-openapi/swag v0.22.4 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -54,22 +54,23 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/gofuzz v1.2.0 // indirect github.com/google/pprof v0.0.0-20221212185716-aee1124e3a93 // indirect + github.com/google/s2a-go v0.1.4 // indirect github.com/googleapis/enterprise-certificate-proxy v0.2.3 // indirect - github.com/googleapis/gax-go/v2 v2.7.1 // indirect - github.com/imdario/mergo v0.3.12 // indirect + github.com/googleapis/gax-go/v2 v2.11.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/mailru/easyjson v0.7.7 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pkg/errors v0.9.1 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/prometheus/client_golang v1.17.0 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.45.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect github.com/spf13/cobra v1.7.0 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/tidwall/gjson v1.14.0 // indirect @@ -77,28 +78,29 @@ require ( github.com/tidwall/pretty v1.2.0 // indirect go.opencensus.io v0.24.0 // indirect go.uber.org/multierr v1.11.0 // indirect + golang.org/x/crypto v0.14.0 // indirect golang.org/x/net v0.17.0 // indirect - golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/oauth2 v0.13.0 // indirect golang.org/x/sys v0.13.0 // indirect golang.org/x/term v0.13.0 // indirect golang.org/x/text v0.13.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 // indirect + golang.org/x/tools v0.14.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/api v0.114.0 // indirect - google.golang.org/appengine v1.6.7 // indirect - google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 // indirect - google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect - google.golang.org/grpc v1.56.3 // indirect + google.golang.org/api v0.126.0 // indirect + google.golang.org/appengine v1.6.8 // indirect + google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect + google.golang.org/grpc v1.55.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect istio.io/pkg v0.0.0-20230523222708-7056be172a30 // indirect k8s.io/component-base v0.28.3 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.3.0 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index e2c905e72..249ca1f11 100644 --- a/go.sum +++ b/go.sum @@ -1,8 +1,9 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.110.0 h1:Zc8gqp3+a9/Eyph2KDmcGaPtbKRIoqq4YTlL4NMD0Ys= -cloud.google.com/go v0.110.0/go.mod h1:SJnCLqQ0FCFGSZMUNUf84MV3Aia54kn7pi8st7tMzaY= -cloud.google.com/go/compute v1.19.1 h1:am86mquDUgjGNWxiGn+5PGLbmgiWXlE/yNWpIpNvuXY= -cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IKd5/kvShxE= +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +cloud.google.com/go v0.110.2 h1:sdFPBr6xG9/wkBbfhmUz/JmZC7X6LavQgcrVINrKiVA= +cloud.google.com/go v0.110.2/go.mod h1:k04UEeEtb6ZBRTv3dZz4CeJC3jKGxyhl0sAiVVquxiw= +cloud.google.com/go/compute v1.20.1 h1:6aKEtlUiwEpJzM001l0yFkpXmUVXaN8W+fbkb2AZNbg= +cloud.google.com/go/compute v1.20.1/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdiEZc9FEIbM= cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= cloud.google.com/go/iam v0.13.0 h1:+CmB+K0J/33d0zSQ9SlFWUeCCEn5XJA0ZMZ3pHE9u8k= @@ -17,20 +18,26 @@ github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 h1:yL7+Jz0jTC6yykIK/Wh74gnTJnrGr5AyrNMXuA0gves= github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df h1:7RFfzj4SSt6nnvCPbCqijJi1nWCd+TqAT3bYCStRC18= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= -github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= +github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= -github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= +github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= +github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= +github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= +github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195 h1:58f1tJ1ra+zFINPlwLWvQsR9CzAKt2e+EWV2yX9oXQ4= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= @@ -45,30 +52,35 @@ github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRr github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98= -github.com/envoyproxy/go-control-plane v0.11.1-0.20230524094728-9239064ad72f h1:7T++XKzy4xg7PKy+bM+Sa9/oe1OC88yz2hXQUISoXfA= +github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= +github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= +github.com/envoyproxy/go-control-plane v0.11.1-0.20230202164348-98e9e8eacc1a h1:EWOGEDoAqZrA4mM2G8g74h90oBV9wunqguCSMVSGYJg= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/envoyproxy/protoc-gen-validate v0.10.1 h1:c0g45+xCJhdgFGw7a5QAfdS4byAbud7miNWJ1WwEVf8= -github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/envoyproxy/protoc-gen-validate v0.10.0 h1:oIfnZFdC0YhpNNEX+SuIqko4cqqVZeN9IGTrhZje83Y= +github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= +github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= +github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= -github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY= -github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= +github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= +github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/fvbommel/sortorder v1.0.2 h1:mV4o8B2hKboCdkJm+a7uX/SIpZob4JzUpc5GGnM45eo= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= github.com/go-logr/zapr v1.2.4/go.mod h1:FyHWQIzQORZ0QVE1BtVHv3cKtNLuXsbNLtpuhNapBOA= -github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonpointer v0.20.0 h1:ESKJdU9ASRfaPNOPRx12IUyA1vn3R9GiE3KYD14BXdQ= +github.com/go-openapi/jsonpointer v0.20.0/go.mod h1:6PGzBjjIIumbLYysB73Klnms1mwnU4G3YHOECG3CedA= github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= -github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= +github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= @@ -81,16 +93,18 @@ github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= @@ -105,31 +119,34 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= +github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/pprof v0.0.0-20221212185716-aee1124e3a93 h1:D5iJJZKAi0rU4e/5E58BkrnN+xeCDjAIqcm1GGxAGSI= github.com/google/pprof v0.0.0-20221212185716-aee1124e3a93/go.mod h1:dDKJzRmX4S37WGHujM7tX//fmj1uioxKzKxz3lo4HJo= +github.com/google/s2a-go v0.1.4 h1:1kZ/sQM3srePvKs3tXAvQzo66XfcReoqFpIpIccE7Oc= +github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= +github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/enterprise-certificate-proxy v0.2.3 h1:yk9/cqRKtT9wXZSsRH9aurXEpJX+U6FLtpYTdC3R06k= github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5Nm3pW+v7rGDHp09LsPtGY9MduiEsR9k= -github.com/googleapis/gax-go/v2 v2.7.1 h1:gF4c0zjUP2H/s/hEGyLA3I0fA2ZWjzYiONAD6cvPr8A= -github.com/googleapis/gax-go/v2 v2.7.1/go.mod h1:4orTrqY6hXxxaUL4LHIPl6lGo8vAE38/qKbhSAKP6QI= +github.com/googleapis/gax-go/v2 v2.11.0 h1:9V9PWXEsWnPpQhu/PeQIkS4eGzMlTLGgt80cUUI8Ki4= +github.com/googleapis/gax-go/v2 v2.11.0/go.mod h1:DxmR61SGKkGLa2xigwuZIQpkCI2S5iydzRfb3peWZJI= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= +github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= -github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= -github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= +github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jonboulle/clockwork v0.3.0 h1:9BSCMi8C+0qdApAp4auwX0RkLGUjs956h0EkuQymUhg= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= @@ -160,8 +177,8 @@ github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNB github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= @@ -186,15 +203,16 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= +github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q= +github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= @@ -209,12 +227,13 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/tidwall/gjson v1.14.0 h1:6aeJ0bzojgWLa82gDQHcx3S0Lr/O51I9bJ5nv6JFx5w= github.com/tidwall/gjson v1.14.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= @@ -228,8 +247,10 @@ github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= +go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJPI1Nnw= go.starlark.net v0.0.0-20211013185944-b0039bd2cfe3 h1:oBcONsksxvpeodDrLjiMDaKHXKAVVfAydhe/792CE/o= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -240,15 +261,18 @@ go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9i go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= -go.uber.org/zap v1.25.0 h1:4Hvk6GtkucQ790dqmj7l1eEnRdKm3k3ZUrUMS2d5+5c= -go.uber.org/zap v1.25.0/go.mod h1:JIAUzQIH94IC4fOJQm7gMmBJP5k7wQfdcnYdPoEXJYk= +go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= +go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= -golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ= -golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI= +golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= @@ -256,23 +280,29 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= -golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= +golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -280,24 +310,32 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= -golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= +golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= @@ -311,36 +349,41 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 h1:Vve/L0v7CXXuxUmaMGIEK/dEeq7uiqb5qBgQrZzIE7E= -golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= +golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.114.0 h1:1xQPji6cO2E2vLiI+C/XiFAnsn1WV3mjaEwGLhi3grE= -google.golang.org/api v0.114.0/go.mod h1:ifYI2ZsFK6/uGddGfAD5BMxlnkBqCmqHSDUVi45N5Yg= +google.golang.org/api v0.126.0 h1:q4GJq+cAdMAC7XP7njvQ4tvohGLiSlytuL4BQxbIZ+o= +google.golang.org/api v0.126.0/go.mod h1:mBwVAtz+87bEN6CbA1GtZPDOqY2R5ONPqJeIlvyo4Aw= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= +google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= +google.golang.org/genproto v0.0.0-20200513103714-09dca8ec2884/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= -google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54 h1:9NWlQfY2ePejTmfwUH1OWwmznFa+0kKcHGPDvcPza9M= -google.golang.org/genproto v0.0.0-20230526161137-0005af68ea54/go.mod h1:zqTuNwFlFRsw5zIts5VnzLQxSRqh+CGOTVMlYbY0Eyk= -google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9 h1:m8v1xLLLzMe1m5P+gCTF8nJB9epwZQUBERm20Oy1poQ= -google.golang.org/genproto/googleapis/api v0.0.0-20230525234035-dd9d682886f9/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 h1:0nDDozoAU19Qb2HwhXadU8OcsiO/09cnTqhUtq2MEOM= -google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= +google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc h1:8DyZCyvI8mE1IdLy/60bS+52xfymkE72wv1asokgtao= +google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:xZnkP7mREFX5MORlOPEzLMr+90PPZQ2QWzrVTWfAq64= +google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc h1:kVKPf/IiYSBWEWtkIn6wZXwWGCnLKcC8oWfZvXjsGnM= +google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:vHYtlOoi6TsQ3Uk2yxR7NI5z8uoV+3pZtR4jmHIkRig= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc h1:XSJ8Vk1SWuNr8S18z1NZSziL0CPIXLCCMDOEFtHBOFc= +google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc/go.mod h1:66JfowdXAEgad5O9NnYcsNPLCPZJD++2L9X0PCMODrA= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= +google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= -google.golang.org/grpc v1.56.3 h1:8I4C0Yq1EjstUzUJzpcRVbuYA2mODtEmpWiQoN/b2nc= -google.golang.org/grpc v1.56.3/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= +google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU= +google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ= +google.golang.org/grpc v1.55.0 h1:3Oj82/tFSCeUrRTg/5E/7d/W5A1tj6Ky1ABAuZuv5ag= +google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGONTY8= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= @@ -362,8 +405,9 @@ gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc= gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= @@ -395,21 +439,21 @@ k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= -k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= +k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/kubectl v0.26.0 h1:xmrzoKR9CyNdzxBmXV7jW9Ln8WMrwRK6hGbbf69o4T0= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= -sigs.k8s.io/gateway-api v0.6.2 h1:583XHiX2M2bKEA0SAdkoxL1nY73W1+/M+IAm8LJvbEA= -sigs.k8s.io/gateway-api v0.6.2/go.mod h1:EYJT+jlPWTeNskjV0JTki/03WX1cyAnBhwBJfYHpV/0= +sigs.k8s.io/gateway-api v1.0.0 h1:iPTStSv41+d9p0xFydll6d7f7MOBGuqXM6p2/zVYMAs= +sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudLlf4c= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.12.1 h1:7YM7gW3kYBwtKvoY216ZzY+8hM+lV53LUayghNRJ0vM= sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2Tk= sigs.k8s.io/mcs-api v0.1.0 h1:edDbg0oRGfXw8TmZjKYep06LcJLv/qcYLidejnUp0PM= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= +sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/main.go b/main.go index a2865d5c0..a91e8827f 100644 --- a/main.go +++ b/main.go @@ -47,7 +47,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/healthz" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" @@ -71,7 +71,7 @@ func init() { utilruntime.Must(authorinoapi.AddToScheme(scheme)) utilruntime.Must(istionetworkingv1alpha3.AddToScheme(scheme)) utilruntime.Must(istiosecurityv1beta1.AddToScheme(scheme)) - utilruntime.Must(gatewayapiv1beta1.AddToScheme(scheme)) + utilruntime.Must(gatewayapiv1.Install(scheme)) utilruntime.Must(istioextensionv1alpha1.AddToScheme(scheme)) utilruntime.Must(apiextv1.AddToScheme(scheme)) utilruntime.Must(istioapis.AddToScheme(scheme)) diff --git a/pkg/common/common.go b/pkg/common/common.go index 8f4d50772..e201d8b6f 100644 --- a/pkg/common/common.go +++ b/pkg/common/common.go @@ -22,8 +22,8 @@ import ( "golang.org/x/exp/slices" "sigs.k8s.io/controller-runtime/pkg/client" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) // TODO: move the const to a proper place, or get it from config @@ -41,7 +41,7 @@ const ( type KuadrantPolicy interface { client.Object GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference - GetWrappedNamespace() gatewayapiv1beta1.Namespace + GetWrappedNamespace() gatewayapiv1.Namespace GetRulesHostnames() []string } @@ -183,9 +183,9 @@ func UnMarshallObjectKey(keyStr string) (client.ObjectKey, error) { return client.ObjectKey{Namespace: keyStr[:namespaceEndIndex], Name: keyStr[namespaceEndIndex+1:]}, nil } -// HostnamesToStrings converts []gatewayapiv1beta1.Hostname to []string -func HostnamesToStrings(hostnames []gatewayapiv1beta1.Hostname) []string { - return Map(hostnames, func(hostname gatewayapiv1beta1.Hostname) string { +// HostnamesToStrings converts []gatewayapiv1.Hostname to []string +func HostnamesToStrings(hostnames []gatewayapiv1.Hostname) []string { + return Map(hostnames, func(hostname gatewayapiv1.Hostname) string { return string(hostname) }) } @@ -214,10 +214,10 @@ func ValidSubdomains(domains, subdomains []string) (bool, string) { } // FilterValidSubdomains returns every subdomain that is a subset of at least one of the (super) domains specified in the first argument. -func FilterValidSubdomains(domains, subdomains []gatewayapiv1beta1.Hostname) []gatewayapiv1beta1.Hostname { - arr := make([]gatewayapiv1beta1.Hostname, 0) +func FilterValidSubdomains(domains, subdomains []gatewayapiv1.Hostname) []gatewayapiv1.Hostname { + arr := make([]gatewayapiv1.Hostname, 0) for _, subsubdomain := range subdomains { - if _, found := Find(domains, func(domain gatewayapiv1beta1.Hostname) bool { + if _, found := Find(domains, func(domain gatewayapiv1.Hostname) bool { return Name(subsubdomain).SubsetOf(Name(domain)) }); found { arr = append(arr, subsubdomain) diff --git a/pkg/common/common_test.go b/pkg/common/common_test.go index 45f6b56cb..d62df1c07 100644 --- a/pkg/common/common_test.go +++ b/pkg/common/common_test.go @@ -8,7 +8,7 @@ import ( "testing" "sigs.k8s.io/controller-runtime/pkg/client" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" ) func TestValidSubdomains(t *testing.T) { @@ -606,32 +606,32 @@ func TestUnMarshallObjectKey(t *testing.T) { func TestHostnamesToStrings(t *testing.T) { testCases := []struct { name string - inputHostnames []gatewayapiv1beta1.Hostname + inputHostnames []gatewayapiv1.Hostname expectedOutput []string }{ { name: "when input is empty then return empty output", - inputHostnames: []gatewayapiv1beta1.Hostname{}, + inputHostnames: []gatewayapiv1.Hostname{}, expectedOutput: []string{}, }, { name: "when input has a single precise hostname then return a single string", - inputHostnames: []gatewayapiv1beta1.Hostname{"example.com"}, + inputHostnames: []gatewayapiv1.Hostname{"example.com"}, expectedOutput: []string{"example.com"}, }, { name: "when input has multiple precise hostnames then return the corresponding strings", - inputHostnames: []gatewayapiv1beta1.Hostname{"example.com", "test.com", "localhost"}, + inputHostnames: []gatewayapiv1.Hostname{"example.com", "test.com", "localhost"}, expectedOutput: []string{"example.com", "test.com", "localhost"}, }, { name: "when input has a wildcard hostname then return the wildcard string", - inputHostnames: []gatewayapiv1beta1.Hostname{"*.example.com"}, + inputHostnames: []gatewayapiv1.Hostname{"*.example.com"}, expectedOutput: []string{"*.example.com"}, }, { name: "when input has both precise and wildcard hostnames then return the corresponding strings", - inputHostnames: []gatewayapiv1beta1.Hostname{"example.com", "*.test.com"}, + inputHostnames: []gatewayapiv1.Hostname{"example.com", "*.test.com"}, expectedOutput: []string{"example.com", "*.test.com"}, }, } @@ -649,39 +649,39 @@ func TestHostnamesToStrings(t *testing.T) { func TestFilterValidSubdomains(t *testing.T) { testCases := []struct { name string - domains []gatewayapiv1beta1.Hostname - subdomains []gatewayapiv1beta1.Hostname - expected []gatewayapiv1beta1.Hostname + domains []gatewayapiv1.Hostname + subdomains []gatewayapiv1.Hostname + expected []gatewayapiv1.Hostname }{ { name: "when all subdomains are valid", - domains: []gatewayapiv1beta1.Hostname{"my-app.apps.io", "*.acme.com"}, - subdomains: []gatewayapiv1beta1.Hostname{"toystore.acme.com", "my-app.apps.io", "carstore.acme.com"}, - expected: []gatewayapiv1beta1.Hostname{"toystore.acme.com", "my-app.apps.io", "carstore.acme.com"}, + domains: []gatewayapiv1.Hostname{"my-app.apps.io", "*.acme.com"}, + subdomains: []gatewayapiv1.Hostname{"toystore.acme.com", "my-app.apps.io", "carstore.acme.com"}, + expected: []gatewayapiv1.Hostname{"toystore.acme.com", "my-app.apps.io", "carstore.acme.com"}, }, { name: "when some subdomains are valid and some are not", - domains: []gatewayapiv1beta1.Hostname{"my-app.apps.io", "*.acme.com"}, - subdomains: []gatewayapiv1beta1.Hostname{"toystore.acme.com", "my-app.apps.io", "other-app.apps.io"}, - expected: []gatewayapiv1beta1.Hostname{"toystore.acme.com", "my-app.apps.io"}, + domains: []gatewayapiv1.Hostname{"my-app.apps.io", "*.acme.com"}, + subdomains: []gatewayapiv1.Hostname{"toystore.acme.com", "my-app.apps.io", "other-app.apps.io"}, + expected: []gatewayapiv1.Hostname{"toystore.acme.com", "my-app.apps.io"}, }, { name: "when none of subdomains are valid", - domains: []gatewayapiv1beta1.Hostname{"my-app.apps.io", "*.acme.com"}, - subdomains: []gatewayapiv1beta1.Hostname{"other-app.apps.io"}, - expected: []gatewayapiv1beta1.Hostname{}, + domains: []gatewayapiv1.Hostname{"my-app.apps.io", "*.acme.com"}, + subdomains: []gatewayapiv1.Hostname{"other-app.apps.io"}, + expected: []gatewayapiv1.Hostname{}, }, { name: "when the set of super domains is empty", - domains: []gatewayapiv1beta1.Hostname{}, - subdomains: []gatewayapiv1beta1.Hostname{"toystore.acme.com"}, - expected: []gatewayapiv1beta1.Hostname{}, + domains: []gatewayapiv1.Hostname{}, + subdomains: []gatewayapiv1.Hostname{"toystore.acme.com"}, + expected: []gatewayapiv1.Hostname{}, }, { name: "when the set of subdomains is empty", - domains: []gatewayapiv1beta1.Hostname{"my-app.apps.io", "*.acme.com"}, - subdomains: []gatewayapiv1beta1.Hostname{}, - expected: []gatewayapiv1beta1.Hostname{}, + domains: []gatewayapiv1.Hostname{"my-app.apps.io", "*.acme.com"}, + subdomains: []gatewayapiv1.Hostname{}, + expected: []gatewayapiv1.Hostname{}, }, } diff --git a/pkg/common/gatewayapi_utils.go b/pkg/common/gatewayapi_utils.go index af79def89..960907352 100644 --- a/pkg/common/gatewayapi_utils.go +++ b/pkg/common/gatewayapi_utils.go @@ -13,8 +13,8 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/utils/ptr" "sigs.k8s.io/controller-runtime/pkg/client" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) const GatewayProgrammedConditionType = "Programmed" @@ -33,7 +33,7 @@ func IsTargetRefGateway(targetRef gatewayapiv1alpha2.PolicyTargetReference) bool return targetRef.Group == ("gateway.networking.k8s.io") && targetRef.Kind == ("Gateway") } -func RouteHTTPMethodToRuleMethod(httpMethod *gatewayapiv1beta1.HTTPMethod) []string { +func RouteHTTPMethodToRuleMethod(httpMethod *gatewayapiv1.HTTPMethod) []string { if httpMethod == nil { return nil } @@ -41,7 +41,7 @@ func RouteHTTPMethodToRuleMethod(httpMethod *gatewayapiv1beta1.HTTPMethod) []str return []string{string(*httpMethod)} } -func RouteHostnames(route *gatewayapiv1beta1.HTTPRoute) []string { +func RouteHostnames(route *gatewayapiv1.HTTPRoute) []string { if route == nil { return nil } @@ -60,7 +60,7 @@ func RouteHostnames(route *gatewayapiv1beta1.HTTPRoute) []string { } // RulesFromHTTPRoute computes a list of rules from the HTTPRoute object -func RulesFromHTTPRoute(route *gatewayapiv1beta1.HTTPRoute) []HTTPRouteRule { +func RulesFromHTTPRoute(route *gatewayapiv1.HTTPRoute) []HTTPRouteRule { if route == nil { return nil } @@ -94,15 +94,15 @@ func RulesFromHTTPRoute(route *gatewayapiv1beta1.HTTPRoute) []HTTPRouteRule { } type HTTPRouteRuleSelector struct { - *gatewayapiv1beta1.HTTPRouteMatch + *gatewayapiv1.HTTPRouteMatch } -func (s *HTTPRouteRuleSelector) Selects(rule gatewayapiv1beta1.HTTPRouteRule) bool { +func (s *HTTPRouteRuleSelector) Selects(rule gatewayapiv1.HTTPRouteRule) bool { if s.HTTPRouteMatch == nil { return true } - _, found := Find(rule.Matches, func(ruleMatch gatewayapiv1beta1.HTTPRouteMatch) bool { + _, found := Find(rule.Matches, func(ruleMatch gatewayapiv1.HTTPRouteMatch) bool { // path if s.Path != nil && !reflect.DeepEqual(s.Path, ruleMatch.Path) { return false @@ -115,7 +115,7 @@ func (s *HTTPRouteRuleSelector) Selects(rule gatewayapiv1beta1.HTTPRouteRule) bo // headers for _, header := range s.Headers { - if _, found := Find(ruleMatch.Headers, func(otherHeader gatewayapiv1beta1.HTTPHeaderMatch) bool { + if _, found := Find(ruleMatch.Headers, func(otherHeader gatewayapiv1.HTTPHeaderMatch) bool { return reflect.DeepEqual(header, otherHeader) }); !found { return false @@ -124,7 +124,7 @@ func (s *HTTPRouteRuleSelector) Selects(rule gatewayapiv1beta1.HTTPRouteRule) bo // query params for _, param := range s.QueryParams { - if _, found := Find(ruleMatch.QueryParams, func(otherParam gatewayapiv1beta1.HTTPQueryParamMatch) bool { + if _, found := Find(ruleMatch.QueryParams, func(otherParam gatewayapiv1.HTTPQueryParamMatch) bool { return reflect.DeepEqual(param, otherParam) }); !found { return false @@ -138,12 +138,12 @@ func (s *HTTPRouteRuleSelector) Selects(rule gatewayapiv1beta1.HTTPRouteRule) bo } // HTTPRouteRuleToString prints the matches of a HTTPRouteRule as string -func HTTPRouteRuleToString(rule gatewayapiv1beta1.HTTPRouteRule) string { +func HTTPRouteRuleToString(rule gatewayapiv1.HTTPRouteRule) string { matches := Map(rule.Matches, HTTPRouteMatchToString) return fmt.Sprintf("{matches:[%s]}", strings.Join(matches, ",")) } -func HTTPRouteMatchToString(match gatewayapiv1beta1.HTTPRouteMatch) string { +func HTTPRouteMatchToString(match gatewayapiv1.HTTPRouteMatch) string { var patterns []string if method := match.Method; method != nil { patterns = append(patterns, fmt.Sprintf("method:%v", HTTPMethodToString(method))) @@ -162,42 +162,42 @@ func HTTPRouteMatchToString(match gatewayapiv1beta1.HTTPRouteMatch) string { return fmt.Sprintf("{%s}", strings.Join(patterns, ",")) } -func HTTPPathMatchToString(path *gatewayapiv1beta1.HTTPPathMatch) string { +func HTTPPathMatchToString(path *gatewayapiv1.HTTPPathMatch) string { if path == nil { return "*" } if path.Type != nil { switch *path.Type { - case gatewayapiv1beta1.PathMatchExact: + case gatewayapiv1.PathMatchExact: return *path.Value - case gatewayapiv1beta1.PathMatchRegularExpression: + case gatewayapiv1.PathMatchRegularExpression: return fmt.Sprintf("~/%s/", *path.Value) } } return fmt.Sprintf("%s*", *path.Value) } -func HTTPHeaderMatchToString(header gatewayapiv1beta1.HTTPHeaderMatch) string { +func HTTPHeaderMatchToString(header gatewayapiv1.HTTPHeaderMatch) string { if header.Type != nil { switch *header.Type { - case gatewayapiv1beta1.HeaderMatchRegularExpression: + case gatewayapiv1.HeaderMatchRegularExpression: return fmt.Sprintf("{%s:~/%s/}", header.Name, header.Value) } } return fmt.Sprintf("{%s:%s}", header.Name, header.Value) } -func HTTPQueryParamMatchToString(queryParam gatewayapiv1beta1.HTTPQueryParamMatch) string { +func HTTPQueryParamMatchToString(queryParam gatewayapiv1.HTTPQueryParamMatch) string { if queryParam.Type != nil { switch *queryParam.Type { - case gatewayapiv1beta1.QueryParamMatchRegularExpression: + case gatewayapiv1.QueryParamMatchRegularExpression: return fmt.Sprintf("{%s:~/%s/}", queryParam.Name, queryParam.Value) } } return fmt.Sprintf("{%s:%s}", queryParam.Name, queryParam.Value) } -func HTTPMethodToString(method *gatewayapiv1beta1.HTTPMethod) string { +func HTTPMethodToString(method *gatewayapiv1.HTTPMethod) string { if method == nil { return "*" } @@ -208,7 +208,7 @@ func GetKuadrantNamespaceFromPolicyTargetRef(ctx context.Context, cli client.Cli targetRef := policy.GetTargetRef() gwNamespacedName := types.NamespacedName{Namespace: string(ptr.Deref(targetRef.Namespace, policy.GetWrappedNamespace())), Name: string(targetRef.Name)} if IsTargetRefHTTPRoute(targetRef) { - route := &gatewayapiv1beta1.HTTPRoute{} + route := &gatewayapiv1.HTTPRoute{} if err := cli.Get( ctx, types.NamespacedName{Namespace: string(ptr.Deref(targetRef.Namespace, policy.GetWrappedNamespace())), Name: string(targetRef.Name)}, @@ -220,7 +220,7 @@ func GetKuadrantNamespaceFromPolicyTargetRef(ctx context.Context, cli client.Cli parentRef := route.Spec.ParentRefs[0] gwNamespacedName = types.NamespacedName{Namespace: string(*parentRef.Namespace), Name: string(parentRef.Name)} } - gw := &gatewayapiv1beta1.Gateway{} + gw := &gatewayapiv1.Gateway{} if err := cli.Get(ctx, gwNamespacedName, gw); err != nil { return "", err } @@ -262,7 +262,7 @@ func AnnotateObject(obj client.Object, namespace string) { } } -func DeleteKuadrantAnnotationFromGateway(gw *gatewayapiv1beta1.Gateway, namespace string) { +func DeleteKuadrantAnnotationFromGateway(gw *gatewayapiv1.Gateway, namespace string) { annotations := gw.GetAnnotations() if IsKuadrantManaged(gw) && annotations[KuadrantNamespaceLabel] == namespace { delete(gw.Annotations, KuadrantNamespaceLabel) @@ -270,20 +270,20 @@ func DeleteKuadrantAnnotationFromGateway(gw *gatewayapiv1beta1.Gateway, namespac } // routePathMatchToRulePath converts HTTPRoute pathmatch rule to kuadrant's rule path -func routePathMatchToRulePath(pathMatch *gatewayapiv1beta1.HTTPPathMatch) []string { +func routePathMatchToRulePath(pathMatch *gatewayapiv1.HTTPPathMatch) []string { if pathMatch == nil { return nil } // Only support for Exact and Prefix match - if pathMatch.Type != nil && *pathMatch.Type != gatewayapiv1beta1.PathMatchPathPrefix && - *pathMatch.Type != gatewayapiv1beta1.PathMatchExact { + if pathMatch.Type != nil && *pathMatch.Type != gatewayapiv1.PathMatchPathPrefix && + *pathMatch.Type != gatewayapiv1.PathMatchExact { return nil } // Exact path match suffix := "" - if pathMatch.Type == nil || *pathMatch.Type == gatewayapiv1beta1.PathMatchPathPrefix { + if pathMatch.Type == nil || *pathMatch.Type == gatewayapiv1.PathMatchPathPrefix { // defaults to path prefix match type suffix = "*" } @@ -312,7 +312,7 @@ func (c *KuadrantAuthPolicyRefsConfig) PolicyRefsAnnotation() string { return AuthPoliciesBackRefAnnotation } -func GatewaysMissingPolicyRef(gwList *gatewayapiv1beta1.GatewayList, policyKey client.ObjectKey, policyGwKeys []client.ObjectKey, config PolicyRefsConfig) []GatewayWrapper { +func GatewaysMissingPolicyRef(gwList *gatewayapiv1.GatewayList, policyKey client.ObjectKey, policyGwKeys []client.ObjectKey, config PolicyRefsConfig) []GatewayWrapper { // gateways referenced by the policy but do not have reference to it in the annotations gateways := make([]GatewayWrapper, 0) for i := range gwList.Items { @@ -325,7 +325,7 @@ func GatewaysMissingPolicyRef(gwList *gatewayapiv1beta1.GatewayList, policyKey c return gateways } -func GatewaysWithValidPolicyRef(gwList *gatewayapiv1beta1.GatewayList, policyKey client.ObjectKey, policyGwKeys []client.ObjectKey, config PolicyRefsConfig) []GatewayWrapper { +func GatewaysWithValidPolicyRef(gwList *gatewayapiv1.GatewayList, policyKey client.ObjectKey, policyGwKeys []client.ObjectKey, config PolicyRefsConfig) []GatewayWrapper { // gateways referenced by the policy but also have reference to it in the annotations gateways := make([]GatewayWrapper, 0) for i := range gwList.Items { @@ -338,7 +338,7 @@ func GatewaysWithValidPolicyRef(gwList *gatewayapiv1beta1.GatewayList, policyKey return gateways } -func GatewaysWithInvalidPolicyRef(gwList *gatewayapiv1beta1.GatewayList, policyKey client.ObjectKey, policyGwKeys []client.ObjectKey, config PolicyRefsConfig) []GatewayWrapper { +func GatewaysWithInvalidPolicyRef(gwList *gatewayapiv1.GatewayList, policyKey client.ObjectKey, policyGwKeys []client.ObjectKey, config PolicyRefsConfig) []GatewayWrapper { // gateways not referenced by the policy but still have reference in the annotations gateways := make([]GatewayWrapper, 0) for i := range gwList.Items { @@ -353,7 +353,7 @@ func GatewaysWithInvalidPolicyRef(gwList *gatewayapiv1beta1.GatewayList, policyK // GatewayWrapper wraps a Gateway API Gateway adding methods and configs to manage policy references in annotations type GatewayWrapper struct { - *gatewayapiv1beta1.Gateway + *gatewayapiv1.Gateway PolicyRefsConfig } @@ -487,8 +487,8 @@ func (g GatewayWrapper) DeletePolicy(policyKey client.ObjectKey) bool { } // Hostnames builds a list of hostnames from the listeners. -func (g GatewayWrapper) Hostnames() []gatewayapiv1beta1.Hostname { - hostnames := make([]gatewayapiv1beta1.Hostname, 0) +func (g GatewayWrapper) Hostnames() []gatewayapiv1.Hostname { + hostnames := make([]gatewayapiv1.Hostname, 0) if g.Gateway == nil { return hostnames } @@ -521,11 +521,11 @@ func (g GatewayWrapperList) Swap(i, j int) { func TargetHostnames(targetNetworkObject client.Object) ([]string, error) { hosts := make([]string, 0) switch obj := targetNetworkObject.(type) { - case *gatewayapiv1beta1.HTTPRoute: + case *gatewayapiv1.HTTPRoute: for _, hostname := range obj.Spec.Hostnames { hosts = append(hosts, string(hostname)) } - case *gatewayapiv1beta1.Gateway: + case *gatewayapiv1.Gateway: for idx := range obj.Spec.Listeners { if obj.Spec.Listeners[idx].Hostname != nil { hosts = append(hosts, string(*obj.Spec.Listeners[idx].Hostname)) @@ -541,7 +541,7 @@ func TargetHostnames(targetNetworkObject client.Object) ([]string, error) { } // HostnamesFromHTTPRoute returns an array of all hostnames specified in a HTTPRoute or inherited from its parent Gateways -func HostnamesFromHTTPRoute(ctx context.Context, route *gatewayapiv1beta1.HTTPRoute, cli client.Client) ([]string, error) { +func HostnamesFromHTTPRoute(ctx context.Context, route *gatewayapiv1.HTTPRoute, cli client.Client) ([]string, error) { if len(route.Spec.Hostnames) > 0 { return RouteHostnames(route), nil } @@ -552,7 +552,7 @@ func HostnamesFromHTTPRoute(ctx context.Context, route *gatewayapiv1beta1.HTTPRo if (ref.Kind != nil && *ref.Kind != "Gateway") || (ref.Group != nil && *ref.Group != "gateway.networking.k8s.io") { continue } - gw := &gatewayapiv1beta1.Gateway{} + gw := &gatewayapiv1.Gateway{} ns := route.Namespace if ref.Namespace != nil { ns = string(*ref.Namespace) @@ -587,11 +587,11 @@ func ValidateHierarchicalRules(policy KuadrantPolicy, targetNetworkObject client return nil } -func GetGatewayWorkloadSelector(ctx context.Context, cli client.Client, gateway *gatewayapiv1beta1.Gateway) (map[string]string, error) { +func GetGatewayWorkloadSelector(ctx context.Context, cli client.Client, gateway *gatewayapiv1.Gateway) (map[string]string, error) { address, found := Find( gateway.Status.Addresses, - func(address gatewayapiv1beta1.GatewayAddress) bool { - return address.Type != nil && *address.Type == gatewayapiv1beta1.HostnameAddressType + func(address gatewayapiv1.GatewayStatusAddress) bool { + return address.Type != nil && *address.Type == gatewayapiv1.HostnameAddressType }, ) if !found { @@ -605,7 +605,7 @@ func GetGatewayWorkloadSelector(ctx context.Context, cli client.Client, gateway return GetServiceWorkloadSelector(ctx, cli, serviceKey) } -func IsHTTPRouteAccepted(httpRoute *gatewayapiv1beta1.HTTPRoute) bool { +func IsHTTPRouteAccepted(httpRoute *gatewayapiv1.HTTPRoute) bool { if httpRoute == nil { return false } @@ -617,7 +617,7 @@ func IsHTTPRouteAccepted(httpRoute *gatewayapiv1beta1.HTTPRoute) bool { // Check HTTProute parents (gateways) in the status object // if any of the current parent gateways reports not "Admitted", return false for _, parentRef := range httpRoute.Spec.CommonRouteSpec.ParentRefs { - routeParentStatus := func(pRef gatewayapiv1beta1.ParentReference) *gatewayapiv1beta1.RouteParentStatus { + routeParentStatus := func(pRef gatewayapiv1.ParentReference) *gatewayapiv1.RouteParentStatus { for idx := range httpRoute.Status.RouteStatus.Parents { if reflect.DeepEqual(pRef, httpRoute.Status.RouteStatus.Parents[idx].ParentRef) { return &httpRoute.Status.RouteStatus.Parents[idx] diff --git a/pkg/common/gatewayapi_utils_test.go b/pkg/common/gatewayapi_utils_test.go index 5309baeba..b0e976a78 100644 --- a/pkg/common/gatewayapi_utils_test.go +++ b/pkg/common/gatewayapi_utils_test.go @@ -15,14 +15,14 @@ import ( k8stypes "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" ) func TestRouteHostnames(t *testing.T) { testCases := []struct { name string - route *gatewayapiv1beta1.HTTPRoute + route *gatewayapiv1.HTTPRoute expected []string }{ { @@ -32,8 +32,8 @@ func TestRouteHostnames(t *testing.T) { }, { "nil hostname", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ Hostnames: nil, }, }, @@ -41,9 +41,9 @@ func TestRouteHostnames(t *testing.T) { }, { "basic", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Hostnames: []gatewayapiv1beta1.Hostname{"*.com", "example.net", "test.example.net"}, + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Hostnames: []gatewayapiv1.Hostname{"*.com", "example.net", "test.example.net"}, }, }, []string{"*.com", "example.net", "test.example.net"}, @@ -61,30 +61,30 @@ func TestRouteHostnames(t *testing.T) { func TestRulesFromHTTPRoute(t *testing.T) { var ( - getMethod = "GET" - catsPath = "/cats" - dogsPath = "/dogs" - rabbitsPath = "/rabbits" - getHTTPMethod gatewayapiv1beta1.HTTPMethod = "GET" - postHTTPMethod gatewayapiv1beta1.HTTPMethod = "POST" - pathPrefix = gatewayapiv1beta1.PathMatchPathPrefix - pathExact = gatewayapiv1beta1.PathMatchExact - catsPrefixPatchMatch = gatewayapiv1beta1.HTTPPathMatch{ + getMethod = "GET" + catsPath = "/cats" + dogsPath = "/dogs" + rabbitsPath = "/rabbits" + getHTTPMethod gatewayapiv1.HTTPMethod = "GET" + postHTTPMethod gatewayapiv1.HTTPMethod = "POST" + pathPrefix = gatewayapiv1.PathMatchPathPrefix + pathExact = gatewayapiv1.PathMatchExact + catsPrefixPatchMatch = gatewayapiv1.HTTPPathMatch{ Type: &pathPrefix, Value: &catsPath, } - dogsExactPatchMatch = gatewayapiv1beta1.HTTPPathMatch{ + dogsExactPatchMatch = gatewayapiv1.HTTPPathMatch{ Type: &pathExact, Value: &dogsPath, } - rabbitsPrefixPatchMatch = gatewayapiv1beta1.HTTPPathMatch{ + rabbitsPrefixPatchMatch = gatewayapiv1.HTTPPathMatch{ Value: &rabbitsPath, } ) testCases := []struct { name string - route *gatewayapiv1beta1.HTTPRoute + route *gatewayapiv1.HTTPRoute expected []HTTPRouteRule }{ { @@ -94,31 +94,31 @@ func TestRulesFromHTTPRoute(t *testing.T) { }, { "nil rules", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ Rules: nil, - Hostnames: []gatewayapiv1beta1.Hostname{"*.com"}, + Hostnames: []gatewayapiv1.Hostname{"*.com"}, }, }, []HTTPRouteRule{{Hosts: []string{"*.com"}}}, }, { "empty rules", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Rules: make([]gatewayapiv1beta1.HTTPRouteRule, 0), - Hostnames: []gatewayapiv1beta1.Hostname{"*.com"}, + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Rules: make([]gatewayapiv1.HTTPRouteRule, 0), + Hostnames: []gatewayapiv1.Hostname{"*.com"}, }, }, []HTTPRouteRule{{Hosts: []string{"*.com"}}}, }, { "with method", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { Method: &getHTTPMethod, }, @@ -134,11 +134,11 @@ func TestRulesFromHTTPRoute(t *testing.T) { }, { "with path", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { Path: &catsPrefixPatchMatch, }, @@ -154,11 +154,11 @@ func TestRulesFromHTTPRoute(t *testing.T) { }, { "with path and default path match type", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { Path: &rabbitsPrefixPatchMatch, }, @@ -174,13 +174,13 @@ func TestRulesFromHTTPRoute(t *testing.T) { }, { "no paths or methods", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Headers: []gatewayapiv1.HTTPHeaderMatch{ { Name: "someheader", Value: "somevalue", @@ -190,21 +190,21 @@ func TestRulesFromHTTPRoute(t *testing.T) { }, }, }, - Hostnames: []gatewayapiv1beta1.Hostname{"*.com"}, + Hostnames: []gatewayapiv1.Hostname{"*.com"}, }, }, []HTTPRouteRule{{Hosts: []string{"*.com"}}}, }, { "basic", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Hostnames: []gatewayapiv1beta1.Hostname{"*.com"}, - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Hostnames: []gatewayapiv1.Hostname{"*.com"}, + Rules: []gatewayapiv1.HTTPRouteRule{ { // GET /cats* // POST /dogs - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { Path: &catsPrefixPatchMatch, Method: &getHTTPMethod, @@ -246,30 +246,30 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { testCases := []struct { name string selector HTTPRouteRuleSelector - rule gatewayapiv1beta1.HTTPRouteRule + rule gatewayapiv1.HTTPRouteRule expected bool }{ { name: "when the httproutrule contains the exact match then return true", selector: HTTPRouteRuleSelector{ - HTTPRouteMatch: &gatewayapiv1beta1.HTTPRouteMatch{ - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + HTTPRouteMatch: &gatewayapiv1.HTTPRouteMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, }, }, }, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, @@ -282,17 +282,17 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { { name: "when the httproutrule contains the exact match and more then return true", selector: HTTPRouteRuleSelector{ - HTTPRouteMatch: &gatewayapiv1beta1.HTTPRouteMatch{ - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], + HTTPRouteMatch: &gatewayapiv1.HTTPRouteMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], }, }, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, @@ -305,29 +305,29 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { { name: "when the httproutrule contains all the matching headers and more then return true", selector: HTTPRouteRuleSelector{ - HTTPRouteMatch: &gatewayapiv1beta1.HTTPRouteMatch{ - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + HTTPRouteMatch: &gatewayapiv1.HTTPRouteMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, }, }, }, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchRegularExpression}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchRegularExpression}[0], Name: "someotherheader", Value: "someregex.*", }, @@ -340,24 +340,24 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { { name: "when the httproutrule contains an inexact match then return false", selector: HTTPRouteRuleSelector{ - HTTPRouteMatch: &gatewayapiv1beta1.HTTPRouteMatch{ - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + HTTPRouteMatch: &gatewayapiv1.HTTPRouteMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, }, }, }, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodPost}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodPost}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, @@ -369,10 +369,10 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { }, { name: "when the httproutrule is empty then return false", - rule: gatewayapiv1beta1.HTTPRouteRule{}, + rule: gatewayapiv1.HTTPRouteRule{}, selector: HTTPRouteRuleSelector{ - HTTPRouteMatch: &gatewayapiv1beta1.HTTPRouteMatch{ - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], + HTTPRouteMatch: &gatewayapiv1.HTTPRouteMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], }, }, expected: false, @@ -380,13 +380,13 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { { name: "when the selector is empty then return true", selector: HTTPRouteRuleSelector{}, - rule: gatewayapiv1beta1.HTTPRouteRule{ - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + rule: gatewayapiv1.HTTPRouteRule{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - Headers: []gatewayapiv1beta1.HTTPHeaderMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + Headers: []gatewayapiv1.HTTPHeaderMatch{ { - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "someheader", Value: "somevalue", }, @@ -416,14 +416,14 @@ func TestHTTPRouteRuleSelectorSelects(t *testing.T) { func TestHTTPPathMatchToString(t *testing.T) { testCases := []struct { name string - input *gatewayapiv1beta1.HTTPPathMatch + input *gatewayapiv1.HTTPPathMatch expected string }{ { name: "exact path match", - input: &[]gatewayapiv1beta1.HTTPPathMatch{ + input: &[]gatewayapiv1.HTTPPathMatch{ { - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchExact}[0], + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchExact}[0], Value: &[]string{"/foo"}[0], }, }[0], @@ -431,9 +431,9 @@ func TestHTTPPathMatchToString(t *testing.T) { }, { name: "regex path match", - input: &[]gatewayapiv1beta1.HTTPPathMatch{ + input: &[]gatewayapiv1.HTTPPathMatch{ { - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchRegularExpression}[0], + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchRegularExpression}[0], Value: &[]string{"^\\/foo.*"}[0], }, }[0], @@ -441,9 +441,9 @@ func TestHTTPPathMatchToString(t *testing.T) { }, { name: "path prefix match", - input: &[]gatewayapiv1beta1.HTTPPathMatch{ + input: &[]gatewayapiv1.HTTPPathMatch{ { - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/foo"}[0], }, }[0], @@ -451,7 +451,7 @@ func TestHTTPPathMatchToString(t *testing.T) { }, { name: "path match with default type", - input: &[]gatewayapiv1beta1.HTTPPathMatch{ + input: &[]gatewayapiv1.HTTPPathMatch{ { Value: &[]string{"/foo"}[0], }, @@ -476,13 +476,13 @@ func TestHTTPPathMatchToString(t *testing.T) { func TestHTTPHeaderMatchToString(t *testing.T) { testCases := []struct { name string - input gatewayapiv1beta1.HTTPHeaderMatch + input gatewayapiv1.HTTPHeaderMatch expected string }{ { name: "exact header match", - input: gatewayapiv1beta1.HTTPHeaderMatch{ - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchExact}[0], + input: gatewayapiv1.HTTPHeaderMatch{ + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchExact}[0], Name: "some-header", Value: "foo", }, @@ -490,8 +490,8 @@ func TestHTTPHeaderMatchToString(t *testing.T) { }, { name: "regex header match", - input: gatewayapiv1beta1.HTTPHeaderMatch{ - Type: &[]gatewayapiv1beta1.HeaderMatchType{gatewayapiv1beta1.HeaderMatchRegularExpression}[0], + input: gatewayapiv1.HTTPHeaderMatch{ + Type: &[]gatewayapiv1.HeaderMatchType{gatewayapiv1.HeaderMatchRegularExpression}[0], Name: "some-header", Value: "^foo.*", }, @@ -499,7 +499,7 @@ func TestHTTPHeaderMatchToString(t *testing.T) { }, { name: "header match with default type", - input: gatewayapiv1beta1.HTTPHeaderMatch{ + input: gatewayapiv1.HTTPHeaderMatch{ Name: "some-header", Value: "foo", }, @@ -518,13 +518,13 @@ func TestHTTPHeaderMatchToString(t *testing.T) { func TestHTTPQueryParamMatchToString(t *testing.T) { testCases := []struct { name string - input gatewayapiv1beta1.HTTPQueryParamMatch + input gatewayapiv1.HTTPQueryParamMatch expected string }{ { name: "exact query param match", - input: gatewayapiv1beta1.HTTPQueryParamMatch{ - Type: &[]gatewayapiv1beta1.QueryParamMatchType{gatewayapiv1beta1.QueryParamMatchExact}[0], + input: gatewayapiv1.HTTPQueryParamMatch{ + Type: &[]gatewayapiv1.QueryParamMatchType{gatewayapiv1.QueryParamMatchExact}[0], Name: "some-param", Value: "foo", }, @@ -532,8 +532,8 @@ func TestHTTPQueryParamMatchToString(t *testing.T) { }, { name: "regex query param match", - input: gatewayapiv1beta1.HTTPQueryParamMatch{ - Type: &[]gatewayapiv1beta1.QueryParamMatchType{gatewayapiv1beta1.QueryParamMatchRegularExpression}[0], + input: gatewayapiv1.HTTPQueryParamMatch{ + Type: &[]gatewayapiv1.QueryParamMatchType{gatewayapiv1.QueryParamMatchRegularExpression}[0], Name: "some-param", Value: "^foo.*", }, @@ -541,7 +541,7 @@ func TestHTTPQueryParamMatchToString(t *testing.T) { }, { name: "query param match with default type", - input: gatewayapiv1beta1.HTTPQueryParamMatch{ + input: gatewayapiv1.HTTPQueryParamMatch{ Name: "some-param", Value: "foo", }, @@ -559,43 +559,43 @@ func TestHTTPQueryParamMatchToString(t *testing.T) { func TestHTTPMethodToString(t *testing.T) { testCases := []struct { - input *gatewayapiv1beta1.HTTPMethod + input *gatewayapiv1.HTTPMethod expected string }{ { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], expected: "GET", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodHead}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodHead}[0], expected: "HEAD", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodPost}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodPost}[0], expected: "POST", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodPut}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodPut}[0], expected: "PUT", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodPatch}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodPatch}[0], expected: "PATCH", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodDelete}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodDelete}[0], expected: "DELETE", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodConnect}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodConnect}[0], expected: "CONNECT", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodOptions}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodOptions}[0], expected: "OPTIONS", }, { - input: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodTrace}[0], + input: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodTrace}[0], expected: "TRACE", }, { @@ -611,15 +611,15 @@ func TestHTTPMethodToString(t *testing.T) { } func TestHTTPRouteMatchToString(t *testing.T) { - match := gatewayapiv1beta1.HTTPRouteMatch{ - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchExact}[0], + match := gatewayapiv1.HTTPRouteMatch{ + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchExact}[0], Value: &[]string{"/foo"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - QueryParams: []gatewayapiv1beta1.HTTPQueryParamMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + QueryParams: []gatewayapiv1.HTTPQueryParamMatch{ { - Type: &[]gatewayapiv1beta1.QueryParamMatchType{gatewayapiv1beta1.QueryParamMatchRegularExpression}[0], + Type: &[]gatewayapiv1.QueryParamMatchType{gatewayapiv1.QueryParamMatchRegularExpression}[0], Name: "page", Value: "\\d+", }, @@ -632,7 +632,7 @@ func TestHTTPRouteMatchToString(t *testing.T) { t.Errorf("expected: %s, got: %s", expected, r) } - match.Headers = []gatewayapiv1beta1.HTTPHeaderMatch{ + match.Headers = []gatewayapiv1.HTTPHeaderMatch{ { Name: "x-foo", Value: "bar", @@ -647,7 +647,7 @@ func TestHTTPRouteMatchToString(t *testing.T) { } func TestHTTPRouteRuleToString(t *testing.T) { - rule := gatewayapiv1beta1.HTTPRouteRule{} + rule := gatewayapiv1.HTTPRouteRule{} expected := "{matches:[]}" @@ -655,16 +655,16 @@ func TestHTTPRouteRuleToString(t *testing.T) { t.Errorf("expected: %s, got: %s", expected, r) } - rule.Matches = []gatewayapiv1beta1.HTTPRouteMatch{ + rule.Matches = []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchExact}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchExact}[0], Value: &[]string{"/foo"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{gatewayapiv1beta1.HTTPMethodGet}[0], - QueryParams: []gatewayapiv1beta1.HTTPQueryParamMatch{ + Method: &[]gatewayapiv1.HTTPMethod{gatewayapiv1.HTTPMethodGet}[0], + QueryParams: []gatewayapiv1.HTTPQueryParamMatch{ { - Type: &[]gatewayapiv1beta1.QueryParamMatchType{gatewayapiv1beta1.QueryParamMatchRegularExpression}[0], + Type: &[]gatewayapiv1.QueryParamMatchType{gatewayapiv1.QueryParamMatchRegularExpression}[0], Name: "page", Value: "\\d+", }, @@ -680,8 +680,8 @@ func TestHTTPRouteRuleToString(t *testing.T) { } func TestGatewaysMissingPolicyRef(t *testing.T) { - gwList := &gatewayapiv1beta1.GatewayList{ - Items: []gatewayapiv1beta1.Gateway{ + gwList := &gatewayapiv1.GatewayList{ + Items: []gatewayapiv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", @@ -755,8 +755,8 @@ func TestGatewaysMissingPolicyRef(t *testing.T) { } func TestGatewaysWithValidPolicyRef(t *testing.T) { - gwList := &gatewayapiv1beta1.GatewayList{ - Items: []gatewayapiv1beta1.Gateway{ + gwList := &gatewayapiv1.GatewayList{ + Items: []gatewayapiv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", @@ -830,8 +830,8 @@ func TestGatewaysWithValidPolicyRef(t *testing.T) { } func TestGatewaysWithInvalidPolicyRef(t *testing.T) { - gwList := &gatewayapiv1beta1.GatewayList{ - Items: []gatewayapiv1beta1.Gateway{ + gwList := &gatewayapiv1.GatewayList{ + Items: []gatewayapiv1.Gateway{ { ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", @@ -906,7 +906,7 @@ func TestGatewaysWithInvalidPolicyRef(t *testing.T) { func TestGatewayWrapperKey(t *testing.T) { gw := GatewayWrapper{ - Gateway: &gatewayapiv1beta1.Gateway{ + Gateway: &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", @@ -922,7 +922,7 @@ func TestGatewayWrapperKey(t *testing.T) { func TestGatewayWrapperPolicyRefs(t *testing.T) { gw := GatewayWrapper{ - Gateway: &gatewayapiv1beta1.Gateway{ + Gateway: &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", @@ -945,7 +945,7 @@ func TestGatewayWrapperPolicyRefs(t *testing.T) { func TestGatewayWrapperContainsPolicy(t *testing.T) { gw := GatewayWrapper{ - Gateway: &gatewayapiv1beta1.Gateway{ + Gateway: &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", @@ -966,7 +966,7 @@ func TestGatewayWrapperContainsPolicy(t *testing.T) { } func TestGatewayWrapperAddPolicy(t *testing.T) { - gateway := gatewayapiv1beta1.Gateway{ + gateway := gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", @@ -989,7 +989,7 @@ func TestGatewayWrapperAddPolicy(t *testing.T) { } func TestGatewayDeletePolicy(t *testing.T) { - gateway := gatewayapiv1beta1.Gateway{ + gateway := gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", @@ -1012,15 +1012,15 @@ func TestGatewayDeletePolicy(t *testing.T) { } func TestGatewayHostnames(t *testing.T) { - hostname := gatewayapiv1beta1.Hostname("toystore.com") - gateway := gatewayapiv1beta1.Gateway{ + hostname := gatewayapiv1.Hostname("toystore.com") + gateway := gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", Annotations: map[string]string{"kuadrant.io/ratelimitpolicies": `[{"Namespace":"app-ns","Name":"policy-1"},{"Namespace":"app-ns","Name":"policy-2"}]`}, }, - Spec: gatewayapiv1beta1.GatewaySpec{ - Listeners: []gatewayapiv1beta1.Listener{ + Spec: gatewayapiv1.GatewaySpec{ + Listeners: []gatewayapiv1.Listener{ { Name: "my-listener", Hostname: &hostname, @@ -1043,7 +1043,7 @@ func TestGatewayHostnames(t *testing.T) { func TestGatewayWrapperPolicyRefsAnnotation(t *testing.T) { gw := GatewayWrapper{ - Gateway: &gatewayapiv1beta1.Gateway{ + Gateway: &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "gw-ns", Name: "gw-1", @@ -1058,8 +1058,8 @@ func TestGatewayWrapperPolicyRefsAnnotation(t *testing.T) { } func TestGetGatewayWorkloadSelector(t *testing.T) { - hostnameAddress := gatewayapiv1beta1.AddressType("Hostname") - gateway := &gatewayapiv1beta1.Gateway{ + hostnameAddress := gatewayapiv1.AddressType("Hostname") + gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "my-ns", Name: "my-gw", @@ -1068,8 +1068,8 @@ func TestGetGatewayWorkloadSelector(t *testing.T) { "control-plane": "kuadrant", }, }, - Status: gatewayapiv1beta1.GatewayStatus{ - Addresses: []gatewayapiv1beta1.GatewayAddress{ + Status: gatewayapiv1.GatewayStatus{ + Addresses: []gatewayapiv1.GatewayStatusAddress{ { Type: &hostnameAddress, Value: "my-gw-svc.my-ns.svc.cluster.local:80", @@ -1095,7 +1095,7 @@ func TestGetGatewayWorkloadSelector(t *testing.T) { scheme := runtime.NewScheme() _ = corev1.AddToScheme(scheme) - _ = gatewayapiv1beta1.AddToScheme(scheme) + _ = gatewayapiv1.AddToScheme(scheme) k8sClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(gateway, service).Build() var selector map[string]string @@ -1108,7 +1108,7 @@ func TestGetGatewayWorkloadSelector(t *testing.T) { } func TestGetGatewayWorkloadSelectorWithoutHostnameAddress(t *testing.T) { - gateway := &gatewayapiv1beta1.Gateway{ + gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "my-ns", Name: "my-gw", @@ -1136,7 +1136,7 @@ func TestGetGatewayWorkloadSelectorWithoutHostnameAddress(t *testing.T) { scheme := runtime.NewScheme() _ = corev1.AddToScheme(scheme) - _ = gatewayapiv1beta1.AddToScheme(scheme) + _ = gatewayapiv1.AddToScheme(scheme) k8sClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(gateway, service).Build() var selector map[string]string @@ -1157,7 +1157,7 @@ func (p *FakePolicy) GetTargetRef() gatewayapiv1alpha2.PolicyTargetReference { return gatewayapiv1alpha2.PolicyTargetReference{} } -func (p *FakePolicy) GetWrappedNamespace() gatewayapiv1beta1.Namespace { +func (p *FakePolicy) GetWrappedNamespace() gatewayapiv1.Namespace { return "" } @@ -1166,13 +1166,13 @@ func (p *FakePolicy) GetRulesHostnames() []string { } func TestValidateHierarchicalRules(t *testing.T) { - hostname := gatewayapiv1beta1.Hostname("*.example.com") - gateway := &gatewayapiv1beta1.Gateway{ + hostname := gatewayapiv1.Hostname("*.example.com") + gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "cool-namespace", Name: "cool-gateway", }, - Spec: gatewayapiv1beta1.GatewaySpec{Listeners: []gatewayapiv1beta1.Listener{ + Spec: gatewayapiv1.GatewaySpec{Listeners: []gatewayapiv1.Listener{ { Hostname: &hostname, }, @@ -1202,7 +1202,7 @@ func TestValidateHierarchicalRules(t *testing.T) { func TestIsHTTPRouteAccepted(t *testing.T) { testCases := []struct { name string - route *gatewayapiv1beta1.HTTPRoute + route *gatewayapiv1.HTTPRoute expected bool }{ { @@ -1212,28 +1212,28 @@ func TestIsHTTPRouteAccepted(t *testing.T) { }, { "empty parent refs", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{}, + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{}, }, false, }, { "single parent accepted", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "a", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "a", }, Conditions: []metav1.Condition{ @@ -1251,21 +1251,21 @@ func TestIsHTTPRouteAccepted(t *testing.T) { }, { "single parent not accepted", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "a", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "a", }, Conditions: []metav1.Condition{ @@ -1283,21 +1283,21 @@ func TestIsHTTPRouteAccepted(t *testing.T) { }, { "wrong parent is accepted", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "a", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "b", }, Conditions: []metav1.Condition{ @@ -1315,10 +1315,10 @@ func TestIsHTTPRouteAccepted(t *testing.T) { }, { "multiple parents only one is accepted", - &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "a", }, @@ -1328,11 +1328,11 @@ func TestIsHTTPRouteAccepted(t *testing.T) { }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "a", }, Conditions: []metav1.Condition{ @@ -1343,7 +1343,7 @@ func TestIsHTTPRouteAccepted(t *testing.T) { }, }, { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "b", }, Conditions: []metav1.Condition{ diff --git a/pkg/common/istio_utils.go b/pkg/common/istio_utils.go index 6c69d89c0..d263f401d 100644 --- a/pkg/common/istio_utils.go +++ b/pkg/common/istio_utils.go @@ -6,10 +6,10 @@ import ( "github.com/go-logr/logr" istiocommon "istio.io/api/type/v1beta1" "sigs.k8s.io/controller-runtime/pkg/client" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" ) -func IstioWorkloadSelectorFromGateway(ctx context.Context, k8sClient client.Client, gateway *gatewayapiv1beta1.Gateway) *istiocommon.WorkloadSelector { +func IstioWorkloadSelectorFromGateway(ctx context.Context, k8sClient client.Client, gateway *gatewayapiv1.Gateway) *istiocommon.WorkloadSelector { logger, _ := logr.FromContext(ctx) gatewayWorkloadSelector, err := GetGatewayWorkloadSelector(ctx, k8sClient, gateway) if err != nil { diff --git a/pkg/common/istio_utils_test.go b/pkg/common/istio_utils_test.go index a35a8677c..a4261d0b4 100644 --- a/pkg/common/istio_utils_test.go +++ b/pkg/common/istio_utils_test.go @@ -12,14 +12,14 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/client/fake" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" "github.com/kuadrant/kuadrant-operator/pkg/log" ) func TestIstioWorkloadSelectorFromGateway(t *testing.T) { - hostnameAddress := gatewayapiv1beta1.AddressType("Hostname") - gateway := &gatewayapiv1beta1.Gateway{ + hostnameAddress := gatewayapiv1.AddressType("Hostname") + gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "my-ns", Name: "my-gw", @@ -28,8 +28,8 @@ func TestIstioWorkloadSelectorFromGateway(t *testing.T) { "control-plane": "kuadrant", }, }, - Status: gatewayapiv1beta1.GatewayStatus{ - Addresses: []gatewayapiv1beta1.GatewayAddress{ + Status: gatewayapiv1.GatewayStatus{ + Addresses: []gatewayapiv1.GatewayStatusAddress{ { Type: &hostnameAddress, Value: "my-gw-svc.my-ns.svc.cluster.local:80", @@ -55,7 +55,7 @@ func TestIstioWorkloadSelectorFromGateway(t *testing.T) { scheme := runtime.NewScheme() _ = corev1.AddToScheme(scheme) - _ = gatewayapiv1beta1.AddToScheme(scheme) + _ = gatewayapiv1.AddToScheme(scheme) k8sClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(gateway, service).Build() var selector *istiocommon.WorkloadSelector @@ -67,7 +67,7 @@ func TestIstioWorkloadSelectorFromGateway(t *testing.T) { } func TestIstioWorkloadSelectorFromGatewayMissingHostnameAddress(t *testing.T) { - gateway := &gatewayapiv1beta1.Gateway{ + gateway := &gatewayapiv1.Gateway{ ObjectMeta: metav1.ObjectMeta{ Namespace: "my-ns", Name: "my-gw", @@ -95,7 +95,7 @@ func TestIstioWorkloadSelectorFromGatewayMissingHostnameAddress(t *testing.T) { scheme := runtime.NewScheme() _ = corev1.AddToScheme(scheme) - _ = gatewayapiv1beta1.AddToScheme(scheme) + _ = gatewayapiv1.AddToScheme(scheme) k8sClient := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(gateway, service).Build() var selector *istiocommon.WorkloadSelector diff --git a/pkg/reconcilers/targetref_reconciler.go b/pkg/reconcilers/targetref_reconciler.go index 004371891..fd605c4ab 100644 --- a/pkg/reconcilers/targetref_reconciler.go +++ b/pkg/reconcilers/targetref_reconciler.go @@ -26,8 +26,8 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/common" ) @@ -43,10 +43,10 @@ func (r *TargetRefReconciler) Reconcile(context.Context, ctrl.Request) (ctrl.Res return reconcile.Result{}, nil } -func (r *TargetRefReconciler) FetchValidGateway(ctx context.Context, key client.ObjectKey) (*gatewayapiv1beta1.Gateway, error) { +func (r *TargetRefReconciler) FetchValidGateway(ctx context.Context, key client.ObjectKey) (*gatewayapiv1.Gateway, error) { logger, _ := logr.FromContext(ctx) - gw := &gatewayapiv1beta1.Gateway{} + gw := &gatewayapiv1.Gateway{} err := r.Client().Get(ctx, key, gw) logger.V(1).Info("FetchValidGateway", "gateway", key, "err", err) if err != nil { @@ -60,10 +60,10 @@ func (r *TargetRefReconciler) FetchValidGateway(ctx context.Context, key client. return gw, nil } -func (r *TargetRefReconciler) FetchValidHTTPRoute(ctx context.Context, key client.ObjectKey) (*gatewayapiv1beta1.HTTPRoute, error) { +func (r *TargetRefReconciler) FetchValidHTTPRoute(ctx context.Context, key client.ObjectKey) (*gatewayapiv1.HTTPRoute, error) { logger, _ := logr.FromContext(ctx) - httpRoute := &gatewayapiv1beta1.HTTPRoute{} + httpRoute := &gatewayapiv1.HTTPRoute{} err := r.Client().Get(ctx, key, httpRoute) logger.V(1).Info("FetchValidHTTPRoute", "httpRoute", key, "err", err) if err != nil { @@ -96,11 +96,11 @@ func (r *TargetRefReconciler) FetchValidTargetRef(ctx context.Context, targetRef } // FetchAcceptedGatewayHTTPRoutes returns the list of HTTPRoutes that have been accepted as children of a gateway. -func (r *TargetRefReconciler) FetchAcceptedGatewayHTTPRoutes(ctx context.Context, gwKey client.ObjectKey) (routes []gatewayapiv1beta1.HTTPRoute) { +func (r *TargetRefReconciler) FetchAcceptedGatewayHTTPRoutes(ctx context.Context, gwKey client.ObjectKey) (routes []gatewayapiv1.HTTPRoute) { logger, _ := logr.FromContext(ctx) logger = logger.WithName("FetchAcceptedGatewayHTTPRoutes").WithValues("gateway", gwKey) - routeList := &gatewayapiv1beta1.HTTPRouteList{} + routeList := &gatewayapiv1.HTTPRouteList{} err := r.Client().List(ctx, routeList) if err != nil { logger.V(1).Info("failed to list httproutes", "err", err) @@ -109,7 +109,7 @@ func (r *TargetRefReconciler) FetchAcceptedGatewayHTTPRoutes(ctx context.Context for idx := range routeList.Items { route := routeList.Items[idx] - routeParentStatus, found := common.Find(route.Status.RouteStatus.Parents, func(p gatewayapiv1beta1.RouteParentStatus) bool { + routeParentStatus, found := common.Find(route.Status.RouteStatus.Parents, func(p gatewayapiv1.RouteParentStatus) bool { return *p.ParentRef.Kind == ("Gateway") && ((p.ParentRef.Namespace == nil && route.GetNamespace() == gwKey.Namespace) || string(*p.ParentRef.Namespace) == gwKey.Namespace) && string(p.ParentRef.Name) == gwKey.Name @@ -128,7 +128,7 @@ func (r *TargetRefReconciler) FetchAcceptedGatewayHTTPRoutes(ctx context.Context // TargetedGatewayKeys returns the list of gateways that are being referenced from the target. func (r *TargetRefReconciler) TargetedGatewayKeys(_ context.Context, targetNetworkObject client.Object) []client.ObjectKey { switch obj := targetNetworkObject.(type) { - case *gatewayapiv1beta1.HTTPRoute: + case *gatewayapiv1.HTTPRoute: gwKeys := make([]client.ObjectKey, 0) for _, parentRef := range obj.Spec.CommonRouteSpec.ParentRefs { gwKey := client.ObjectKey{Name: string(parentRef.Name), Namespace: obj.Namespace} @@ -139,7 +139,7 @@ func (r *TargetRefReconciler) TargetedGatewayKeys(_ context.Context, targetNetwo } return gwKeys - case *gatewayapiv1beta1.Gateway: + case *gatewayapiv1.Gateway: return []client.ObjectKey{client.ObjectKeyFromObject(targetNetworkObject)} // If the targetNetworkObject is nil, we don't fail; instead, we return an empty slice of gateway keys. @@ -207,7 +207,7 @@ func (r *TargetRefReconciler) GetAllGatewayPolicyRefs(ctx context.Context, polic var uniquePolicyRefs map[string]struct{} var policyRefs []client.ObjectKey - gwList := &gatewayapiv1beta1.GatewayList{} + gwList := &gatewayapiv1.GatewayList{} if err := r.Client().List(ctx, gwList); err != nil { return nil, err } @@ -249,7 +249,7 @@ func (r *TargetRefReconciler) ComputeGatewayDiffs(ctx context.Context, policy co } // TODO(rahulanand16nov): maybe think about optimizing it with a label later - allGwList := &gatewayapiv1beta1.GatewayList{} + allGwList := &gatewayapiv1.GatewayList{} err := r.Client().List(ctx, allGwList) if err != nil { return nil, err diff --git a/pkg/reconcilers/targetref_reconciler_test.go b/pkg/reconcilers/targetref_reconciler_test.go index 46cff300e..c39fce7d1 100644 --- a/pkg/reconcilers/targetref_reconciler_test.go +++ b/pkg/reconcilers/targetref_reconciler_test.go @@ -31,8 +31,8 @@ import ( "k8s.io/client-go/tools/record" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/fake" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" gatewayapiv1alpha2 "sigs.k8s.io/gateway-api/apis/v1alpha2" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/log" ) @@ -50,24 +50,24 @@ func TestFetchValidGateway(t *testing.T) { if err != nil { t.Fatal(err) } - err = gatewayapiv1beta1.AddToScheme(s) + err = gatewayapiv1.AddToScheme(s) if err != nil { t.Fatal(err) } - existingGateway := &gatewayapiv1beta1.Gateway{ + existingGateway := &gatewayapiv1.Gateway{ TypeMeta: metav1.TypeMeta{ - APIVersion: "gateway.networking.k8s.io/v1beta1", + APIVersion: gatewayapiv1.GroupName, Kind: "Gateway", }, ObjectMeta: metav1.ObjectMeta{ Name: gwName, Namespace: namespace, }, - Spec: gatewayapiv1beta1.GatewaySpec{ + Spec: gatewayapiv1.GatewaySpec{ GatewayClassName: "istio", }, - Status: gatewayapiv1beta1.GatewayStatus{ + Status: gatewayapiv1.GatewayStatus{ Conditions: []metav1.Condition{ { Type: "Ready", @@ -119,34 +119,34 @@ func TestFetchValidHTTPRoute(t *testing.T) { if err != nil { t.Fatal(err) } - err = gatewayapiv1beta1.AddToScheme(s) + err = gatewayapiv1.AddToScheme(s) if err != nil { t.Fatal(err) } - existingRoute := &gatewayapiv1beta1.HTTPRoute{ + existingRoute := &gatewayapiv1.HTTPRoute{ TypeMeta: metav1.TypeMeta{ - APIVersion: "gateway.networking.k8s.io/v1beta1", + APIVersion: gatewayapiv1.GroupName, Kind: "HTTPRoute", }, ObjectMeta: metav1.ObjectMeta{ Name: routeName, Namespace: namespace, }, - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "gwName", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "gwName", }, Conditions: []metav1.Condition{ @@ -203,40 +203,40 @@ func TestFetchValidTargetRef(t *testing.T) { if err != nil { t.Fatal(err) } - err = gatewayapiv1beta1.AddToScheme(s) + err = gatewayapiv1.AddToScheme(s) if err != nil { t.Fatal(err) } targetRef := gatewayapiv1alpha2.PolicyTargetReference{ - Group: "gateway.networking.k8s.io", + Group: gatewayapiv1.GroupName, Kind: "HTTPRoute", - Name: gatewayapiv1beta1.ObjectName(routeName), + Name: gatewayapiv1.ObjectName(routeName), } - existingRoute := &gatewayapiv1beta1.HTTPRoute{ + existingRoute := &gatewayapiv1.HTTPRoute{ TypeMeta: metav1.TypeMeta{ - APIVersion: "gateway.networking.k8s.io/v1beta1", + APIVersion: gatewayapiv1.GroupName, Kind: "HTTPRoute", }, ObjectMeta: metav1.ObjectMeta{ Name: routeName, Namespace: namespace, }, - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "gwName", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "gwName", }, Conditions: []metav1.Condition{ @@ -274,7 +274,7 @@ func TestFetchValidTargetRef(t *testing.T) { } switch obj := res.(type) { - case *gatewayapiv1beta1.HTTPRoute: + case *gatewayapiv1.HTTPRoute: if !reflect.DeepEqual(obj.Spec, existingRoute.Spec) { t.Fatal("res spec not as expected") } @@ -297,36 +297,36 @@ func TestReconcileTargetBackReference(t *testing.T) { if err != nil { t.Fatal(err) } - err = gatewayapiv1beta1.AddToScheme(s) + err = gatewayapiv1.AddToScheme(s) if err != nil { t.Fatal(err) } policyKey := client.ObjectKey{Name: "someName", Namespace: "someNamespace"} - existingRoute := &gatewayapiv1beta1.HTTPRoute{ + existingRoute := &gatewayapiv1.HTTPRoute{ TypeMeta: metav1.TypeMeta{ - APIVersion: "gateway.networking.k8s.io/v1beta1", + APIVersion: gatewayapiv1.GroupName, Kind: "HTTPRoute", }, ObjectMeta: metav1.ObjectMeta{ Name: routeName, Namespace: namespace, }, - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "gwName", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "gwName", }, Conditions: []metav1.Condition{ @@ -359,7 +359,7 @@ func TestReconcileTargetBackReference(t *testing.T) { t.Fatal(err) } - res := &gatewayapiv1beta1.HTTPRoute{} + res := &gatewayapiv1.HTTPRoute{} err = cl.Get(ctx, client.ObjectKey{Name: routeName, Namespace: namespace}, res) if err != nil { t.Fatal(err) @@ -396,34 +396,34 @@ func TestTargetedGatewayKeys(t *testing.T) { if err != nil { t.Fatal(err) } - err = gatewayapiv1beta1.AddToScheme(s) + err = gatewayapiv1.AddToScheme(s) if err != nil { t.Fatal(err) } - existingRoute := &gatewayapiv1beta1.HTTPRoute{ + existingRoute := &gatewayapiv1.HTTPRoute{ TypeMeta: metav1.TypeMeta{ - APIVersion: "gateway.networking.k8s.io/v1beta1", + APIVersion: gatewayapiv1.GroupName, Kind: "HTTPRoute", }, ObjectMeta: metav1.ObjectMeta{ Name: routeName, Namespace: namespace, }, - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "gwName", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "gwName", }, Conditions: []metav1.Condition{ @@ -478,14 +478,14 @@ func TestDeleteTargetBackReference(t *testing.T) { if err != nil { t.Fatal(err) } - err = gatewayapiv1beta1.AddToScheme(s) + err = gatewayapiv1.AddToScheme(s) if err != nil { t.Fatal(err) } - existingRoute := &gatewayapiv1beta1.HTTPRoute{ + existingRoute := &gatewayapiv1.HTTPRoute{ TypeMeta: metav1.TypeMeta{ - APIVersion: "gateway.networking.k8s.io/v1beta1", + APIVersion: gatewayapiv1.GroupName, Kind: "HTTPRoute", }, ObjectMeta: metav1.ObjectMeta{ @@ -495,20 +495,20 @@ func TestDeleteTargetBackReference(t *testing.T) { annotationName: "annotationValue", }, }, - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - CommonRouteSpec: gatewayapiv1beta1.CommonRouteSpec{ - ParentRefs: []gatewayapiv1beta1.ParentReference{ + Spec: gatewayapiv1.HTTPRouteSpec{ + CommonRouteSpec: gatewayapiv1.CommonRouteSpec{ + ParentRefs: []gatewayapiv1.ParentReference{ { Name: "gwName", }, }, }, }, - Status: gatewayapiv1beta1.HTTPRouteStatus{ - RouteStatus: gatewayapiv1beta1.RouteStatus{ - Parents: []gatewayapiv1beta1.RouteParentStatus{ + Status: gatewayapiv1.HTTPRouteStatus{ + RouteStatus: gatewayapiv1.RouteStatus{ + Parents: []gatewayapiv1.RouteParentStatus{ { - ParentRef: gatewayapiv1beta1.ParentReference{ + ParentRef: gatewayapiv1.ParentReference{ Name: "gwName", }, Conditions: []metav1.Condition{ @@ -541,7 +541,7 @@ func TestDeleteTargetBackReference(t *testing.T) { t.Fatal(err) } - res := &gatewayapiv1beta1.HTTPRoute{} + res := &gatewayapiv1.HTTPRoute{} err = cl.Get(ctx, client.ObjectKey{Name: routeName, Namespace: namespace}, res) if err != nil { t.Fatal(err) diff --git a/pkg/rlptools/wasm/types.go b/pkg/rlptools/wasm/types.go index 98f184895..52deee790 100644 --- a/pkg/rlptools/wasm/types.go +++ b/pkg/rlptools/wasm/types.go @@ -4,16 +4,16 @@ import ( "encoding/json" _struct "google.golang.org/protobuf/types/known/structpb" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" ) var ( - PathMatchTypeMap = map[gatewayapiv1beta1.PathMatchType]PatternOperator{ - gatewayapiv1beta1.PathMatchExact: PatternOperator(kuadrantv1beta2.EqualOperator), - gatewayapiv1beta1.PathMatchPathPrefix: PatternOperator(kuadrantv1beta2.StartsWithOperator), - gatewayapiv1beta1.PathMatchRegularExpression: PatternOperator(kuadrantv1beta2.MatchesOperator), + PathMatchTypeMap = map[gatewayapiv1.PathMatchType]PatternOperator{ + gatewayapiv1.PathMatchExact: PatternOperator(kuadrantv1beta2.EqualOperator), + gatewayapiv1.PathMatchPathPrefix: PatternOperator(kuadrantv1beta2.StartsWithOperator), + gatewayapiv1.PathMatchRegularExpression: PatternOperator(kuadrantv1beta2.MatchesOperator), } ) diff --git a/pkg/rlptools/wasm_utils.go b/pkg/rlptools/wasm_utils.go index ea3c5e59d..0072985da 100644 --- a/pkg/rlptools/wasm_utils.go +++ b/pkg/rlptools/wasm_utils.go @@ -11,7 +11,7 @@ import ( istioclientgoextensionv1alpha1 "istio.io/client-go/pkg/apis/extensions/v1alpha1" "k8s.io/utils/env" "sigs.k8s.io/controller-runtime/pkg/client" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/rlptools/wasm" @@ -24,7 +24,7 @@ var ( // WasmRules computes WASM rules from the policy and the targeted route. // It returns an empty list of wasm rules if the policy specifies no limits or if all limits specified in the policy // fail to match any route rule according to the limits route selectors. -func WasmRules(rlp *kuadrantv1beta2.RateLimitPolicy, route *gatewayapiv1beta1.HTTPRoute) []wasm.Rule { +func WasmRules(rlp *kuadrantv1beta2.RateLimitPolicy, route *gatewayapiv1.HTTPRoute) []wasm.Rule { rules := make([]wasm.Rule, 0) if rlp == nil { return rules @@ -43,7 +43,7 @@ func WasmRules(rlp *kuadrantv1beta2.RateLimitPolicy, route *gatewayapiv1beta1.HT return rules } -func ruleFromLimit(limitIdentifier string, limit *kuadrantv1beta2.Limit, route *gatewayapiv1beta1.HTTPRoute) (wasm.Rule, error) { +func ruleFromLimit(limitIdentifier string, limit *kuadrantv1beta2.Limit, route *gatewayapiv1.HTTPRoute) (wasm.Rule, error) { rule := wasm.Rule{} conditions, err := conditionsFromLimit(limit, route) @@ -60,7 +60,7 @@ func ruleFromLimit(limitIdentifier string, limit *kuadrantv1beta2.Limit, route * return rule, nil } -func conditionsFromLimit(limit *kuadrantv1beta2.Limit, route *gatewayapiv1beta1.HTTPRoute) ([]wasm.Condition, error) { +func conditionsFromLimit(limit *kuadrantv1beta2.Limit, route *gatewayapiv1.HTTPRoute) ([]wasm.Condition, error) { if limit == nil { return nil, errors.New("limit should not be nil") } @@ -119,7 +119,7 @@ func conditionsFromLimit(limit *kuadrantv1beta2.Limit, route *gatewayapiv1beta1. // each combination of a rule match and hostname yields one condition // rules that specify no explicit match are assumed to match all request (i.e. implicit catch-all rule) // empty list of hostnames yields a condition without a hostname pattern expression -func conditionsFromRule(rule gatewayapiv1beta1.HTTPRouteRule, hostnames []gatewayapiv1beta1.Hostname) (conditions []wasm.Condition) { +func conditionsFromRule(rule gatewayapiv1.HTTPRouteRule, hostnames []gatewayapiv1.Hostname) (conditions []wasm.Condition) { if len(rule.Matches) == 0 { for _, hostname := range hostnames { if hostname == "*" { @@ -152,7 +152,7 @@ func conditionsFromRule(rule gatewayapiv1beta1.HTTPRouteRule, hostnames []gatewa return } -func patternExpresionsFromMatch(match gatewayapiv1beta1.HTTPRouteMatch) []wasm.PatternExpression { +func patternExpresionsFromMatch(match gatewayapiv1.HTTPRouteMatch) []wasm.PatternExpression { expressions := make([]wasm.PatternExpression, 0) if match.Path != nil { @@ -168,7 +168,7 @@ func patternExpresionsFromMatch(match gatewayapiv1beta1.HTTPRouteMatch) []wasm.P return expressions } -func patternExpresionFromPathMatch(pathMatch gatewayapiv1beta1.HTTPPathMatch) wasm.PatternExpression { +func patternExpresionFromPathMatch(pathMatch gatewayapiv1.HTTPPathMatch) wasm.PatternExpression { var ( operator = wasm.PatternOperator(kuadrantv1beta2.StartsWithOperator) // default value value = "/" // default value @@ -191,7 +191,7 @@ func patternExpresionFromPathMatch(pathMatch gatewayapiv1beta1.HTTPPathMatch) wa } } -func patternExpresionFromMethod(method gatewayapiv1beta1.HTTPMethod) wasm.PatternExpression { +func patternExpresionFromMethod(method gatewayapiv1.HTTPMethod) wasm.PatternExpression { return wasm.PatternExpression{ Selector: "request.method", Operator: wasm.PatternOperator(kuadrantv1beta2.EqualOperator), @@ -199,7 +199,7 @@ func patternExpresionFromMethod(method gatewayapiv1beta1.HTTPMethod) wasm.Patter } } -func patternExpresionFromHostname(hostname gatewayapiv1beta1.Hostname) wasm.PatternExpression { +func patternExpresionFromHostname(hostname gatewayapiv1.Hostname) wasm.PatternExpression { value := string(hostname) operator := "eq" if strings.HasPrefix(value, "*.") { diff --git a/pkg/rlptools/wasm_utils_test.go b/pkg/rlptools/wasm_utils_test.go index 89e6a5fbe..ad728fa90 100644 --- a/pkg/rlptools/wasm_utils_test.go +++ b/pkg/rlptools/wasm_utils_test.go @@ -7,7 +7,7 @@ import ( "github.com/google/go-cmp/cmp" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - gatewayapiv1beta1 "sigs.k8s.io/gateway-api/apis/v1beta1" + gatewayapiv1 "sigs.k8s.io/gateway-api/apis/v1" kuadrantv1beta2 "github.com/kuadrant/kuadrant-operator/api/v1beta2" "github.com/kuadrant/kuadrant-operator/pkg/rlptools/wasm" @@ -16,21 +16,21 @@ import ( // TODO(eastizle): missing WASMPluginMutator tests // TODO(eastizle): missing TestWasmRules use cases tests. Only happy path func TestWasmRules(t *testing.T) { - httpRoute := &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Hostnames: []gatewayapiv1beta1.Hostname{ + httpRoute := &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Hostnames: []gatewayapiv1.Hostname{ "*.example.com", "*.apps.example.internal", }, - Rules: []gatewayapiv1beta1.HTTPRouteRule{ + Rules: []gatewayapiv1.HTTPRouteRule{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{"GET"}[0], + Method: &[]gatewayapiv1.HTTPMethod{"GET"}[0], }, }, }, @@ -38,9 +38,9 @@ func TestWasmRules(t *testing.T) { }, } - catchAllHTTPRoute := &gatewayapiv1beta1.HTTPRoute{ - Spec: gatewayapiv1beta1.HTTPRouteSpec{ - Hostnames: []gatewayapiv1beta1.Hostname{"*"}, + catchAllHTTPRoute := &gatewayapiv1.HTTPRoute{ + Spec: gatewayapiv1.HTTPRouteSpec{ + Hostnames: []gatewayapiv1.Hostname{"*"}, }, } @@ -66,7 +66,7 @@ func TestWasmRules(t *testing.T) { testCases := []struct { name string rlp *kuadrantv1beta2.RateLimitPolicy - route *gatewayapiv1beta1.HTTPRoute + route *gatewayapiv1.HTTPRoute expectedRules []wasm.Rule }{ { @@ -113,7 +113,7 @@ func TestWasmRules(t *testing.T) { Rates: []kuadrantv1beta2.Rate{counter50rps}, RouteSelectors: []kuadrantv1beta2.RouteSelector{ { - Hostnames: []gatewayapiv1beta1.Hostname{ + Hostnames: []gatewayapiv1.Hostname{ "*.example.com", "myapp.apps.example.com", // ignored }, @@ -163,13 +163,13 @@ func TestWasmRules(t *testing.T) { Rates: []kuadrantv1beta2.Rate{counter50rps}, RouteSelectors: []kuadrantv1beta2.RouteSelector{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, - Method: &[]gatewayapiv1beta1.HTTPMethod{"GET"}[0], + Method: &[]gatewayapiv1.HTTPMethod{"GET"}[0], }, }, }, @@ -213,10 +213,10 @@ func TestWasmRules(t *testing.T) { Rates: []kuadrantv1beta2.Rate{counter50rps}, RouteSelectors: []kuadrantv1beta2.RouteSelector{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Path: &gatewayapiv1beta1.HTTPPathMatch{ - Type: &[]gatewayapiv1beta1.PathMatchType{gatewayapiv1beta1.PathMatchPathPrefix}[0], + Path: &gatewayapiv1.HTTPPathMatch{ + Type: &[]gatewayapiv1.PathMatchType{gatewayapiv1.PathMatchPathPrefix}[0], Value: &[]string{"/toy"}[0], }, }, @@ -262,9 +262,9 @@ func TestWasmRules(t *testing.T) { Rates: []kuadrantv1beta2.Rate{counter50rps}, RouteSelectors: []kuadrantv1beta2.RouteSelector{ { - Matches: []gatewayapiv1beta1.HTTPRouteMatch{ + Matches: []gatewayapiv1.HTTPRouteMatch{ { - Method: &[]gatewayapiv1beta1.HTTPMethod{"POST"}[0], + Method: &[]gatewayapiv1.HTTPMethod{"POST"}[0], }, }, }, From c52a3025f0a480bb26c6f6cb5416713ed6d66d92 Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Fri, 27 Oct 2023 15:53:26 +0100 Subject: [PATCH 2/7] Update example to gateway-api/v1 --- examples/toystore/httproute.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/toystore/httproute.yaml b/examples/toystore/httproute.yaml index 7385c5525..f44f9f9e5 100644 --- a/examples/toystore/httproute.yaml +++ b/examples/toystore/httproute.yaml @@ -1,5 +1,5 @@ --- -apiVersion: gateway.networking.k8s.io/v1beta1 +apiVersion: gateway.networking.k8s.io/v1 kind: HTTPRoute metadata: name: toystore From dd3b01a49610bece430af12483404234c18dcd92 Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Fri, 27 Oct 2023 15:54:31 +0100 Subject: [PATCH 3/7] Update config to gateway-api/v1 --- .../crd/bases/kuadrant.io_authpolicies.yaml | 401 +++++++++++++++++- .../bases/kuadrant.io_ratelimitpolicies.yaml | 56 ++- .../gateway-api/gateway/gateway.yaml | 2 +- .../gateway-api/kustomization.yaml | 2 +- 4 files changed, 434 insertions(+), 27 deletions(-) diff --git a/config/crd/bases/kuadrant.io_authpolicies.yaml b/config/crd/bases/kuadrant.io_authpolicies.yaml index eda23f8bf..19617ce1e 100644 --- a/config/crd/bases/kuadrant.io_authpolicies.yaml +++ b/config/crd/bases/kuadrant.io_authpolicies.yaml @@ -77,12 +77,12 @@ spec: the protected routes. items: description: RouteSelector defines semantics for matching an HTTP - request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to - process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 definition @@ -104,7 +104,7 @@ spec: type: array matches: description: Matches define conditions used for matching the - rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple match types are @@ -212,6 +212,52 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and start with + '/' when type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.startsWith(''/'') + : true' + - message: must not contain '//' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''//'') + : true' + - message: must not contain '/./' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/./'') + : true' + - message: must not contain '/../' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/../'') + : true' + - message: must not contain '%2f' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2f'') + : true' + - message: must not contain '%2F' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2F'') + : true' + - message: must not contain '#' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''#'') + : true' + - message: must not end with '/..' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/..'') + : true' + - message: must not end with '/.' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/.'') + : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] || self.type + == 'RegularExpression' + - message: must only contain valid characters (matching + ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values are ANDed together, @@ -242,6 +288,7 @@ spec: differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -564,12 +611,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -593,7 +640,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -710,6 +757,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -746,6 +841,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -1421,12 +1517,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -1450,7 +1546,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -1567,6 +1663,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -1603,6 +1747,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -2090,12 +2235,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -2119,7 +2264,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -2236,6 +2381,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -2272,6 +2465,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -2630,12 +2824,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -2659,7 +2853,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -2776,6 +2970,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -2812,6 +3054,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -3067,13 +3310,13 @@ spec: items: description: RouteSelector defines semantics for matching an HTTP request based on conditions - https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process - the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches @@ -3101,7 +3344,7 @@ spec: matches: description: Matches define conditions used for matching the rule against incoming HTTP - requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a @@ -3232,6 +3475,63 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute + path and start with '/' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : + true' + - message: must not contain '//' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : + true' + - message: must not contain '/./' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') + : true' + - message: must not contain '/../' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') + : true' + - message: must not contain '%2f' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') + : true' + - message: must not contain '%2F' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') + : true' + - message: must not contain '#' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : + true' + - message: must not end with '/..' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') + : true' + - message: must not end with '/.' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : + true' + - message: type must be one of ['Exact', + 'PathPrefix', 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple @@ -3275,6 +3575,7 @@ spec: implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -3562,13 +3863,13 @@ spec: items: description: RouteSelector defines semantics for matching an HTTP request based on conditions - https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process - the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches @@ -3596,7 +3897,7 @@ spec: matches: description: Matches define conditions used for matching the rule against incoming HTTP - requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a @@ -3727,6 +4028,63 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute + path and start with '/' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : + true' + - message: must not contain '//' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : + true' + - message: must not contain '/./' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') + : true' + - message: must not contain '/../' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') + : true' + - message: must not contain '%2f' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') + : true' + - message: must not contain '%2F' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') + : true' + - message: must not contain '#' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : + true' + - message: must not end with '/..' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') + : true' + - message: must not end with '/.' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : + true' + - message: type must be one of ['Exact', + 'PathPrefix', 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple @@ -3770,6 +4128,7 @@ spec: implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact diff --git a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml index e49cada84..f5de0c798 100644 --- a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml +++ b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml @@ -86,12 +86,12 @@ spec: HTTP request based on conditions items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -114,7 +114,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple match @@ -230,6 +230,53 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and start + with '/' when type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one of + ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one of + ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] || self.type + == 'RegularExpression' + - message: must only contain valid characters (matching + ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values are ANDed together, @@ -264,6 +311,7 @@ spec: in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -306,7 +354,7 @@ spec: must also match items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: operator: description: 'The binary operator to be applied to the diff --git a/config/dependencies/gateway-api/gateway/gateway.yaml b/config/dependencies/gateway-api/gateway/gateway.yaml index 7886c7a77..c9c22f3e4 100644 --- a/config/dependencies/gateway-api/gateway/gateway.yaml +++ b/config/dependencies/gateway-api/gateway/gateway.yaml @@ -1,5 +1,5 @@ --- -apiVersion: gateway.networking.k8s.io/v1beta1 +apiVersion: gateway.networking.k8s.io/v1 kind: Gateway metadata: labels: diff --git a/config/dependencies/gateway-api/kustomization.yaml b/config/dependencies/gateway-api/kustomization.yaml index 0e67b0fa9..2ebe6d402 100644 --- a/config/dependencies/gateway-api/kustomization.yaml +++ b/config/dependencies/gateway-api/kustomization.yaml @@ -1,3 +1,3 @@ --- resources: -- github.com/kubernetes-sigs/gateway-api/config/crd?ref=v0.6.2 +- github.com/kubernetes-sigs/gateway-api/config/crd?ref=v1.0.0 From aa2902f6d957260fdd3dacd22fb05bbc736eed52 Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Fri, 27 Oct 2023 15:59:55 +0100 Subject: [PATCH 4/7] Update docs to gateway-api/v1 --- README.md | 36 ++++++++++--------- doc/auth.md | 2 +- doc/rate-limiting.md | 2 +- doc/reference/route-selectors.md | 6 ++-- ...uth-for-app-devs-and-platform-engineers.md | 4 +-- .../authenticated-rl-for-app-developers.md | 2 +- .../gateway-rl-for-cluster-operators.md | 6 ++-- .../simple-rl-for-app-developers.md | 2 +- 8 files changed, 31 insertions(+), 29 deletions(-) diff --git a/README.md b/README.md index c8dd8694b..e793a8ef9 100644 --- a/README.md +++ b/README.md @@ -8,21 +8,23 @@ The Operator to install and manage the lifecycle of the [Kuadrant](https://github.com/Kuadrant/) components deployments. -* [Overview](#overview) -* [Architecture](#architecture) - * [Kuadrant components](#kuadrant-components) - * [Provided APIs](#provided-apis) -* [Getting started](#getting-started) - * [Pre-requisites](#pre-requisites) - * [Installing Kuadrant](#installing-kuadrant) - * [Protect Your Service](#protect-your-service) - * [If you are an API Provider](#if-you-are-an-api-provider) - * [If you are a Cluster Operator](#if-you-are-a-cluster-operator) -* [User guides](#user-guides) -* [Kuadrant Rate Limiting](#kuadrant-rate-limiting) -* [Documentation](#documentation) -* [Contributing](#contributing) -* [Licensing](#licensing) +- [Overview](#overview) +- [Architecture](#architecture) + - [Kuadrant components](#kuadrant-components) + - [Provided APIs](#provided-apis) +- [Getting started](#getting-started) + - [Pre-requisites](#pre-requisites) + - [Installing Kuadrant](#installing-kuadrant) + - [1. Install the Kuadrant Operator](#1-install-the-kuadrant-operator) + - [2. Request a Kuadrant instance](#2-request-a-kuadrant-instance) + - [Protect your service](#protect-your-service) + - [If you are an *API Provider*](#if-you-are-an-api-provider) + - [If you are a *Cluster Operator*](#if-you-are-a-cluster-operator) +- [User guides](#user-guides) +- [Kuadrant Rate Limiting](#kuadrant-rate-limiting) +- [Documentation](#documentation) +- [Contributing](#contributing) +- [Licensing](#licensing) @@ -144,7 +146,7 @@ EOF * Deploy the service/API to be protected ("Upstream") * Expose the service/API using the kubernetes Gateway API, ie - [HTTPRoute](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRoute) object. + [HTTPRoute](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRoute) object. * Write and apply the Kuadrant's [RateLimitPolicy](doc/rate-limiting.md) and/or [AuthPolicy](doc/auth.md) custom resources targeting the HTTPRoute resource to have your API protected. @@ -152,7 +154,7 @@ EOF #### If you are a *Cluster Operator* * (Optionally) deploy istio ingress gateway using the - [Gateway](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.Gateway) resource. + [Gateway](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Gateway) resource. * Write and apply the Kuadrant's [RateLimitPolicy](doc/rate-limiting.md) and/or [AuthPolicy](doc/auth.md) custom resources targeting the Gateway resource to have your gateway traffic protected. diff --git a/doc/auth.md b/doc/auth.md index ae2796287..92934b1bd 100644 --- a/doc/auth.md +++ b/doc/auth.md @@ -2,7 +2,7 @@ A Kuadrant AuthPolicy custom resource: -1. Targets Gateway API networking resources such as [HTTPRoutes](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRoute) and [Gateways](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.Gateway), using these resources to obtain additional context, i.e., which traffic workload (HTTP attributes, hostnames, user attributes, etc) to enforce auth. +1. Targets Gateway API networking resources such as [HTTPRoutes](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRoute) and [Gateways](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Gateway), using these resources to obtain additional context, i.e., which traffic workload (HTTP attributes, hostnames, user attributes, etc) to enforce auth. 2. Supports targeting subsets (sections) of a network resource to apply the auth rules to. 3. Abstracts the details of the underlying external authorization protocol and configuration resources, that have a much broader remit and surface area. 4. Enables cluster operators to set defaults that govern behavior at the lower levels of the network, until a more specific policy is applied. diff --git a/doc/rate-limiting.md b/doc/rate-limiting.md index 25aa329d5..24db2c435 100644 --- a/doc/rate-limiting.md +++ b/doc/rate-limiting.md @@ -2,7 +2,7 @@ A Kuadrant RateLimitPolicy custom resource, often abbreviated "RLP": -1. Targets Gateway API networking resources such as [HTTPRoutes](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRoute) and [Gateways](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.Gateway), using these resources to obtain additional context, i.e., which traffic workload (HTTP attributes, hostnames, user attributes, etc) to rate limit. +1. Targets Gateway API networking resources such as [HTTPRoutes](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRoute) and [Gateways](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Gateway), using these resources to obtain additional context, i.e., which traffic workload (HTTP attributes, hostnames, user attributes, etc) to rate limit. 2. Supports targeting subsets (sections) of a network resource to apply the limits to. 3. Abstracts the details of the underlying Rate Limit protocol and configuration resources, that have a much broader remit and surface area. 4. Enables cluster operators to set defaults that govern behavior at the lower levels of the network, until a more specific policy is applied. diff --git a/doc/reference/route-selectors.md b/doc/reference/route-selectors.md index 45f499611..66a38b134 100644 --- a/doc/reference/route-selectors.md +++ b/doc/reference/route-selectors.md @@ -12,12 +12,12 @@ The `routeSelectors` field can be found in policy specs and policy rules (limit ### RouteSelector -Each `RouteSelector` is an object composed of a set of [HTTPRouteMatch](https://gateway-api.sigs.k8s.io/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPPathMatch) objects (from Gateway API), and an additional `hostnames` field. +Each `RouteSelector` is an object composed of a set of [HTTPRouteMatch](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPPathMatch) objects (from Gateway API), and an additional `hostnames` field. | **Field** | **Type** | **Required** | **Description** | |-------------|--------------------------------------------------------------------------------------------------------------------------------|:------------:|---------------------------------------------------------------------------------------------| -| `matches` | [][HTTPRouteMatch](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteMatch) | No | List of selectors of HTTPRouteRules whose matching rules activate the policy or policy rule | -| `hostnames` | [][Hostname](https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.Hostname) | No | List of hostnames of the HTTPRoute that activate the policy or policy rule | +| `matches` | [][HTTPRouteMatch](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteMatch) | No | List of selectors of HTTPRouteRules whose matching rules activate the policy or policy rule | +| `hostnames` | [][Hostname](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.Hostname) | No | List of hostnames of the HTTPRoute that activate the policy or policy rule | ## Mechanics of the route selectors diff --git a/doc/user-guides/auth-for-app-devs-and-platform-engineers.md b/doc/user-guides/auth-for-app-devs-and-platform-engineers.md index 4e1b13551..3e736a00e 100644 --- a/doc/user-guides/auth-for-app-devs-and-platform-engineers.md +++ b/doc/user-guides/auth-for-app-devs-and-platform-engineers.md @@ -77,7 +77,7 @@ EOF kubectl apply -f examples/toystore/toystore.yaml kubectl apply -f - < Date: Tue, 31 Oct 2023 10:25:50 +0000 Subject: [PATCH 5/7] Restrict sizes of types for kube apiserver cost analysis --- api/v1beta2/authpolicy_types.go | 8 ++++++++ api/v1beta2/ratelimitpolicy_types.go | 2 ++ api/v1beta2/route_selectors.go | 1 + .../crd/bases/kuadrant.io_authpolicies.yaml | 20 +++++++++++++++++++ .../bases/kuadrant.io_ratelimitpolicies.yaml | 3 +++ 5 files changed, 34 insertions(+) diff --git a/api/v1beta2/authpolicy_types.go b/api/v1beta2/authpolicy_types.go index 85dfb9500..c2fa14b34 100644 --- a/api/v1beta2/authpolicy_types.go +++ b/api/v1beta2/authpolicy_types.go @@ -18,16 +18,19 @@ type AuthSchemeSpec struct { // Authentication configs. // At least one config MUST evaluate to a valid identity object for the auth request to be successful. // +optional + // +kubebuilder:validation:MaxProperties=14 Authentication map[string]AuthenticationSpec `json:"authentication,omitempty"` // Metadata sources. // Authorino fetches auth metadata as JSON from sources specified in this config. // +optional + // +kubebuilder:validation:MaxProperties=14 Metadata map[string]MetadataSpec `json:"metadata,omitempty"` // Authorization policies. // All policies MUST evaluate to "allowed = true" for the auth request be successful. // +optional + // +kubebuilder:validation:MaxProperties=14 Authorization map[string]AuthorizationSpec `json:"authorization,omitempty"` // Response items. @@ -38,6 +41,7 @@ type AuthSchemeSpec struct { // Callback functions. // Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. // +optional + // +kubebuilder:validation:MaxProperties=14 Callbacks map[string]CallbackSpec `json:"callbacks,omitempty"` } @@ -47,6 +51,7 @@ type CommonAuthRuleSpec struct { // At least one selected HTTPRoute rule must match to trigger the auth rule. // If no route selectors are specified, the auth rule will be evaluated at all requests to the protected routes. // +optional + // +kubebuilder:validation:MaxItems=15 RouteSelectors []RouteSelector `json:"routeSelectors,omitempty"` } @@ -93,11 +98,13 @@ type ResponseSpec struct { type WrappedSuccessResponseSpec struct { // Custom success response items wrapped as HTTP headers. // For integration of Authorino via proxy, the proxy must use these settings to inject data in the request. + // +kubebuilder:validation:MaxProperties=14 Headers map[string]HeaderSuccessResponseSpec `json:"headers,omitempty"` // Custom success response items wrapped as HTTP headers. // For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata. // See https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata + // +kubebuilder:validation:MaxProperties=14 DynamicMetadata map[string]SuccessResponseSpec `json:"dynamicMetadata,omitempty"` } @@ -133,6 +140,7 @@ type AuthPolicySpec struct { // At least one selected HTTPRoute rule must match to trigger the AuthPolicy. // If no route selectors are specified, the AuthPolicy will be enforced at all requests to the protected routes. // +optional + // +kubebuilder:validation:MaxItems=15 RouteSelectors []RouteSelector `json:"routeSelectors,omitempty"` // Named sets of patterns that can be referred in `when` conditions and in pattern-matching authorization policy rules. diff --git a/api/v1beta2/ratelimitpolicy_types.go b/api/v1beta2/ratelimitpolicy_types.go index 397420d63..16b13578c 100644 --- a/api/v1beta2/ratelimitpolicy_types.go +++ b/api/v1beta2/ratelimitpolicy_types.go @@ -88,6 +88,7 @@ type WhenCondition struct { type Limit struct { // RouteSelectors defines semantics for matching an HTTP request based on conditions // +optional + // +kubebuilder:validation:MaxItems=15 RouteSelectors []RouteSelector `json:"routeSelectors,omitempty"` // When holds the list of conditions for the policy to be enforced. @@ -119,6 +120,7 @@ type RateLimitPolicySpec struct { // Limits holds the struct of limits indexed by a unique name // +optional + // +kubebuilder:validation:MaxProperties=14 Limits map[string]Limit `json:"limits,omitempty"` } diff --git a/api/v1beta2/route_selectors.go b/api/v1beta2/route_selectors.go index c13c1237a..880ae16be 100644 --- a/api/v1beta2/route_selectors.go +++ b/api/v1beta2/route_selectors.go @@ -19,6 +19,7 @@ type RouteSelector struct { // Matches define conditions used for matching the rule against incoming HTTP requests. // https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec // +optional + // +kubebuilder:validation:MaxItems=8 Matches []gatewayapiv1.HTTPRouteMatch `json:"matches,omitempty"` } diff --git a/config/crd/bases/kuadrant.io_authpolicies.yaml b/config/crd/bases/kuadrant.io_authpolicies.yaml index 19617ce1e..c90305e57 100644 --- a/config/crd/bases/kuadrant.io_authpolicies.yaml +++ b/config/crd/bases/kuadrant.io_authpolicies.yaml @@ -321,8 +321,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array rules: description: The auth rules of the policy. See Authorino's AuthConfig @@ -875,8 +877,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce this config. @@ -1001,6 +1005,7 @@ spec: description: Authentication configs. At least one config MUST evaluate to a valid identity object for the auth request to be successful. + maxProperties: 14 type: object authorization: additionalProperties: @@ -1781,8 +1786,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array spicedb: description: Authorization decision delegated to external @@ -1972,6 +1979,7 @@ spec: type: object description: Authorization policies. All policies MUST evaluate to "allowed = true" for the auth request be successful. + maxProperties: 14 type: object callbacks: additionalProperties: @@ -2499,8 +2507,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce this config. @@ -2561,6 +2571,7 @@ spec: description: Callback functions. Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. + maxProperties: 14 type: object metadata: additionalProperties: @@ -3088,8 +3099,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array uma: description: User-Managed Access (UMA) source of resource @@ -3184,6 +3197,7 @@ spec: type: object description: Metadata sources. Authorino fetches auth metadata as JSON from sources specified in this config. + maxProperties: 14 type: object response: description: Response items. Authorino builds custom responses @@ -3612,8 +3626,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce @@ -3748,6 +3764,7 @@ spec: HTTP headers. For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata. See https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata + maxProperties: 14 type: object headers: additionalProperties: @@ -4165,8 +4182,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce @@ -4301,6 +4320,7 @@ spec: HTTP headers. For integration of Authorino via proxy, the proxy must use these settings to inject data in the request. + maxProperties: 14 type: object type: object unauthenticated: diff --git a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml index f5de0c798..b1000cb17 100644 --- a/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml +++ b/config/crd/bases/kuadrant.io_ratelimitpolicies.yaml @@ -345,8 +345,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: When holds the list of conditions for the policy @@ -388,6 +390,7 @@ spec: type: object description: Limits holds the struct of limits indexed by a unique name + maxProperties: 14 type: object targetRef: description: TargetRef identifies an API object to apply policy to. From 7ec03c3076da6e11879a1eebc0d3cbd61b175c9e Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Tue, 31 Oct 2023 11:45:56 +0000 Subject: [PATCH 6/7] Update bundle to gatewayapi/v1 --- .../manifests/kuadrant.io_authpolicies.yaml | 421 +++++++++++++++++- .../kuadrant.io_ratelimitpolicies.yaml | 59 ++- 2 files changed, 455 insertions(+), 25 deletions(-) diff --git a/bundle/manifests/kuadrant.io_authpolicies.yaml b/bundle/manifests/kuadrant.io_authpolicies.yaml index 90fcd5de0..55b4f2927 100644 --- a/bundle/manifests/kuadrant.io_authpolicies.yaml +++ b/bundle/manifests/kuadrant.io_authpolicies.yaml @@ -78,12 +78,12 @@ spec: the protected routes. items: description: RouteSelector defines semantics for matching an HTTP - request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to - process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 definition @@ -105,7 +105,7 @@ spec: type: array matches: description: Matches define conditions used for matching the - rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple match types are @@ -213,6 +213,52 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and start with + '/' when type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.startsWith(''/'') + : true' + - message: must not contain '//' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''//'') + : true' + - message: must not contain '/./' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/./'') + : true' + - message: must not contain '/../' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''/../'') + : true' + - message: must not contain '%2f' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2f'') + : true' + - message: must not contain '%2F' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''%2F'') + : true' + - message: must not contain '#' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.contains(''#'') + : true' + - message: must not end with '/..' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/..'') + : true' + - message: must not end with '/.' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? !self.value.endsWith(''/.'') + : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] || self.type + == 'RegularExpression' + - message: must only contain valid characters (matching + ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values are ANDed together, @@ -243,6 +289,7 @@ spec: differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -275,8 +322,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array rules: description: The auth rules of the policy. See Authorino's AuthConfig @@ -565,12 +614,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -594,7 +643,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -711,6 +760,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -747,6 +844,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -780,8 +878,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce this config. @@ -906,6 +1006,7 @@ spec: description: Authentication configs. At least one config MUST evaluate to a valid identity object for the auth request to be successful. + maxProperties: 14 type: object authorization: additionalProperties: @@ -1422,12 +1523,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -1451,7 +1552,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -1568,6 +1669,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -1604,6 +1753,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -1637,8 +1787,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array spicedb: description: Authorization decision delegated to external @@ -1828,6 +1980,7 @@ spec: type: object description: Authorization policies. All policies MUST evaluate to "allowed = true" for the auth request be successful. + maxProperties: 14 type: object callbacks: additionalProperties: @@ -2091,12 +2244,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -2120,7 +2273,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -2237,6 +2390,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -2273,6 +2474,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -2306,8 +2508,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce this config. @@ -2368,6 +2572,7 @@ spec: description: Callback functions. Authorino sends callbacks at the end of the auth pipeline to the endpoints specified in this config. + maxProperties: 14 type: object metadata: additionalProperties: @@ -2631,12 +2836,12 @@ spec: evaluated at all requests to the protected routes. items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -2660,7 +2865,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple @@ -2777,6 +2982,54 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and + start with '/' when type one of ['Exact', + 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values @@ -2813,6 +3066,7 @@ spec: potential differences in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -2846,8 +3100,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array uma: description: User-Managed Access (UMA) source of resource @@ -2942,6 +3198,7 @@ spec: type: object description: Metadata sources. Authorino fetches auth metadata as JSON from sources specified in this config. + maxProperties: 14 type: object response: description: Response items. Authorino builds custom responses @@ -3068,13 +3325,13 @@ spec: items: description: RouteSelector defines semantics for matching an HTTP request based on conditions - https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process - the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches @@ -3102,7 +3359,7 @@ spec: matches: description: Matches define conditions used for matching the rule against incoming HTTP - requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a @@ -3233,6 +3490,63 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute + path and start with '/' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : + true' + - message: must not contain '//' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : + true' + - message: must not contain '/./' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') + : true' + - message: must not contain '/../' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') + : true' + - message: must not contain '%2f' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') + : true' + - message: must not contain '%2F' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') + : true' + - message: must not contain '#' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : + true' + - message: must not end with '/..' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') + : true' + - message: must not end with '/.' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : + true' + - message: type must be one of ['Exact', + 'PathPrefix', 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple @@ -3276,6 +3590,7 @@ spec: implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -3312,8 +3627,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce @@ -3448,6 +3765,7 @@ spec: HTTP headers. For integration of Authorino via proxy, the proxy must use these settings to propagate dynamic metadata. See https://www.envoyproxy.io/docs/envoy/latest/configuration/advanced/well_known_dynamic_metadata + maxProperties: 14 type: object headers: additionalProperties: @@ -3563,13 +3881,13 @@ spec: items: description: RouteSelector defines semantics for matching an HTTP request based on conditions - https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select a HTTPRoute to process - the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches @@ -3597,7 +3915,7 @@ spec: matches: description: Matches define conditions used for matching the rule against incoming HTTP - requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a @@ -3728,6 +4046,63 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute + path and start with '/' when type + one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : + true' + - message: must not contain '//' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : + true' + - message: must not contain '/./' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') + : true' + - message: must not contain '/../' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') + : true' + - message: must not contain '%2f' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') + : true' + - message: must not contain '%2F' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') + : true' + - message: must not contain '#' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : + true' + - message: must not end with '/..' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') + : true' + - message: must not end with '/.' when + type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : + true' + - message: type must be one of ['Exact', + 'PathPrefix', 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] + || self.type == 'RegularExpression' + - message: must only contain valid characters + (matching ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple @@ -3771,6 +4146,7 @@ spec: implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -3807,8 +4183,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: Conditions for Authorino to enforce @@ -3943,6 +4321,7 @@ spec: HTTP headers. For integration of Authorino via proxy, the proxy must use these settings to inject data in the request. + maxProperties: 14 type: object type: object unauthenticated: diff --git a/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml b/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml index a221ac1c9..6e7b9cd52 100644 --- a/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml +++ b/bundle/manifests/kuadrant.io_ratelimitpolicies.yaml @@ -88,12 +88,12 @@ spec: HTTP request based on conditions items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: hostnames: description: Hostnames defines a set of hostname that should match against the HTTP Host header to select - a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + a HTTPRoute to process the request https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "Hostname is the fully qualified domain name of a network host. This matches the RFC 1123 @@ -116,7 +116,7 @@ spec: type: array matches: description: Matches define conditions used for matching - the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + the rule against incoming HTTP requests. https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec items: description: "HTTPRouteMatch defines the predicate used to match requests to a given action. Multiple match @@ -232,6 +232,53 @@ spec: maxLength: 1024 type: string type: object + x-kubernetes-validations: + - message: value must be an absolute path and start + with '/' when type one of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.startsWith(''/'') : true' + - message: must not contain '//' when type one of + ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''//'') : true' + - message: must not contain '/./' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/./'') : true' + - message: must not contain '/../' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''/../'') : true' + - message: must not contain '%2f' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2f'') : true' + - message: must not contain '%2F' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''%2F'') : true' + - message: must not contain '#' when type one of + ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.contains(''#'') : true' + - message: must not end with '/..' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/..'') : true' + - message: must not end with '/.' when type one + of ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? !self.value.endsWith(''/.'') : true' + - message: type must be one of ['Exact', 'PathPrefix', + 'RegularExpression'] + rule: self.type in ['Exact','PathPrefix'] || self.type + == 'RegularExpression' + - message: must only contain valid characters (matching + ^(?:[-A-Za-z0-9/._~!$&'()*+,;=:@]|[%][0-9a-fA-F]{2})+$) + for types ['Exact', 'PathPrefix'] + rule: '(self.type in [''Exact'',''PathPrefix'']) + ? self.value.matches(r"""^(?:[-A-Za-z0-9/._~!$&''()*+,;=:@]|[%][0-9a-fA-F]{2})+$""") + : true' queryParams: description: "QueryParams specifies HTTP query parameter matchers. Multiple match values are ANDed together, @@ -266,6 +313,7 @@ spec: in the implementations." maxLength: 256 minLength: 1 + pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$ type: string type: default: Exact @@ -299,8 +347,10 @@ spec: - name x-kubernetes-list-type: map type: object + maxItems: 8 type: array type: object + maxItems: 15 type: array when: description: When holds the list of conditions for the policy @@ -308,7 +358,7 @@ spec: must also match items: description: RouteSelector defines semantics for matching - an HTTP request based on conditions https://gateway-api.sigs.k8s.io/v1alpha2/references/spec/#gateway.networking.k8s.io/v1beta1.HTTPRouteSpec + an HTTP request based on conditions https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.HTTPRouteSpec properties: operator: description: 'The binary operator to be applied to the @@ -342,6 +392,7 @@ spec: type: object description: Limits holds the struct of limits indexed by a unique name + maxProperties: 14 type: object targetRef: description: TargetRef identifies an API object to apply policy to. From 05fe71afffdbc03d6929a513acce4972286a12e0 Mon Sep 17 00:00:00 2001 From: Adam Cattermole Date: Mon, 13 Nov 2023 08:50:54 +0000 Subject: [PATCH 7/7] Bump go version to 1.21 --- .github/workflows/build-images-base.yaml | 8 +-- .github/workflows/code-style.yaml | 8 +-- .github/workflows/test.yaml | 20 +++---- Dockerfile | 2 +- doc/development.md | 2 +- go.mod | 2 +- go.sum | 68 ++++++++++++++++++++++++ 7 files changed, 89 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build-images-base.yaml b/.github/workflows/build-images-base.yaml index a6f88eded..ae6221d5e 100644 --- a/.github/workflows/build-images-base.yaml +++ b/.github/workflows/build-images-base.yaml @@ -108,10 +108,10 @@ jobs: name: Build Bundle runs-on: ubuntu-latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code uses: actions/checkout@v3 @@ -156,10 +156,10 @@ jobs: needs: [build, build-bundle] runs-on: ubuntu-latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code uses: actions/checkout@v3 diff --git a/.github/workflows/code-style.yaml b/.github/workflows/code-style.yaml index 5e12fc45c..10f9b1fc2 100644 --- a/.github/workflows/code-style.yaml +++ b/.github/workflows/code-style.yaml @@ -40,10 +40,10 @@ jobs: importpath: golang.org/x/tools/cmd/goimports@latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code @@ -90,10 +90,10 @@ jobs: runs-on: ubuntu-latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 26e814e2e..25b777d0f 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -18,7 +18,7 @@ jobs: name: Unit Tests strategy: matrix: - go-version: [ 1.20.x ] + go-version: [ 1.21.x ] platform: [ ubuntu-latest ] runs-on: ${{ matrix.platform }} defaults: @@ -53,10 +53,10 @@ jobs: run: shell: bash steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code uses: actions/checkout@v3 @@ -94,10 +94,10 @@ jobs: name: Verify manifests runs-on: ubuntu-latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code uses: actions/checkout@v3 @@ -109,10 +109,10 @@ jobs: name: Verify bundle runs-on: ubuntu-latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code uses: actions/checkout@v3 @@ -124,10 +124,10 @@ jobs: name: Verify fmt runs-on: ubuntu-latest steps: - - name: Set up Go 1.20.x + - name: Set up Go 1.21.x uses: actions/setup-go@v4 with: - go-version: 1.20.x + go-version: 1.21.x id: go - name: Check out code uses: actions/checkout@v3 @@ -139,7 +139,7 @@ jobs: name: Test Scripts strategy: matrix: - go-version: [ 1.20.x ] + go-version: [ 1.21.x ] platform: [ ubuntu-latest, macos-latest ] runs-on: ${{ matrix.platform }} defaults: diff --git a/Dockerfile b/Dockerfile index 7782a3b87..541c670a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.20 as builder +FROM golang:1.21 as builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/doc/development.md b/doc/development.md index 4582ce6f3..fa0994d7a 100644 --- a/doc/development.md +++ b/doc/development.md @@ -26,7 +26,7 @@ * [operator-sdk] version v1.28.1 * [kind] version v0.20.0 * [git][git_tool] -* [go] version 1.20+ +* [go] version 1.21+ * [kubernetes] version v1.19+ * [kubectl] version v1.19+ diff --git a/go.mod b/go.mod index 0ea561e4b..ac7f80a26 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/kuadrant/kuadrant-operator -go 1.20 +go 1.21 require ( github.com/elliotchance/orderedmap/v2 v2.2.0 diff --git a/go.sum b/go.sum index 249ca1f11..4330d80ce 100644 --- a/go.sum +++ b/go.sum @@ -7,29 +7,39 @@ cloud.google.com/go/compute v1.20.1/go.mod h1:4tCnrn48xsqlwSAiLf1HXMQk8CONslYbdi cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY= cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA= cloud.google.com/go/iam v0.13.0 h1:+CmB+K0J/33d0zSQ9SlFWUeCCEn5XJA0ZMZ3pHE9u8k= +cloud.google.com/go/iam v0.13.0/go.mod h1:ljOg+rcNfzZ5d6f1nAUJ8ZIxOaZUVoS14bKCtaLZ/D0= cloud.google.com/go/logging v1.7.0 h1:CJYxlNNNNAMkHp9em/YEXcfJg+rPDg7YfwoRpMU+t5I= cloud.google.com/go/logging v1.7.0/go.mod h1:3xjP2CjkM3ZkO73aj4ASA5wRPGGCRrPIAeNqVNkzY8M= cloud.google.com/go/longrunning v0.4.1 h1:v+yFJOfKC3yZdY6ZUI933pIYdhyhV8S3NpWrXWmg7jM= cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= +github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak= +github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= +github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g= +github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ= github.com/Masterminds/sprig/v3 v3.2.3 h1:eL2fZNezLomi0uOLqjQoN6BfsDD+fyLtgbJMAj9n6YA= +github.com/Masterminds/sprig/v3 v3.2.3/go.mod h1:rXcFaZ2zZbLRJv/xSysmlgIM1u11eBaRMhvYXJNkGuM= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= github.com/antlr/antlr4/runtime/Go/antlr v1.4.10 h1:yL7+Jz0jTC6yykIK/Wh74gnTJnrGr5AyrNMXuA0gves= github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df h1:7RFfzj4SSt6nnvCPbCqijJi1nWCd+TqAT3bYCStRC18= +github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df/go.mod h1:pSwJ0fSY5KhvocuWSx4fz3BA8OrA1bQn+K1Eli3BRwM= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g= +github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= +github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= @@ -38,13 +48,16 @@ github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195 h1:58f1tJ1ra+zFINPlwLWvQsR9CzAKt2e+EWV2yX9oXQ4= +github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.2.3 h1:YX6ebbZCZP7VkM3scTTokDgBL2TY741X51MTk3ycuNI= +github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d h1:1iy2qD6JEhHKKhUOA9IWs7mjco7lnw2qx8FsRI2wirE= +github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE= github.com/elliotchance/orderedmap/v2 v2.2.0 h1:7/2iwO98kYT4XkOjA9mBEIwvi4KpGB4cyHeOFOnj4Vk= github.com/elliotchance/orderedmap/v2 v2.2.0/go.mod h1:85lZyVbpGaGvHvnKa7Qhx7zncAdBIBq6u56Hb1PRU5Q= github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g= @@ -55,19 +68,25 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/go-control-plane v0.11.1-0.20230202164348-98e9e8eacc1a h1:EWOGEDoAqZrA4mM2G8g74h90oBV9wunqguCSMVSGYJg= +github.com/envoyproxy/go-control-plane v0.11.1-0.20230202164348-98e9e8eacc1a/go.mod h1:84cjSkVxFD9Pi/gvI5AOq5NPhGsmS8oPsJLtCON6eK8= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v0.10.0 h1:oIfnZFdC0YhpNNEX+SuIqko4cqqVZeN9IGTrhZje83Y= +github.com/envoyproxy/protoc-gen-validate v0.10.0/go.mod h1:DRjgyB0I43LtJapqN6NiRwroiAU2PaFuvk/vjgh61ss= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.7.0 h1:nJqP7uwL84RJInrohHfW0Fx3awjbm8qZeFv0nW9SYGc= github.com/evanphx/json-patch/v5 v5.7.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM= +github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= +github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/fvbommel/sortorder v1.0.2 h1:mV4o8B2hKboCdkJm+a7uX/SIpZob4JzUpc5GGnM45eo= +github.com/fvbommel/sortorder v1.0.2/go.mod h1:uk88iVf1ovNn1iLfgUVU2F9o5eO30ui720w+kxuqRs0= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA= +github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -84,7 +103,9 @@ github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+ github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/goccy/go-json v0.10.0 h1:mXKd9Qw4NuzShiRlOXKews24ufknHO7gx30lsDyokKA= +github.com/goccy/go-json v0.10.0/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= @@ -108,8 +129,11 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/btree v1.1.2 h1:xf4v41cLI2Z6FxbKm+8Bu+m8ifhj15JuZ9sa0jZCMUU= +github.com/google/btree v1.1.2/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= github.com/google/cel-go v0.16.1 h1:3hZfSNiAU3KOiNtxuFXVp5WFy4hf/Ly3Sa4/7F8SXNo= +github.com/google/cel-go v0.16.1/go.mod h1:HXZKzB0LXqer5lHHgfWAnlYwJaQBDKMjxjulNQzhwhY= github.com/google/gnostic v0.6.9 h1:ZK/5VhkoX835RikCHpSUJV9a+S3e1zLh59YnyWeBW+0= +github.com/google/gnostic v0.6.9/go.mod h1:Nm8234We1lq6iB9OmlgNv3nH91XLLVZHCDayfA3xq+E= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= @@ -130,6 +154,7 @@ github.com/google/pprof v0.0.0-20221212185716-aee1124e3a93/go.mod h1:dDKJzRmX4S3 github.com/google/s2a-go v0.1.4 h1:1kZ/sQM3srePvKs3tXAvQzo66XfcReoqFpIpIccE7Oc= github.com/google/s2a-go v0.1.4/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= +github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= @@ -138,16 +163,22 @@ github.com/googleapis/enterprise-certificate-proxy v0.2.3/go.mod h1:AwSRAtLfXpU5 github.com/googleapis/gax-go/v2 v2.11.0 h1:9V9PWXEsWnPpQhu/PeQIkS4eGzMlTLGgt80cUUI8Ki4= github.com/googleapis/gax-go/v2 v2.11.0/go.mod h1:DxmR61SGKkGLa2xigwuZIQpkCI2S5iydzRfb3peWZJI= github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA= +github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= +github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= +github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-version v1.6.0 h1:feTTfFNnjP967rlCxM/I9g701jU+RN74YKx2mOkIeek= +github.com/hashicorp/go-version v1.6.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/huandu/xstrings v1.4.0 h1:D17IlohoQq4UcpqD7fDk80P7l+lwAmlFaBHgOipl2FU= +github.com/huandu/xstrings v1.4.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jonboulle/clockwork v0.3.0 h1:9BSCMi8C+0qdApAp4auwX0RkLGUjs956h0EkuQymUhg= +github.com/jonboulle/clockwork v0.3.0/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -157,6 +188,7 @@ github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+o github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -168,29 +200,44 @@ github.com/kuadrant/authorino-operator v0.9.0/go.mod h1:VkUqS4CHNiaHMrjSFQ5V71DN github.com/kuadrant/limitador-operator v0.4.0 h1:HgJi7LuOsenCUMs2ACCfKMKsKpfHcqmmwVmqpci0hw4= github.com/kuadrant/limitador-operator v0.4.0/go.mod h1:5fQo2XwxPr7bDObut9sK5sHCnK4hwAmTsTptaYvGfuc= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A= +github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y= github.com/lestrrat-go/blackmagic v1.0.1 h1:lS5Zts+5HIC/8og6cGHb0uCcNCa3OUt1ygh3Qz2Fe80= +github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE= +github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI= +github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= github.com/lestrrat-go/jwx v1.2.25 h1:tAx93jN2SdPvFn08fHNAhqFJazn5mBBOB8Zli0g0otA= +github.com/lestrrat-go/jwx v1.2.25/go.mod h1:zoNuZymNl5lgdcu6P7K6ie2QRll5HVfF4xwxBBK1NxY= github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU= +github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0= +github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= +github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8= +github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c= github.com/moby/term v0.0.0-20221205130635-1aeaba878587 h1:HfkjXDfhgVaN5rmueG8cL8KKeFNecRCXFhaJ2qZ5SKA= +github.com/moby/term v0.0.0-20221205130635-1aeaba878587/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0= +github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU= @@ -198,6 +245,7 @@ github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7 github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= +github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -214,15 +262,19 @@ github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= +github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w= +github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stoewer/go-strcase v1.2.1 h1:/1JWd+AcWPzkcGLEmjUCka99YqGOtTnp1H/wcP+uap4= +github.com/stoewer/go-strcase v1.2.1/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= @@ -234,6 +286,7 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tidwall/gjson v1.14.0 h1:6aeJ0bzojgWLa82gDQHcx3S0Lr/O51I9bJ5nv6JFx5w= github.com/tidwall/gjson v1.14.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA= @@ -241,9 +294,13 @@ github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JT github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs= github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= +github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= +github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17UxZ74= +github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/xlab/treeprint v1.1.0 h1:G/1DjNkPpfZCFt9CSh6b5/nY4VimlbHF3Rh4obvtzDk= +github.com/xlab/treeprint v1.1.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= @@ -252,11 +309,15 @@ go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v0.19.0 h1:IVN6GR+mhC4s5yfcTbmzHYODqvWAp3ZedA2SJPI1Nnw= +go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.starlark.net v0.0.0-20211013185944-b0039bd2cfe3 h1:oBcONsksxvpeodDrLjiMDaKHXKAVVfAydhe/792CE/o= +go.starlark.net v0.0.0-20211013185944-b0039bd2cfe3/go.mod h1:t3mmBBPzAVvK0L0n1drDmrQsJ8FoIx4INCqVMTr/Zo0= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= +go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/goleak v1.1.11/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ= go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= +go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= @@ -282,6 +343,7 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= +golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -416,6 +478,7 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= helm.sh/helm/v3 v3.11.1 h1:cmL9fFohOoNQf+wnp2Wa0OhNFH0KFnSzEkVxi3fcc3I= +helm.sh/helm/v3 v3.11.1/go.mod h1:z/Bu/BylToGno/6dtNGuSmjRqxKq5gaH+FU0BPO+AQ8= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= istio.io/api v0.0.0-20230712174848-a2b2de508c88 h1:w7lSk+XcYNzGC5xtHBFvaV7QTBMQC5nM4l8xxFslGgk= @@ -433,6 +496,7 @@ k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= k8s.io/cli-runtime v0.26.0 h1:aQHa1SyUhpqxAw1fY21x2z2OS5RLtMJOCj7tN4oq8mw= +k8s.io/cli-runtime v0.26.0/go.mod h1:o+4KmwHzO/UK0wepE1qpRk6l3o60/txUZ1fEXWGIKTY= k8s.io/client-go v0.28.3 h1:2OqNb72ZuTZPKCl+4gTKvqao0AMOl9f3o2ijbAj3LI4= k8s.io/client-go v0.28.3/go.mod h1:LTykbBp9gsA7SwqirlCXBWtK0guzfhpoW4qSm7i9dxo= k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= @@ -442,6 +506,7 @@ k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/kubectl v0.26.0 h1:xmrzoKR9CyNdzxBmXV7jW9Ln8WMrwRK6hGbbf69o4T0= +k8s.io/kubectl v0.26.0/go.mod h1:eInP0b+U9XUJWSYeU9XZnTA+cVYuWyl3iYPGtru0qhQ= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigwG62c4= @@ -451,8 +516,11 @@ sigs.k8s.io/gateway-api v1.0.0/go.mod h1:4cUgr0Lnp5FZ0Cdq8FdRwCvpiWws7LVhLHGIudL sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.12.1 h1:7YM7gW3kYBwtKvoY216ZzY+8hM+lV53LUayghNRJ0vM= +sigs.k8s.io/kustomize/api v0.12.1/go.mod h1:y3JUhimkZkR6sbLNwfJHxvo1TCLwuwm14sCYnkH6S1s= sigs.k8s.io/kustomize/kyaml v0.13.9 h1:Qz53EAaFFANyNgyOEJbT/yoIHygK40/ZcvU3rgry2Tk= +sigs.k8s.io/kustomize/kyaml v0.13.9/go.mod h1:QsRbD0/KcU+wdk0/L0fIp2KLnohkVzs6fQ85/nOXac4= sigs.k8s.io/mcs-api v0.1.0 h1:edDbg0oRGfXw8TmZjKYep06LcJLv/qcYLidejnUp0PM= +sigs.k8s.io/mcs-api v0.1.0/go.mod h1:gGiAryeFNB4GBsq2LBmVqSgKoobLxt+p7ii/WG5QYYw= sigs.k8s.io/structured-merge-diff/v4 v4.3.0 h1:UZbZAZfX0wV2zr7YZorDz6GXROfDFj6LvqCRm4VUVKk= sigs.k8s.io/structured-merge-diff/v4 v4.3.0/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=