k8s_gateway_api/exp/
referencegrant.rs

1use crate::*;
2
3/// ReferenceGrant identifies kinds of resources in other namespaces that are
4/// trusted to reference the specified kinds of resources in the same namespace
5/// as the policy.
6///
7/// Each ReferenceGrant can be used to represent a unique trust relationship.
8/// Additional Reference Policies can be used to add to the set of trusted
9/// sources of inbound references for the namespace they are defined within.
10///
11/// All cross-namespace references in Gateway API (with the exception of
12/// cross-namespace Gateway-route attachment) require a ReferenceGrant.
13#[derive(Clone, Debug, serde::Deserialize, serde::Serialize, schemars::JsonSchema)]
14pub struct ReferenceGrant {
15    /// From describes the trusted namespaces and kinds that can reference the
16    /// resources described in "To". Each entry in this list must be considered
17    /// to be an additional place that references can be valid from, or to put
18    /// this another way, entries must be combined using OR.
19    ///
20    /// Support: Core
21    pub from: Vec<ReferenceGrantFrom>,
22
23    /// To describes the resources that may be referenced by the resources
24    /// described in "From". Each entry in this list must be considered to be an
25    /// additional place that references can be valid to, or to put this another
26    /// way, entries must be combined using OR.
27    ///
28    /// Support: Core
29    pub to: Vec<ReferenceGrantFrom>,
30}
31
32/// ReferenceGrantFrom describes trusted namespaces and kinds.
33#[derive(Clone, Debug, serde::Deserialize, serde::Serialize, schemars::JsonSchema)]
34pub struct ReferenceGrantFrom {
35    /// Group is the group of the referent.
36    ///
37    /// When empty, the Kubernetes core API group is inferred.
38    ///
39    /// Support: Core
40    pub group: Group,
41
42    /// Kind is the kind of the referent. Although implementations may support
43    /// additional resources, the following Route types are part of the "Core"
44    /// support level for this field:
45    ///
46    /// * HTTPRoute
47    /// * TCPRoute
48    /// * TLSRoute
49    /// * UDPRoute
50    pub kind: Kind,
51
52    /// Namespace is the namespace of the referent.
53    ///
54    /// Support: Core
55    pub namespace: Namespace,
56}
57
58/// ReferenceGrantTo describes what Kinds are allowed as targets of the
59/// references.
60#[derive(Clone, Debug, serde::Deserialize, serde::Serialize, schemars::JsonSchema)]
61pub struct ReferenceGrantTo {
62    /// Group is the group of the referent.
63    /// When empty, the Kubernetes core API group is inferred.
64    ///
65    /// Support: Core
66    pub group: Group,
67
68    /// Kind is the kind of the referent. Although implementations may support
69    /// additional resources, the following types are part of the "Core" support
70    /// level for this field:
71    ///
72    /// * Service
73    pub kind: Kind,
74
75    /// Name is the name of the referent. When unspecified, this policy
76    /// refers to all resources of the specified Group and Kind in the local
77    /// namespace.
78    pub name: Option<ObjectName>,
79}