From aab9f49e53b148cea6ba4fb82fccf564a4a9ea4d Mon Sep 17 00:00:00 2001 From: Nathan Coleman Date: Mon, 31 Oct 2022 11:23:43 -0400 Subject: [PATCH] Add ReferenceGrant examples for standard API --- examples/standard/reference-grant.yaml | 15 ++++++++ .../standard/tls-cert-cross-namespace.yaml | 34 +++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 examples/standard/reference-grant.yaml create mode 100644 examples/standard/tls-cert-cross-namespace.yaml diff --git a/examples/standard/reference-grant.yaml b/examples/standard/reference-grant.yaml new file mode 100644 index 0000000000..0cad84bdcd --- /dev/null +++ b/examples/standard/reference-grant.yaml @@ -0,0 +1,15 @@ +#$ Used in: +#$ - site-src/concepts/security-model.md +#$ - site-src/blog/2021/introducing-v1alpha2.md +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: ReferenceGrant +metadata: + name: allow-prod-traffic +spec: + from: + - group: gateway.networking.k8s.io + kind: HTTPRoute + namespace: prod + to: + - group: "" + kind: Service diff --git a/examples/standard/tls-cert-cross-namespace.yaml b/examples/standard/tls-cert-cross-namespace.yaml new file mode 100644 index 0000000000..4af79c1202 --- /dev/null +++ b/examples/standard/tls-cert-cross-namespace.yaml @@ -0,0 +1,34 @@ +#$ Used in: +#$ - site-src/v1alpha2/guides/tls.md +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: Gateway +metadata: + name: cross-namespace-tls-gateway + namespace: gateway-api-example-ns1 +spec: + gatewayClassName: acme-lb + listeners: + - name: https + protocol: HTTPS + port: 443 + hostname: "*.example.com" + tls: + certificateRefs: + - kind: Secret + group: "" + name: wildcard-example-com-cert + namespace: gateway-api-example-ns2 +--- +apiVersion: gateway.networking.k8s.io/v1beta1 +kind: ReferenceGrant +metadata: + name: allow-ns1-gateways-to-ref-secrets + namespace: gateway-api-example-ns2 +spec: + from: + - group: gateway.networking.k8s.io + kind: Gateway + namespace: gateway-api-example-ns1 + to: + - group: "" + kind: Secret