146 lines
6.4 KiB
YAML
146 lines
6.4 KiB
YAML
|
|
||
|
---
|
||
|
apiVersion: apiextensions.k8s.io/v1
|
||
|
kind: CustomResourceDefinition
|
||
|
metadata:
|
||
|
annotations:
|
||
|
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/891
|
||
|
creationTimestamp: null
|
||
|
name: referencepolicies.gateway.networking.k8s.io
|
||
|
spec:
|
||
|
group: gateway.networking.k8s.io
|
||
|
names:
|
||
|
categories:
|
||
|
- gateway-api
|
||
|
kind: ReferencePolicy
|
||
|
listKind: ReferencePolicyList
|
||
|
plural: referencepolicies
|
||
|
shortNames:
|
||
|
- refpol
|
||
|
singular: referencepolicy
|
||
|
scope: Namespaced
|
||
|
versions:
|
||
|
- additionalPrinterColumns:
|
||
|
- jsonPath: .metadata.creationTimestamp
|
||
|
name: Age
|
||
|
type: date
|
||
|
name: v1alpha2
|
||
|
schema:
|
||
|
openAPIV3Schema:
|
||
|
description: "ReferencePolicy identifies kinds of resources in other namespaces
|
||
|
that are trusted to reference the specified kinds of resources in the same
|
||
|
namespace as the policy. \n Each ReferencePolicy can be used to represent
|
||
|
a unique trust relationship. Additional Reference Policies can be used to
|
||
|
add to the set of trusted sources of inbound references for the namespace
|
||
|
they are defined within. \n All cross-namespace references in Gateway API
|
||
|
(with the exception of cross-namespace Gateway-route attachment) require
|
||
|
a ReferencePolicy. \n Support: Core"
|
||
|
properties:
|
||
|
apiVersion:
|
||
|
description: 'APIVersion defines the versioned schema of this representation
|
||
|
of an object. Servers should convert recognized schemas to the latest
|
||
|
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||
|
type: string
|
||
|
kind:
|
||
|
description: 'Kind is a string value representing the REST resource this
|
||
|
object represents. Servers may infer this from the endpoint the client
|
||
|
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||
|
type: string
|
||
|
metadata:
|
||
|
type: object
|
||
|
spec:
|
||
|
description: Spec defines the desired state of ReferencePolicy.
|
||
|
properties:
|
||
|
from:
|
||
|
description: "From describes the trusted namespaces and kinds that
|
||
|
can reference the resources described in \"To\". Each entry in this
|
||
|
list must be considered to be an additional place that references
|
||
|
can be valid from, or to put this another way, entries must be combined
|
||
|
using OR. \n Support: Core"
|
||
|
items:
|
||
|
description: ReferencePolicyFrom describes trusted namespaces and
|
||
|
kinds.
|
||
|
properties:
|
||
|
group:
|
||
|
description: "Group is the group of the referent. When empty,
|
||
|
the Kubernetes core API group is inferred. \n Support: Core"
|
||
|
maxLength: 253
|
||
|
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
||
|
type: string
|
||
|
kind:
|
||
|
description: "Kind is the kind of the referent. Although implementations
|
||
|
may support additional resources, the following Route types
|
||
|
are part of the \"Core\" support level for this field: \n
|
||
|
* HTTPRoute * TCPRoute * TLSRoute * UDPRoute"
|
||
|
maxLength: 63
|
||
|
minLength: 1
|
||
|
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
||
|
type: string
|
||
|
namespace:
|
||
|
description: "Namespace is the namespace of the referent. \n
|
||
|
Support: Core"
|
||
|
maxLength: 63
|
||
|
minLength: 1
|
||
|
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
|
||
|
type: string
|
||
|
required:
|
||
|
- group
|
||
|
- kind
|
||
|
- namespace
|
||
|
type: object
|
||
|
maxItems: 16
|
||
|
minItems: 1
|
||
|
type: array
|
||
|
to:
|
||
|
description: "To describes the resources that may be referenced by
|
||
|
the resources described in \"From\". Each entry in this list must
|
||
|
be considered to be an additional place that references can be valid
|
||
|
to, or to put this another way, entries must be combined using OR.
|
||
|
\n Support: Core"
|
||
|
items:
|
||
|
description: ReferencePolicyTo describes what Kinds are allowed
|
||
|
as targets of the references.
|
||
|
properties:
|
||
|
group:
|
||
|
description: "Group is the group of the referent. When empty,
|
||
|
the Kubernetes core API group is inferred. \n Support: Core"
|
||
|
maxLength: 253
|
||
|
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
|
||
|
type: string
|
||
|
kind:
|
||
|
description: "Kind is the kind of the referent. Although implementations
|
||
|
may support additional resources, the following types are
|
||
|
part of the \"Core\" support level for this field: \n * Service"
|
||
|
maxLength: 63
|
||
|
minLength: 1
|
||
|
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
|
||
|
type: string
|
||
|
name:
|
||
|
description: Name is the name of the referent. When unspecified
|
||
|
or empty, this policy refers to all resources of the specified
|
||
|
Group and Kind in the local namespace.
|
||
|
maxLength: 253
|
||
|
minLength: 1
|
||
|
type: string
|
||
|
required:
|
||
|
- group
|
||
|
- kind
|
||
|
type: object
|
||
|
maxItems: 16
|
||
|
minItems: 1
|
||
|
type: array
|
||
|
required:
|
||
|
- from
|
||
|
- to
|
||
|
type: object
|
||
|
type: object
|
||
|
served: true
|
||
|
storage: true
|
||
|
subresources: {}
|
||
|
status:
|
||
|
acceptedNames:
|
||
|
kind: ""
|
||
|
plural: ""
|
||
|
conditions: []
|
||
|
storedVersions: []
|