generated from kubernetes/kubernetes-template-project
-
Notifications
You must be signed in to change notification settings - Fork 433
/
gateway.networking.k8s.io_referencepolicies.yaml
154 lines (154 loc) · 7.12 KB
/
gateway.networking.k8s.io_referencepolicies.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes-sigs/gateway-api/pull/1086
gateway.networking.k8s.io/bundle-version: v0.6.0-dev
gateway.networking.k8s.io/channel: experimental
creationTimestamp: null
name: referencepolicies.gateway.networking.k8s.io
spec:
group: gateway.networking.k8s.io
names:
categories:
- gateway-api
kind: ReferencePolicy
listKind: ReferencePolicyList
plural: referencepolicies
shortNames:
- refpol
singular: referencepolicy
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
deprecated: true
deprecationWarning: ReferencePolicy has been renamed to ReferenceGrant. ReferencePolicy
will be removed in v0.6.0 in favor of the identical ReferenceGrant resource.
name: v1alpha2
schema:
openAPIV3Schema:
description: "ReferencePolicy identifies kinds of resources in other namespaces
that are trusted to reference the specified kinds of resources in the same
namespace as the policy. \n Note: This resource has been renamed to ReferenceGrant.
ReferencePolicy will be removed in v0.6.0 in favor of the identical ReferenceGrant
resource. \n Each ReferencePolicy can be used to represent a unique trust
relationship. Additional Reference Policies can be used to add to the set
of trusted sources of inbound references for the namespace they are defined
within. \n All cross-namespace references in Gateway API (with the exception
of cross-namespace Gateway-route attachment) require a ReferenceGrant. \n
Support: Core"
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec defines the desired state of ReferencePolicy.
properties:
from:
description: "From describes the trusted namespaces and kinds that
can reference the resources described in \"To\". Each entry in this
list must be considered to be an additional place that references
can be valid from, or to put this another way, entries must be combined
using OR. \n Support: Core"
items:
description: ReferenceGrantFrom describes trusted namespaces and
kinds.
properties:
group:
description: "Group is the group of the referent. When empty,
the Kubernetes core API group is inferred. \n Support: Core"
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: "Kind is the kind of the referent. Although implementations
may support additional resources, the following types are
part of the \"Core\" support level for this field. \n When
used to permit a SecretObjectReference: \n * Gateway \n When
used to permit a BackendObjectReference: \n * HTTPRoute *
TCPRoute * TLSRoute * UDPRoute"
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
namespace:
description: "Namespace is the namespace of the referent. \n
Support: Core"
maxLength: 63
minLength: 1
pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$
type: string
required:
- group
- kind
- namespace
type: object
maxItems: 16
minItems: 1
type: array
to:
description: "To describes the resources that may be referenced by
the resources described in \"From\". Each entry in this list must
be considered to be an additional place that references can be valid
to, or to put this another way, entries must be combined using OR.
\n Support: Core"
items:
description: ReferenceGrantTo describes what Kinds are allowed as
targets of the references.
properties:
group:
description: "Group is the group of the referent. When empty,
the Kubernetes core API group is inferred. \n Support: Core"
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: "Kind is the kind of the referent. Although implementations
may support additional resources, the following types are
part of the \"Core\" support level for this field: \n * Secret
when used to permit a SecretObjectReference * Service when
used to permit a BackendObjectReference"
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
name:
description: Name is the name of the referent. When unspecified,
this policy refers to all resources of the specified Group
and Kind in the local namespace.
maxLength: 253
minLength: 1
type: string
required:
- group
- kind
type: object
maxItems: 16
minItems: 1
type: array
required:
- from
- to
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []