kcr_getambassador_io 3.20260603.195720

Kubernetes Custom Resource Bindings
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178

// WARNING: generated by kopium - manual changes will be overwritten
// kopium command: kopium --docs --derive=Default --derive=PartialEq --smart-derive-elision --filename crd-catalog/emissary-ingress/emissary/getambassador.io/v3alpha1/authservices.yaml
// kopium version: 0.23.0

#[allow(unused_imports)]
mod prelude {
    pub use kube::CustomResource;
    pub use serde::{Serialize, Deserialize};
    pub use std::collections::BTreeMap;
}

use self::prelude::*;

/// AuthServiceSpec defines the desired state of AuthService
#[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
#[kube(group = "getambassador.io", version = "v3alpha1", kind = "AuthService", plural = "authservices")]
#[kube(namespaced)]
#[kube(schema = "disabled")]
#[kube(derive="Default")]
#[kube(derive="PartialEq")]
pub struct AuthServiceSpec {
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub add_auth_headers: Option<BTreeMap<String, String>>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub add_linkerd_headers: Option<bool>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub allow_request_body: Option<bool>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub allowed_authorization_headers: Option<Vec<String>>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub allowed_request_headers: Option<Vec<String>>,
    /// AmbassadorID declares which Ambassador instances should pay
    /// attention to this resource. If no value is provided, the default is:
    /// 
    /// 	ambassador_id:
    /// 	- "default"
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub ambassador_id: Option<Vec<String>>,
    pub auth_service: String,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub circuit_breakers: Option<Vec<AuthServiceCircuitBreakers>>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub failure_mode_allow: Option<bool>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub include_body: Option<AuthServiceIncludeBody>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub path_prefix: Option<String>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub proto: Option<AuthServiceProto>,
    /// ProtocolVersion is the envoy api transport protocol version
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub protocol_version: Option<AuthServiceProtocolVersion>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub stats_name: Option<String>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub status_on_error: Option<AuthServiceStatusOnError>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub timeout_ms: Option<i64>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub tls: Option<String>,
    /// V2ExplicitTLS controls some vanity/stylistic elements when converting
    /// from v3alpha1 to v2.  The values in an V2ExplicitTLS should not in any
    /// way affect the runtime operation of Emissary; except that it may affect
    /// internal names in the Envoy config, which may in turn affect stats
    /// names.  But it should not affect any end-user observable behavior.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "v2ExplicitTLS")]
    pub v2_explicit_tls: Option<AuthServiceV2ExplicitTls>,
}

#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct AuthServiceCircuitBreakers {
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub max_connections: Option<i64>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub max_pending_requests: Option<i64>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub max_requests: Option<i64>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub max_retries: Option<i64>,
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub priority: Option<AuthServiceCircuitBreakersPriority>,
}

#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum AuthServiceCircuitBreakersPriority {
    #[serde(rename = "default")]
    Default,
    #[serde(rename = "high")]
    High,
}

#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct AuthServiceIncludeBody {
    pub allow_partial: bool,
    /// These aren't pointer types because they are required.
    pub max_bytes: i64,
}

/// AuthServiceSpec defines the desired state of AuthService
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum AuthServiceProto {
    #[serde(rename = "http")]
    Http,
    #[serde(rename = "grpc")]
    Grpc,
}

/// AuthServiceSpec defines the desired state of AuthService
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum AuthServiceProtocolVersion {
    #[serde(rename = "v2")]
    V2,
    #[serde(rename = "v3")]
    V3,
}

#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct AuthServiceStatusOnError {
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub code: Option<i64>,
}

/// V2ExplicitTLS controls some vanity/stylistic elements when converting
/// from v3alpha1 to v2.  The values in an V2ExplicitTLS should not in any
/// way affect the runtime operation of Emissary; except that it may affect
/// internal names in the Envoy config, which may in turn affect stats
/// names.  But it should not affect any end-user observable behavior.
#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)]
pub struct AuthServiceV2ExplicitTls {
    /// ServiceScheme specifies how to spell and capitalize the scheme-part of the
    /// service URL.
    /// 
    /// Acceptable values are "<http://"> (case-insensitive), "<https://">
    /// (case-insensitive), or "".  The value is used if it agrees with
    /// whether or not this resource enables TLS origination, or if
    /// something else in the resource overrides the scheme.
    #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceScheme")]
    pub service_scheme: Option<String>,
    /// TLS controls whether and how to represent the "tls" field when
    /// its value could be implied by the "service" field.  In v2, there
    /// were a lot of different ways to spell an "empty" value, and this
    /// field specifies which way to spell it (and will therefore only
    /// be used if the value will indeed be empty).
    /// 
    ///  | Value        | Representation                        | Meaning of representation          |
    ///  |--------------+---------------------------------------+------------------------------------|
    ///  | ""           | omit the field                        | defer to service (no TLSContext)   |
    ///  | "null"       | store an explicit "null" in the field | defer to service (no TLSContext)   |
    ///  | "string"     | store an empty string in the field    | defer to service (no TLSContext)   |
    ///  | "bool:false" | store a Boolean "false" in the field  | defer to service (no TLSContext)   |
    ///  | "bool:true"  | store a Boolean "true" in the field   | originate TLS (no TLSContext)      |
    /// 
    /// If the meaning of the representation contradicts anything else
    /// (if a TLSContext is to be used, or in the case of "bool:true" if
    /// TLS is not to be originated), then this field is ignored.
    #[serde(default, skip_serializing_if = "Option::is_none")]
    pub tls: Option<AuthServiceV2ExplicitTlsTls>,
}

/// V2ExplicitTLS controls some vanity/stylistic elements when converting
/// from v3alpha1 to v2.  The values in an V2ExplicitTLS should not in any
/// way affect the runtime operation of Emissary; except that it may affect
/// internal names in the Envoy config, which may in turn affect stats
/// names.  But it should not affect any end-user observable behavior.
#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)]
pub enum AuthServiceV2ExplicitTlsTls {
    #[serde(rename = "")]
    KopiumEmpty,
    #[serde(rename = "null")]
    Null,
    #[serde(rename = "bool:true")]
    BoolTrue,
    #[serde(rename = "bool:false")]
    BoolFalse,
    #[serde(rename = "string")]
    String,
}