diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go index fd8dba47c..3d54654e5 100644 --- a/api/v1beta1/zz_generated.deepcopy.go +++ b/api/v1beta1/zz_generated.deepcopy.go @@ -21,12 +21,98 @@ limitations under the License. package v1beta1 import ( + apiv1beta1 "github.com/kuadrant/authorino-operator/api/v1beta1" "github.com/kuadrant/limitador-operator/api/v1alpha1" "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthorinoListener) DeepCopyInto(out *AuthorinoListener) { + *out = *in + if in.Ports != nil { + in, out := &in.Ports, &out.Ports + *out = new(apiv1beta1.Ports) + (*in).DeepCopyInto(*out) + } + if in.TLS != nil { + in, out := &in.TLS, &out.TLS + *out = new(apiv1beta1.Tls) + (*in).DeepCopyInto(*out) + } + if in.Timeout != nil { + in, out := &in.Timeout, &out.Timeout + *out = new(int) + **out = **in + } + if in.MaxHTTPRequestBodySize != nil { + in, out := &in.MaxHTTPRequestBodySize, &out.MaxHTTPRequestBodySize + *out = new(int) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorinoListener. +func (in *AuthorinoListener) DeepCopy() *AuthorinoListener { + if in == nil { + return nil + } + out := new(AuthorinoListener) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AuthorinoSpec) DeepCopyInto(out *AuthorinoSpec) { + *out = *in + if in.EvaluatorCacheSize != nil { + in, out := &in.EvaluatorCacheSize, &out.EvaluatorCacheSize + *out = new(int) + **out = **in + } + if in.Listener != nil { + in, out := &in.Listener, &out.Listener + *out = new(AuthorinoListener) + (*in).DeepCopyInto(*out) + } + if in.Metrics != nil { + in, out := &in.Metrics, &out.Metrics + *out = new(apiv1beta1.Metrics) + (*in).DeepCopyInto(*out) + } + if in.OIDCServer != nil { + in, out := &in.OIDCServer, &out.OIDCServer + *out = new(apiv1beta1.OIDCServer) + (*in).DeepCopyInto(*out) + } + if in.Replicas != nil { + in, out := &in.Replicas, &out.Replicas + *out = new(int32) + **out = **in + } + if in.Tracing != nil { + in, out := &in.Tracing, &out.Tracing + *out = new(apiv1beta1.Tracing) + (*in).DeepCopyInto(*out) + } + if in.Volumes != nil { + in, out := &in.Volumes, &out.Volumes + *out = new(apiv1beta1.VolumesSpec) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthorinoSpec. +func (in *AuthorinoSpec) DeepCopy() *AuthorinoSpec { + if in == nil { + return nil + } + out := new(AuthorinoSpec) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Kuadrant) DeepCopyInto(out *Kuadrant) { *out = *in @@ -89,6 +175,11 @@ func (in *KuadrantList) DeepCopyObject() runtime.Object { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *KuadrantSpec) DeepCopyInto(out *KuadrantSpec) { *out = *in + if in.Authorino != nil { + in, out := &in.Authorino, &out.Authorino + *out = new(AuthorinoSpec) + (*in).DeepCopyInto(*out) + } if in.Limitador != nil { in, out := &in.Limitador, &out.Limitador *out = new(LimitadorSpec) diff --git a/bundle/manifests/kuadrant.io_kuadrants.yaml b/bundle/manifests/kuadrant.io_kuadrants.yaml index f48c64de1..54e2b0977 100644 --- a/bundle/manifests/kuadrant.io_kuadrants.yaml +++ b/bundle/manifests/kuadrant.io_kuadrants.yaml @@ -50,6 +50,164 @@ spec: spec: description: KuadrantSpec defines the desired state of Kuadrant properties: + authorino: + properties: + evaluatorCacheSize: + type: integer + listener: + properties: + maxHttpRequestBodySize: + description: Maximum payload (request body) size for the auth + service (HTTP interface), in bytes. + type: integer + ports: + description: Port numbers of the GRPC and HTTP auth interfaces. + properties: + grpc: + format: int32 + type: integer + http: + format: int32 + type: integer + type: object + timeout: + description: Timeout of the auth service (GRPC and HTTP interfaces), + in milliseconds. + type: integer + tls: + description: TLS configuration of the auth service (GRPC and + HTTP interfaces). + properties: + certSecretRef: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + enabled: + type: boolean + type: object + required: + - tls + type: object + metrics: + properties: + deep: + type: boolean + port: + format: int32 + type: integer + type: object + oidcServer: + properties: + port: + format: int32 + type: integer + tls: + properties: + certSecretRef: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + enabled: + type: boolean + type: object + required: + - tls + type: object + replicas: + format: int32 + type: integer + tracing: + properties: + endpoint: + type: string + tags: + additionalProperties: + type: string + type: object + required: + - endpoint + type: object + volumes: + properties: + defaultMode: + description: Permissions mode. + format: int32 + type: integer + items: + items: + properties: + configMaps: + description: Allow multiple configmaps to mount to the + same directory + items: + type: string + type: array + items: + description: Mount details + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + mountPath: + description: An absolute path where to mount it + type: string + name: + description: Volume name + type: string + secrets: + description: Secret mount + items: + type: string + type: array + required: + - mountPath + type: object + type: array + type: object + type: object limitador: properties: affinity: diff --git a/config/crd/bases/kuadrant.io_kuadrants.yaml b/config/crd/bases/kuadrant.io_kuadrants.yaml index 04f7eeff7..9cec12dc6 100644 --- a/config/crd/bases/kuadrant.io_kuadrants.yaml +++ b/config/crd/bases/kuadrant.io_kuadrants.yaml @@ -48,6 +48,164 @@ spec: spec: description: KuadrantSpec defines the desired state of Kuadrant properties: + authorino: + properties: + evaluatorCacheSize: + type: integer + listener: + properties: + maxHttpRequestBodySize: + description: Maximum payload (request body) size for the auth + service (HTTP interface), in bytes. + type: integer + ports: + description: Port numbers of the GRPC and HTTP auth interfaces. + properties: + grpc: + format: int32 + type: integer + http: + format: int32 + type: integer + type: object + timeout: + description: Timeout of the auth service (GRPC and HTTP interfaces), + in milliseconds. + type: integer + tls: + description: TLS configuration of the auth service (GRPC and + HTTP interfaces). + properties: + certSecretRef: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + enabled: + type: boolean + type: object + required: + - tls + type: object + metrics: + properties: + deep: + type: boolean + port: + format: int32 + type: integer + type: object + oidcServer: + properties: + port: + format: int32 + type: integer + tls: + properties: + certSecretRef: + description: |- + LocalObjectReference contains enough information to let you locate the + referenced object inside the same namespace. + properties: + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + type: object + x-kubernetes-map-type: atomic + enabled: + type: boolean + type: object + required: + - tls + type: object + replicas: + format: int32 + type: integer + tracing: + properties: + endpoint: + type: string + tags: + additionalProperties: + type: string + type: object + required: + - endpoint + type: object + volumes: + properties: + defaultMode: + description: Permissions mode. + format: int32 + type: integer + items: + items: + properties: + configMaps: + description: Allow multiple configmaps to mount to the + same directory + items: + type: string + type: array + items: + description: Mount details + items: + description: Maps a string key to a path within a + volume. + properties: + key: + description: key is the key to project. + type: string + mode: + description: |- + mode is Optional: mode bits used to set permissions on this file. + Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. + If not specified, the volume defaultMode will be used. + This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + path: + description: |- + path is the relative path of the file to map the key to. + May not be an absolute path. + May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + mountPath: + description: An absolute path where to mount it + type: string + name: + description: Volume name + type: string + secrets: + description: Secret mount + items: + type: string + type: array + required: + - mountPath + type: object + type: array + type: object + type: object limitador: properties: affinity: diff --git a/controllers/kuadrant_controller.go b/controllers/kuadrant_controller.go index 09a167c90..9d5ab53e2 100644 --- a/controllers/kuadrant_controller.go +++ b/controllers/kuadrant_controller.go @@ -31,11 +31,9 @@ import ( limitadorv1alpha1 "github.com/kuadrant/limitador-operator/api/v1alpha1" iopv1alpha1 "istio.io/istio/operator/pkg/apis/istio/v1alpha1" appsv1 "k8s.io/api/apps/v1" - corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" apimeta "k8s.io/apimachinery/pkg/api/meta" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/utils/env" istiov1alpha1 "maistra.io/istio-operator/api/v1alpha1" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" @@ -46,7 +44,6 @@ import ( kuadrantv1beta1 "github.com/kuadrant/kuadrant-operator/api/v1beta1" "github.com/kuadrant/kuadrant-operator/pkg/common" "github.com/kuadrant/kuadrant-operator/pkg/istio" - "github.com/kuadrant/kuadrant-operator/pkg/kuadranttools" "github.com/kuadrant/kuadrant-operator/pkg/library/reconcilers" "github.com/kuadrant/kuadrant-operator/pkg/log" ) diff --git a/pkg/common/common.go b/pkg/common/common.go index 86d8264e3..817d072cc 100644 --- a/pkg/common/common.go +++ b/pkg/common/common.go @@ -31,7 +31,7 @@ const ( AuthPolicyBackRefAnnotation = "kuadrant.io/authpolicy" NamespaceSeparator = '/' LimitadorName = "limitador" - AuthorinoName = "authorino" + AuthorinoName = "authorino" ) // MergeMapStringString Merge desired into existing.