Skip to content

Commit

Permalink
Update for v1 of Kuadrant CRDs
Browse files Browse the repository at this point in the history
Signed-off-by: David Martin <davmarti@redhat.com>
  • Loading branch information
david-martin committed Nov 13, 2024
1 parent b5685c8 commit 8fee8f8
Show file tree
Hide file tree
Showing 13 changed files with 6,551 additions and 1,462 deletions.
8 changes: 4 additions & 4 deletions config/examples/kube-prometheus/bundle.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1491,7 +1491,7 @@ data:
- groupVersionKind:
group: kuadrant.io
kind: "TLSPolicy"
version: "v1alpha1"
version: "v1"
metricNamePrefix: gatewayapi_tlspolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -1544,7 +1544,7 @@ data:
- groupVersionKind:
group: kuadrant.io
kind: "DNSPolicy"
version: "v1alpha1"
version: "v1"
metricNamePrefix: gatewayapi_dnspolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -1597,7 +1597,7 @@ data:
- groupVersionKind:
group: kuadrant.io
kind: "RateLimitPolicy"
version: "v1beta2"
version: "v1"
metricNamePrefix: gatewayapi_ratelimitpolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -1650,7 +1650,7 @@ data:
- groupVersionKind:
group: kuadrant.io
kind: "AuthPolicy"
version: "v1beta2"
version: "v1"
metricNamePrefix: gatewayapi_authpolicy
labelsFromPath:
name:
Expand Down
6,519 changes: 5,489 additions & 1,030 deletions config/kuadrant/crd/kuadrant.io_authpolicies.yaml

Large diffs are not rendered by default.

537 changes: 351 additions & 186 deletions config/kuadrant/crd/kuadrant.io_dnspolicies.yaml

Large diffs are not rendered by default.

511 changes: 379 additions & 132 deletions config/kuadrant/crd/kuadrant.io_ratelimitpolicies.yaml

Large diffs are not rendered by default.

251 changes: 215 additions & 36 deletions config/kuadrant/crd/kuadrant.io_tlspolicies.yaml

Large diffs are not rendered by default.

8 changes: 4 additions & 4 deletions config/kuadrant/custom-resource-state-kuadrant.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
- groupVersionKind:
group: kuadrant.io
kind: "TLSPolicy"
version: "v1alpha1"
version: "v1"
metricNamePrefix: gatewayapi_tlspolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -54,7 +54,7 @@
- groupVersionKind:
group: kuadrant.io
kind: "DNSPolicy"
version: "v1alpha1"
version: "v1"
metricNamePrefix: gatewayapi_dnspolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -107,7 +107,7 @@
- groupVersionKind:
group: kuadrant.io
kind: "RateLimitPolicy"
version: "v1beta2"
version: "v1"
metricNamePrefix: gatewayapi_ratelimitpolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -160,7 +160,7 @@
- groupVersionKind:
group: kuadrant.io
kind: "AuthPolicy"
version: "v1beta2"
version: "v1"
metricNamePrefix: gatewayapi_authpolicy
labelsFromPath:
name:
Expand Down
8 changes: 4 additions & 4 deletions config/kuadrant/custom-resource-state.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -506,7 +506,7 @@ spec:
- groupVersionKind:
group: kuadrant.io
kind: "TLSPolicy"
version: "v1alpha1"
version: "v1"
metricNamePrefix: gatewayapi_tlspolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -559,7 +559,7 @@ spec:
- groupVersionKind:
group: kuadrant.io
kind: "DNSPolicy"
version: "v1alpha1"
version: "v1"
metricNamePrefix: gatewayapi_dnspolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -612,7 +612,7 @@ spec:
- groupVersionKind:
group: kuadrant.io
kind: "RateLimitPolicy"
version: "v1beta2"
version: "v1"
metricNamePrefix: gatewayapi_ratelimitpolicy
labelsFromPath:
name:
Expand Down Expand Up @@ -665,7 +665,7 @@ spec:
- groupVersionKind:
group: kuadrant.io
kind: "AuthPolicy"
version: "v1beta2"
version: "v1"
metricNamePrefix: gatewayapi_authpolicy
labelsFromPath:
name:
Expand Down
102 changes: 62 additions & 40 deletions config/kuadrant/kuadrant.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: kuadrant.io/v1alpha1
apiVersion: kuadrant.io/v1
kind: TLSPolicy
metadata:
name: external
Expand All @@ -20,7 +20,7 @@ status:
status: "True"
type: Ready
---
apiVersion: kuadrant.io/v1alpha1
apiVersion: kuadrant.io/v1
kind: TLSPolicy
metadata:
name: internal
Expand All @@ -42,12 +42,18 @@ status:
status: "True"
type: Ready
---
apiVersion: kuadrant.io/v1alpha1
apiVersion: kuadrant.io/v1
kind: DNSPolicy
metadata:
name: external
namespace: istio-system
spec:
loadBalancing:
defaultGeo: true
geo: US
weight: 120
providerRefs:
- name: aws-credentials
targetRef:
group: gateway.networking.k8s.io
kind: Gateway
Expand All @@ -61,7 +67,7 @@ status:
type: Ready
observedGeneration: 1
---
apiVersion: kuadrant.io/v1beta2
apiVersion: kuadrant.io/v1
kind: RateLimitPolicy
metadata:
name: rlp-www
Expand All @@ -71,11 +77,18 @@ spec:
kind: HTTPRoute
name: www
limits:
"global":
alice-limit:
rates:
- limit: 5
duration: 10
unit: second
- limit: 5
window: 10s
when:
- predicate: auth.identity.userid == 'alice'
bob-limit:
rates:
- limit: 2
window: 10s
when:
- predicate: auth.identity.userid == 'bob'
status:
conditions:
- lastTransitionTime: "2023-08-21T22:53:08Z"
Expand All @@ -84,7 +97,7 @@ status:
status: "True"
type: Available
---
apiVersion: kuadrant.io/v1beta2
apiVersion: kuadrant.io/v1
kind: RateLimitPolicy
metadata:
name: rlp-cdn
Expand All @@ -94,11 +107,18 @@ spec:
kind: HTTPRoute
name: cdn
limits:
"global":
alice-limit:
rates:
- limit: 5
window: 10s
when:
- predicate: auth.identity.userid == 'alice'
bob-limit:
rates:
- limit: 5
duration: 10
unit: second
- limit: 2
window: 10s
when:
- predicate: auth.identity.userid == 'bob'
status:
conditions:
- lastTransitionTime: "2023-08-21T22:53:08Z"
Expand All @@ -107,7 +127,7 @@ status:
status: "True"
type: Available
---
apiVersion: kuadrant.io/v1beta2
apiVersion: kuadrant.io/v1
kind: AuthPolicy
metadata:
name: dashboards-protection
Expand All @@ -118,29 +138,27 @@ spec:
name: dashboards
rules:
authentication:
"keycloak-users":
jwt:
issuerUrl: http://keycloak.example.com
"k8s-service-accounts":
kubernetesTokenReview:
audiences:
- https://kubernetes.example.com
overrides:
"sub":
selector: auth.identity.user.username
authorization:
"k8s-rbac":
kubernetesSubjectAccessReview:
user:
selector: auth.identity.sub
api-key-users:
apiKey:
allNamespaces: true
selector:
matchLabels:
app: toystore
credentials:
authorizationHeader:
prefix: APIKEY
metrics: false
priority: 0
response:
success:
dynamicMetadata:
"identity":
filters:
identity:
json:
properties:
"userid":
selector: auth.identity.sub
userid:
selector: auth.identity.metadata.annotations.secret\.kuadrant\.io/user-id
metrics: false
priority: 0
status:
conditions:
- lastTransitionTime: "2023-08-21T22:53:08Z"
Expand All @@ -149,7 +167,7 @@ status:
status: "True"
type: Available
---
apiVersion: kuadrant.io/v1beta2
apiVersion: kuadrant.io/v1
kind: AuthPolicy
metadata:
name: accounts
Expand All @@ -160,23 +178,27 @@ spec:
name: accounts
rules:
authentication:
"api-key-users":
api-key-users:
apiKey:
allNamespaces: true
selector:
matchLabels:
app: accounts
allNamespaces: true
app: toystore
credentials:
authorizationHeader:
prefix: APIKEY
metrics: false
priority: 0
response:
success:
dynamicMetadata:
"identity":
filters:
identity:
json:
properties:
"userid":
userid:
selector: auth.identity.metadata.annotations.secret\.kuadrant\.io/user-id
metrics: false
priority: 0
status:
conditions:
- lastTransitionTime: "2023-08-21T22:53:08Z"
Expand Down
Loading

0 comments on commit 8fee8f8

Please sign in to comment.