From 6c1421bf2f4ccbd96d14eb49ed9438bbf9bef800 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Grzegorz=20Burzy=C5=84ski?= Date: Mon, 19 Feb 2024 13:34:33 +0100 Subject: [PATCH] feat: bump KIC to 3.1, update CRDs and bump Kong to 3.6 (#1011) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Patryk Małek --- charts/kong/CHANGELOG.md | 9 + charts/kong/Chart.yaml | 4 +- .../admin-api-service-clusterip-values.snap | 34 +- .../__snapshots__/custom-labels-values.snap | 96 +- .../kong/ci/__snapshots__/default-values.snap | 96 +- .../__snapshots__/kong-ingress-1-values.snap | 100 +- .../__snapshots__/kong-ingress-2-values.snap | 100 +- .../__snapshots__/kong-ingress-3-values.snap | 100 +- .../__snapshots__/kong-ingress-4-values.snap | 100 +- .../kong-ingress-5-3.1-rbac-values.snap | 62 +- .../ci/__snapshots__/service-account.snap | 96 +- .../single-image-default-values.snap | 90 +- ...est-enterprise-version-3.4.0.0-values.snap | 22 +- .../kong/ci/__snapshots__/test1-values.snap | 104 +- .../kong/ci/__snapshots__/test2-values.snap | 150 +- .../kong/ci/__snapshots__/test3-values.snap | 30 +- .../kong/ci/__snapshots__/test4-values.snap | 34 +- .../kong/ci/__snapshots__/test5-values.snap | 142 +- .../crds/custom-resource-definitions.yaml | 1950 +++++++++++++---- charts/kong/values.yaml | 4 +- 20 files changed, 2349 insertions(+), 974 deletions(-) diff --git a/charts/kong/CHANGELOG.md b/charts/kong/CHANGELOG.md index 410dc2db9..032ade8e7 100644 --- a/charts/kong/CHANGELOG.md +++ b/charts/kong/CHANGELOG.md @@ -1,5 +1,14 @@ # Changelog +## 2.37.0 + +### Changes + +* Bumped default `kong/kubernetes-ingress-controller` image tag and updated CRDs to 3.1. + [#1011](https://github.com/Kong/charts/pull/1011) +* Bumped default `kong` image tag to 3.6. + [#1011](https://github.com/Kong/charts/pull/1011) + ## 2.36.0 ### Fixed diff --git a/charts/kong/Chart.yaml b/charts/kong/Chart.yaml index 81c941976..5ba8847d1 100644 --- a/charts/kong/Chart.yaml +++ b/charts/kong/Chart.yaml @@ -8,8 +8,8 @@ maintainers: name: kong sources: - https://github.com/Kong/charts/tree/main/charts/kong -version: 2.36.0 -appVersion: "3.5" +version: 2.37.0 +appVersion: "3.6" dependencies: - name: postgresql version: 11.9.13 diff --git a/charts/kong/ci/__snapshots__/admin-api-service-clusterip-values.snap b/charts/kong/ci/__snapshots__/admin-api-service-clusterip-values.snap index c72175dd3..ef15283ec 100644 --- a/charts/kong/ci/__snapshots__/admin-api-service-clusterip-values.snap +++ b/charts/kong/ci/__snapshots__/admin-api-service-clusterip-values.snap @@ -9,8 +9,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -33,9 +33,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -90,7 +90,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -205,7 +205,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -274,8 +274,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-custom-dbless-config namespace: default - object: @@ -286,8 +286,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-admin namespace: default spec: @@ -309,8 +309,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -336,9 +336,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -364,8 +364,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/custom-labels-values.snap b/charts/kong/ci/__snapshots__/custom-labels-values.snap index 25e052ac7..6053c1bc1 100644 --- a/charts/kong/ci/__snapshots__/custom-labels-values.snap +++ b/charts/kong/ci/__snapshots__/custom-labels-values.snap @@ -9,8 +9,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -84,8 +84,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -108,9 +108,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -138,7 +138,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -240,7 +240,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -350,7 +350,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -408,8 +408,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -617,6 +617,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -657,8 +689,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -677,8 +709,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -742,8 +774,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -766,8 +798,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -783,8 +815,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -797,8 +829,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -825,9 +857,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -854,8 +886,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -870,8 +902,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -881,8 +913,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/default-values.snap b/charts/kong/ci/__snapshots__/default-values.snap index 69e476850..5a45331ea 100644 --- a/charts/kong/ci/__snapshots__/default-values.snap +++ b/charts/kong/ci/__snapshots__/default-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -137,7 +137,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -241,7 +241,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -353,7 +353,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -410,8 +410,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -619,6 +619,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -658,8 +690,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -677,8 +709,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -741,8 +773,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -764,8 +796,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -780,8 +812,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -793,8 +825,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -820,9 +852,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -848,8 +880,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -863,8 +895,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -873,8 +905,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/kong-ingress-1-values.snap b/charts/kong/ci/__snapshots__/kong-ingress-1-values.snap index d8afd9d75..6dee3c506 100644 --- a/charts/kong/ci/__snapshots__/kong-ingress-1-values.snap +++ b/charts/kong/ci/__snapshots__/kong-ingress-1-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -135,7 +135,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -237,7 +237,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -347,7 +347,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -404,8 +404,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -430,8 +430,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -639,6 +639,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -678,8 +710,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -697,8 +729,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -761,8 +793,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -784,8 +816,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -800,8 +832,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -822,8 +854,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -849,9 +881,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -877,8 +909,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -892,8 +924,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -902,8 +934,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/kong-ingress-2-values.snap b/charts/kong/ci/__snapshots__/kong-ingress-2-values.snap index 62584f64e..addd4beb6 100644 --- a/charts/kong/ci/__snapshots__/kong-ingress-2-values.snap +++ b/charts/kong/ci/__snapshots__/kong-ingress-2-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -135,7 +135,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -237,7 +237,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -347,7 +347,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -404,8 +404,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -432,8 +432,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -641,6 +641,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -680,8 +712,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -699,8 +731,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -763,8 +795,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -786,8 +818,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -802,8 +834,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -824,8 +856,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -851,9 +883,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -879,8 +911,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -894,8 +926,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -904,8 +936,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/kong-ingress-3-values.snap b/charts/kong/ci/__snapshots__/kong-ingress-3-values.snap index a6d79ee59..ab6ef8fb7 100644 --- a/charts/kong/ci/__snapshots__/kong-ingress-3-values.snap +++ b/charts/kong/ci/__snapshots__/kong-ingress-3-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -135,7 +135,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -237,7 +237,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -347,7 +347,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -404,8 +404,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -428,8 +428,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -637,6 +637,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -676,8 +708,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -695,8 +727,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -759,8 +791,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -782,8 +814,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -798,8 +830,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -811,8 +843,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -838,9 +870,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -866,8 +898,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -881,8 +913,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -891,8 +923,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/kong-ingress-4-values.snap b/charts/kong/ci/__snapshots__/kong-ingress-4-values.snap index 7f754abff..e5e09ace7 100644 --- a/charts/kong/ci/__snapshots__/kong-ingress-4-values.snap +++ b/charts/kong/ci/__snapshots__/kong-ingress-4-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -135,7 +135,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -237,7 +237,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -347,7 +347,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -404,8 +404,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -463,8 +463,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -672,6 +672,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -711,8 +743,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -730,8 +762,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -794,8 +826,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -817,8 +849,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -833,8 +865,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -864,8 +896,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -891,9 +923,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -919,8 +951,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -934,8 +966,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -944,8 +976,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/kong-ingress-5-3.1-rbac-values.snap b/charts/kong/ci/__snapshots__/kong-ingress-5-3.1-rbac-values.snap index 3a5b09a5b..3b8004479 100644 --- a/charts/kong/ci/__snapshots__/kong-ingress-5-3.1-rbac-values.snap +++ b/charts/kong/ci/__snapshots__/kong-ingress-5-3.1-rbac-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -241,7 +241,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -353,7 +353,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -410,8 +410,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -690,8 +690,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -709,8 +709,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -773,8 +773,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -796,8 +796,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -812,8 +812,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -825,8 +825,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -852,9 +852,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -880,8 +880,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -895,8 +895,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -905,8 +905,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/service-account.snap b/charts/kong/ci/__snapshots__/service-account.snap index 8192a6dd8..33761b2cb 100644 --- a/charts/kong/ci/__snapshots__/service-account.snap +++ b/charts/kong/ci/__snapshots__/service-account.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -135,7 +135,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -237,7 +237,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -347,7 +347,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -404,8 +404,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -613,6 +613,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -652,8 +684,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -671,8 +703,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -735,8 +767,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -758,8 +790,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -774,8 +806,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -787,8 +819,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -814,9 +846,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -842,8 +874,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -857,8 +889,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -867,8 +899,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: my-kong-sa namespace: default """ diff --git a/charts/kong/ci/__snapshots__/single-image-default-values.snap b/charts/kong/ci/__snapshots__/single-image-default-values.snap index dd02ebf08..060cc6784 100644 --- a/charts/kong/ci/__snapshots__/single-image-default-values.snap +++ b/charts/kong/ci/__snapshots__/single-image-default-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -105,9 +105,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -410,8 +410,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -619,6 +619,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -658,8 +690,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -677,8 +709,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -741,8 +773,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -764,8 +796,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -780,8 +812,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -793,8 +825,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -820,9 +852,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -848,8 +880,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -863,8 +895,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -873,8 +905,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/test-enterprise-version-3.4.0.0-values.snap b/charts/kong/ci/__snapshots__/test-enterprise-version-3.4.0.0-values.snap index c8d5ad2a0..12ca0f7aa 100644 --- a/charts/kong/ci/__snapshots__/test-enterprise-version-3.4.0.0-values.snap +++ b/charts/kong/ci/__snapshots__/test-enterprise-version-3.4.0.0-values.snap @@ -9,8 +9,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -32,9 +32,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -249,8 +249,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -276,9 +276,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -304,8 +304,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/test1-values.snap b/charts/kong/ci/__snapshots__/test1-values.snap index 841e410a9..571e8e99a 100644 --- a/charts/kong/ci/__snapshots__/test1-values.snap +++ b/charts/kong/ci/__snapshots__/test1-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -104,10 +104,10 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" environment: test - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -139,7 +139,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -252,7 +252,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -370,7 +370,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -447,8 +447,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -473,8 +473,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -497,8 +497,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -706,6 +706,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -745,8 +777,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -764,8 +796,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -828,8 +860,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -851,8 +883,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -867,8 +899,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -880,8 +912,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -907,9 +939,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -935,8 +967,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -950,8 +982,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: ServiceAccount @@ -960,8 +992,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/test2-values.snap b/charts/kong/ci/__snapshots__/test2-values.snap index 823d98751..78a01b4d6 100644 --- a/charts/kong/ci/__snapshots__/test2-values.snap +++ b/charts/kong/ci/__snapshots__/test2-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -83,8 +83,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -111,9 +111,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -150,7 +150,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -270,7 +270,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -404,7 +404,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -507,7 +507,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-db resources: {} @@ -724,8 +724,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-init-migrations namespace: default spec: @@ -740,8 +740,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: kong-init-migrations spec: automountServiceAccountToken: false @@ -819,7 +819,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: kong-migrations resources: {} @@ -924,7 +924,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-postgres resources: {} @@ -977,8 +977,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-post-upgrade-migrations namespace: default spec: @@ -993,8 +993,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: kong-post-upgrade-migrations spec: automountServiceAccountToken: false @@ -1072,7 +1072,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: kong-post-upgrade-migrations resources: {} @@ -1177,7 +1177,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-postgres resources: {} @@ -1232,8 +1232,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-pre-upgrade-migrations namespace: default spec: @@ -1248,8 +1248,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: kong-pre-upgrade-migrations spec: automountServiceAccountToken: false @@ -1327,7 +1327,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: kong-upgrade-migrations resources: {} @@ -1432,7 +1432,7 @@ SnapShot = """ envFrom: - configMapRef: name: env-config - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-postgres resources: {} @@ -1481,8 +1481,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -1505,10 +1505,26 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -1548,8 +1564,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -1567,8 +1583,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -1631,8 +1647,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-default namespace: default rules: @@ -1841,6 +1857,22 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update - object: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -1849,8 +1881,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -1869,8 +1901,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-default namespace: default roleRef: @@ -1895,8 +1927,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-bash-wait-for-postgres namespace: default - object: @@ -1917,8 +1949,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -1933,8 +1965,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -1961,8 +1993,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -1988,9 +2020,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -2024,8 +2056,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -2039,8 +2071,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: Service @@ -2099,8 +2131,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/test3-values.snap b/charts/kong/ci/__snapshots__/test3-values.snap index 22448a261..6636aeacb 100644 --- a/charts/kong/ci/__snapshots__/test3-values.snap +++ b/charts/kong/ci/__snapshots__/test3-values.snap @@ -9,8 +9,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -33,9 +33,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -92,7 +92,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -208,7 +208,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -295,8 +295,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-custom-dbless-config namespace: default - object: @@ -307,8 +307,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -334,9 +334,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -362,8 +362,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/test4-values.snap b/charts/kong/ci/__snapshots__/test4-values.snap index 9a2b7fcd4..41ebefdcc 100644 --- a/charts/kong/ci/__snapshots__/test4-values.snap +++ b/charts/kong/ci/__snapshots__/test4-values.snap @@ -9,8 +9,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -33,9 +33,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -92,7 +92,7 @@ SnapShot = """ value: 0.0.0.0:9000, [::]:9000, 0.0.0.0:9001 ssl, [::]:9001 ssl - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -212,7 +212,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: 0.0.0.0:9000, [::]:9000, 0.0.0.0:9001 ssl, [::]:9001 ssl - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -271,8 +271,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -304,8 +304,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-custom-dbless-config namespace: default - object: @@ -316,8 +316,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -343,9 +343,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -379,8 +379,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/ci/__snapshots__/test5-values.snap b/charts/kong/ci/__snapshots__/test5-values.snap index b0a4d8f20..3c6cd4923 100644 --- a/charts/kong/ci/__snapshots__/test5-values.snap +++ b/charts/kong/ci/__snapshots__/test5-values.snap @@ -8,8 +8,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validations namespace: default webhooks: @@ -82,8 +82,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default spec: @@ -110,9 +110,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 - version: \"3.5\" + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 + version: \"3.6\" spec: automountServiceAccountToken: false containers: @@ -142,7 +142,7 @@ SnapShot = """ value: https://localhost:8444 - name: CONTROLLER_PUBLISH_SERVICE value: default/chartsnap-kong-proxy - image: kong/kubernetes-ingress-controller:3.0 + image: kong/kubernetes-ingress-controller:3.1 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 @@ -261,7 +261,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent lifecycle: preStop: @@ -388,7 +388,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: clear-stale-pid resources: {} @@ -477,7 +477,7 @@ SnapShot = """ value: 0.0.0.0:8100, [::]:8100 - name: KONG_STREAM_LISTEN value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-db resources: {} @@ -694,8 +694,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-init-migrations namespace: default spec: @@ -710,8 +710,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: kong-init-migrations spec: automountServiceAccountToken: false @@ -788,7 +788,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: kong-migrations resources: {} @@ -879,7 +879,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-postgres resources: {} @@ -932,8 +932,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-post-upgrade-migrations namespace: default spec: @@ -948,8 +948,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: kong-post-upgrade-migrations spec: automountServiceAccountToken: false @@ -1026,7 +1026,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: kong-post-upgrade-migrations resources: {} @@ -1117,7 +1117,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-postgres resources: {} @@ -1172,8 +1172,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-pre-upgrade-migrations namespace: default spec: @@ -1188,8 +1188,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: kong-pre-upgrade-migrations spec: automountServiceAccountToken: false @@ -1266,7 +1266,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: kong-upgrade-migrations resources: {} @@ -1357,7 +1357,7 @@ SnapShot = """ value: \"off\" - name: KONG_NGINX_DAEMON value: \"off\" - image: kong:3.5 + image: kong:3.6 imagePullPolicy: IfNotPresent name: wait-for-postgres resources: {} @@ -1406,8 +1406,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -1430,8 +1430,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong rules: - apiGroups: @@ -1639,6 +1639,38 @@ SnapShot = """ - get - list - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - konglicenses/status + verbs: + - get + - patch + - update + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults + verbs: + - get + - list + - watch + - apiGroups: + - configuration.konghq.com + resources: + - kongvaults/status + verbs: + - get + - patch + - update - apiGroups: - configuration.konghq.com resources: @@ -1678,8 +1710,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong roleRef: apiGroup: rbac.authorization.k8s.io @@ -1697,8 +1729,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default rules: @@ -1761,8 +1793,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default roleRef: @@ -1787,8 +1819,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-bash-wait-for-postgres namespace: default - object: @@ -1802,8 +1834,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-ca-keypair namespace: default type: kubernetes.io/tls @@ -1818,8 +1850,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook-keypair namespace: default type: kubernetes.io/tls @@ -1846,8 +1878,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-manager namespace: default spec: @@ -1873,9 +1905,9 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" + app.kubernetes.io/version: \"3.6\" enable-metrics: \"true\" - helm.sh/chart: kong-2.36.0 + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-proxy namespace: default spec: @@ -1901,8 +1933,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong-validation-webhook namespace: default spec: @@ -1916,8 +1948,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 - object: apiVersion: v1 kind: Service @@ -1976,8 +2008,8 @@ SnapShot = """ app.kubernetes.io/instance: chartsnap app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: kong - app.kubernetes.io/version: \"3.5\" - helm.sh/chart: kong-2.36.0 + app.kubernetes.io/version: \"3.6\" + helm.sh/chart: kong-2.37.0 name: chartsnap-kong namespace: default """ diff --git a/charts/kong/crds/custom-resource-definitions.yaml b/charts/kong/crds/custom-resource-definitions.yaml index 99b3a2c41..08081b973 100644 --- a/charts/kong/crds/custom-resource-definitions.yaml +++ b/charts/kong/crds/custom-resource-definitions.yaml @@ -1,9 +1,9 @@ -# generated using: kubectl kustomize 'github.com/kong/kubernetes-ingress-controller/config/crd?ref=v3.0.0' +# generated using: kubectl kustomize 'github.com/kong/kubernetes-ingress-controller/config/crd?ref=v3.1.0' apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: ingressclassparameterses.configuration.konghq.com spec: group: configuration.konghq.com @@ -21,14 +21,19 @@ spec: API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -37,10 +42,10 @@ spec: properties: enableLegacyRegexDetection: default: false - description: EnableLegacyRegexDetection automatically detects if ImplementationSpecific - Ingress paths are regular expression paths using the legacy 2.x - heuristic. The controller adds the "~" prefix to those paths if - the Kong version is 3.0 or higher. + description: |- + EnableLegacyRegexDetection automatically detects if ImplementationSpecific Ingress paths are regular expression + paths using the legacy 2.x heuristic. The controller adds the "~" prefix to those paths if the Kong version is + 3.0 or higher. type: boolean serviceUpstream: default: false @@ -55,7 +60,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: kongclusterplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -98,25 +103,28 @@ spec: description: KongClusterPlugin is the Schema for the kongclusterplugins API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string config: - description: Config contains the plugin configuration. It's a list of - keys and values required to configure the plugin. Please read the documentation - of the plugin being configured to set values in here. For any plugin - in Kong, anything that goes in the `config` JSON key in the Admin API - request, goes into this property. Only one of `config` or `configFrom` - may be used in a KongClusterPlugin, not both at once. + description: |- + Config contains the plugin configuration. It's a list of keys and values + required to configure the plugin. + Please read the documentation of the plugin being configured to set values + in here. For any plugin in Kong, anything that goes in the `config` JSON + key in the Admin API request, goes into this property. + Only one of `config` or `configFrom` may be used in a KongClusterPlugin, not both at once. type: object x-kubernetes-preserve-unknown-fields: true configFrom: - description: ConfigFrom references a secret containing the plugin configuration. - This should be used when the plugin configuration contains sensitive - information, such as AWS credentials in the Lambda plugin or the client - secret in the OIDC plugin. Only one of `config` or `configFrom` may - be used in a KongClusterPlugin, not both at once. + description: |- + ConfigFrom references a secret containing the plugin configuration. + This should be used when the plugin configuration contains sensitive information, + such as AWS credentials in the Lambda plugin or the client secret in the OIDC plugin. + Only one of `config` or `configFrom` may be used in a KongClusterPlugin, not both at once. properties: secretKeyRef: description: Specifies a name, a namespace, and a key of a secret @@ -136,7 +144,55 @@ spec: - name - namespace type: object + required: + - secretKeyRef type: object + configPatches: + description: |- + ConfigPatches represents JSON patches to the configuration of the plugin. + Each item means a JSON patch to add something in the configuration, + where path is specified in `path` and value is in `valueFrom` referencing + a key in a secret. + When Config is specified, patches will be applied to the configuration in Config. + Otherwise, patches will be applied to an empty object. + items: + description: |- + NamespacedConfigPatch is a JSON patch to add values from secrets to KongClusterPlugin + to the generated configuration of plugin in Kong. + properties: + path: + description: Path is the JSON path to add the patch. + type: string + valueFrom: + description: ValueFrom is the reference to a key of a secret where + the patched value comes from. + properties: + secretKeyRef: + description: Specifies a name, a namespace, and a key of a secret + to refer to. + properties: + key: + description: The key containing the value. + type: string + name: + description: The secret containing the key. + type: string + namespace: + description: The namespace containing the secret. + type: string + required: + - key + - name + - namespace + type: object + required: + - secretKeyRef + type: object + required: + - path + - valueFrom + type: object + type: array consumerRef: description: ConsumerRef is a reference to a particular consumer. type: string @@ -144,25 +200,27 @@ spec: description: Disabled set if the plugin is disabled or not. type: boolean instance_name: - description: InstanceName is an optional custom name to identify an instance - of the plugin. This is useful when running the same plugin in multiple - contexts, for example, on multiple services. + description: |- + InstanceName is an optional custom name to identify an instance of the plugin. This is useful when running the + same plugin in multiple contexts, for example, on multiple services. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object ordering: - description: 'Ordering overrides the normal plugin execution order. It''s - only available on Kong Enterprise. `` is a request processing - phase (for example, `access` or `body_filter`) and `` is the - name of the plugin that will run before or after the KongPlugin. For - example, a KongPlugin with `plugin: rate-limiting` and `before.access: - ["key-auth"]` will create a rate limiting plugin that limits requests - _before_ they are authenticated.' + description: |- + Ordering overrides the normal plugin execution order. It's only available on Kong Enterprise. + `` is a request processing phase (for example, `access` or `body_filter`) and + `` is the name of the plugin that will run before or after the KongPlugin. + For example, a KongPlugin with `plugin: rate-limiting` and `before.access: ["key-auth"]` + will create a rate limiting plugin that limits requests _before_ they are authenticated. properties: after: additionalProperties: @@ -186,11 +244,13 @@ spec: config. type: string protocols: - description: Protocols configures plugin to run on requests received on - specific protocols. + description: |- + Protocols configures plugin to run on requests received on specific + protocols. items: - description: KongProtocol is a valid Kong protocol. This alias is necessary - to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342 + description: |- + KongProtocol is a valid Kong protocol. + This alias is necessary to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342 enum: - http - https @@ -202,8 +262,9 @@ spec: type: string type: array run_on: - description: RunOn configures the plugin to run on the first or the second - or both nodes in case of a service mesh deployment. + description: |- + RunOn configures the plugin to run on the first or the second or both + nodes in case of a service mesh deployment. enum: - first - second @@ -220,46 +281,52 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the KongClusterPluginStatus. - \n Known condition types are: \n * \"Programmed\"" + description: |- + Conditions describe the current conditions of the KongClusterPluginStatus. + + + Known condition types are: + + + * "Programmed" items: description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -273,11 +340,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -297,6 +365,13 @@ spec: required: - plugin type: object + x-kubernetes-validations: + - message: Using both config and configFrom fields is not allowed. + rule: '!(has(self.config) && has(self.configFrom))' + - message: Using both configFrom and configPatches fields is not allowed. + rule: '!(has(self.configFrom) && has(self.configPatches))' + - message: The plugin field is immutable + rule: self.plugin == oldSelf.plugin served: true storage: true subresources: @@ -306,7 +381,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: kongconsumergroups.configuration.konghq.com spec: group: configuration.konghq.com @@ -335,19 +410,24 @@ spec: description: KongConsumerGroup is the Schema for the kongconsumergroups API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object status: - description: Status represents the current status of the KongConsumer + description: Status represents the current status of the KongConsumerGroup resource. properties: conditions: @@ -357,46 +437,52 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the KongConsumerGroup. - \n Known condition types are: \n * \"Programmed\"" + description: |- + Conditions describe the current conditions of the KongConsumerGroup. + + + Known condition types are: + + + * "Programmed" items: description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -410,11 +496,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -441,7 +528,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: kongconsumers.configuration.konghq.com spec: group: configuration.konghq.com @@ -474,30 +561,38 @@ spec: description: KongConsumer is the Schema for the kongconsumers API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string consumerGroups: - description: ConsumerGroups are references to consumer groups (that consumer - wants to be part of) provisioned in Kong. + description: |- + ConsumerGroups are references to consumer groups (that consumer wants to be part of) + provisioned in Kong. items: type: string type: array credentials: - description: Credentials are references to secrets containing a credential - to be provisioned in Kong. + description: |- + Credentials are references to secrets containing a credential to be + provisioned in Kong. items: type: string type: array custom_id: - description: CustomID is a Kong cluster-unique existing ID for the consumer - - useful for mapping Kong with users in your existing database. + description: |- + CustomID is a Kong cluster-unique existing ID for the consumer - useful for mapping + Kong with users in your existing database. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -512,46 +607,52 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the KongConsumer. - \n Known condition types are: \n * \"Programmed\"" + description: |- + Conditions describe the current conditions of the KongConsumer. + + + Known condition types are: + + + * "Programmed" items: description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -565,11 +666,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -590,6 +692,9 @@ spec: description: Username is a Kong cluster-unique username of the consumer. type: string type: object + x-kubernetes-validations: + - message: Need to provide either username or custom_id + rule: has(self.username) || has(self.custom_id) served: true storage: true subresources: @@ -599,7 +704,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: kongingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -620,37 +725,43 @@ spec: description: KongIngress is the Schema for the kongingresses API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object proxy: - description: Proxy defines additional connection options for the routes - to be configured in the Kong Gateway, e.g. `connection_timeout`, `retries`, - etc. + description: |- + Proxy defines additional connection options for the routes to be configured in the + Kong Gateway, e.g. `connection_timeout`, `retries`, etc. properties: connect_timeout: description: "The timeout in milliseconds for\testablishing a connection - to the upstream server. Deprecated: use Service's \"konghq.com/connect-timeout\" + to the upstream server.\nDeprecated: use Service's \"konghq.com/connect-timeout\" annotation instead." minimum: 0 type: integer path: - description: '(optional) The path to be used in requests to the upstream - server. Deprecated: use Service''s "konghq.com/path" annotation - instead.' + description: |- + (optional) The path to be used in requests to the upstream server. + Deprecated: use Service's "konghq.com/path" annotation instead. pattern: ^/.*$ type: string protocol: - description: 'The protocol used to communicate with the upstream. - Deprecated: use Service''s "konghq.com/protocol" annotation instead.' + description: |- + The protocol used to communicate with the upstream. + Deprecated: use Service's "konghq.com/protocol" annotation instead. enum: - http - https @@ -661,73 +772,81 @@ spec: - udp type: string read_timeout: - description: 'The timeout in milliseconds between two successive read - operations for transmitting a request to the upstream server. Deprecated: - use Service''s "konghq.com/read-timeout" annotation instead.' + description: |- + The timeout in milliseconds between two successive read operations + for transmitting a request to the upstream server. + Deprecated: use Service's "konghq.com/read-timeout" annotation instead. minimum: 0 type: integer retries: - description: 'The number of retries to execute upon failure to proxy. - Deprecated: use Service''s "konghq.com/retries" annotation instead.' + description: |- + The number of retries to execute upon failure to proxy. + Deprecated: use Service's "konghq.com/retries" annotation instead. minimum: 0 type: integer write_timeout: - description: 'The timeout in milliseconds between two successive write - operations for transmitting a request to the upstream server. Deprecated: - use Service''s "konghq.com/write-timeout" annotation instead.' + description: |- + The timeout in milliseconds between two successive write operations + for transmitting a request to the upstream server. + Deprecated: use Service's "konghq.com/write-timeout" annotation instead. minimum: 0 type: integer type: object route: - description: Route define rules to match client requests. Each Route is - associated with a Service, and a Service may have multiple Routes associated - to it. + description: |- + Route define rules to match client requests. + Each Route is associated with a Service, + and a Service may have multiple Routes associated to it. properties: headers: additionalProperties: items: type: string type: array - description: 'Headers contains one or more lists of values indexed - by header name that will cause this Route to match if present in - the request. The Host header cannot be used with this attribute. - Deprecated: use Ingress'' "konghq.com/headers" annotation instead.' + description: |- + Headers contains one or more lists of values indexed by header name + that will cause this Route to match if present in the request. + The Host header cannot be used with this attribute. + Deprecated: use Ingress' "konghq.com/headers" annotation instead. type: object https_redirect_status_code: - description: 'HTTPSRedirectStatusCode is the status code Kong responds - with when all properties of a Route match except the protocol. Deprecated: - use Ingress'' "ingress.kubernetes.io/force-ssl-redirect" or "konghq.com/https-redirect-status-code" - annotations instead.' + description: |- + HTTPSRedirectStatusCode is the status code Kong responds with + when all properties of a Route match except the protocol. + Deprecated: use Ingress' "ingress.kubernetes.io/force-ssl-redirect" or + "konghq.com/https-redirect-status-code" annotations instead. type: integer methods: - description: 'Methods is a list of HTTP methods that match this Route. - Deprecated: use Ingress'' "konghq.com/methods" annotation instead.' + description: |- + Methods is a list of HTTP methods that match this Route. + Deprecated: use Ingress' "konghq.com/methods" annotation instead. items: type: string type: array path_handling: - description: 'PathHandling controls how the Service path, Route path - and requested path are combined when sending a request to the upstream. - Deprecated: use Ingress'' "konghq.com/path-handling" annotation - instead.' + description: |- + PathHandling controls how the Service path, Route path and requested path + are combined when sending a request to the upstream. + Deprecated: use Ingress' "konghq.com/path-handling" annotation instead. enum: - v0 - v1 type: string preserve_host: - description: 'PreserveHost sets When matching a Route via one of the - hosts domain names, use the request Host header in the upstream - request headers. If set to false, the upstream Host header will - be that of the Service’s host. Deprecated: use Ingress'' "konghq.com/preserve-host" - annotation instead.' + description: |- + PreserveHost sets When matching a Route via one of the hosts domain names, + use the request Host header in the upstream request headers. + If set to false, the upstream Host header will be that of the Service’s host. + Deprecated: use Ingress' "konghq.com/preserve-host" annotation instead. type: boolean protocols: - description: 'Protocols is an array of the protocols this Route should - allow. Deprecated: use Ingress'' "konghq.com/protocols" annotation - instead.' + description: |- + Protocols is an array of the protocols this Route should allow. + Deprecated: use Ingress' "konghq.com/protocols" annotation instead. items: - description: KongProtocol is a valid Kong protocol. This alias is - necessary to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342 + description: |- + KongProtocol is a valid Kong protocol. + This alias is necessary to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342 enum: - http - https @@ -739,43 +858,45 @@ spec: type: string type: array regex_priority: - description: 'RegexPriority is a number used to choose which route - resolves a given request when several routes match it using regexes - simultaneously. Deprecated: use Ingress'' "konghq.com/regex-priority" - annotation instead.' + description: |- + RegexPriority is a number used to choose which route resolves a given request + when several routes match it using regexes simultaneously. + Deprecated: use Ingress' "konghq.com/regex-priority" annotation instead. type: integer request_buffering: - description: 'RequestBuffering sets whether to enable request body - buffering or not. Deprecated: use Ingress'' "konghq.com/request-buffering" - annotation instead.' + description: |- + RequestBuffering sets whether to enable request body buffering or not. + Deprecated: use Ingress' "konghq.com/request-buffering" annotation instead. type: boolean response_buffering: - description: 'ResponseBuffering sets whether to enable response body - buffering or not. Deprecated: use Ingress'' "konghq.com/response-buffering" - annotation instead.' + description: |- + ResponseBuffering sets whether to enable response body buffering or not. + Deprecated: use Ingress' "konghq.com/response-buffering" annotation instead. type: boolean snis: - description: 'SNIs is a list of SNIs that match this Route when using - stream routing. Deprecated: use Ingress'' "konghq.com/snis" annotation - instead.' + description: |- + SNIs is a list of SNIs that match this Route when using stream routing. + Deprecated: use Ingress' "konghq.com/snis" annotation instead. items: type: string type: array strip_path: - description: 'StripPath sets When matching a Route via one of the - paths strip the matching prefix from the upstream request URL. Deprecated: - use Ingress'' "konghq.com/strip-path" annotation instead.' + description: |- + StripPath sets When matching a Route via one of the paths + strip the matching prefix from the upstream request URL. + Deprecated: use Ingress' "konghq.com/strip-path" annotation instead. type: boolean type: object upstream: - description: Upstream represents a virtual hostname and can be used to - loadbalance incoming requests over multiple targets (e.g. Kubernetes - `Services` can be a target, OR `Endpoints` can be targets). + description: |- + Upstream represents a virtual hostname and can be used to loadbalance + incoming requests over multiple targets (e.g. Kubernetes `Services` can + be a target, OR `Endpoints` can be targets). properties: algorithm: - description: 'Algorithm is the load balancing algorithm to use. Accepted - values are: "round-robin", "consistent-hashing", "least-connections", - "latency".' + description: |- + Algorithm is the load balancing algorithm to use. + Accepted values are: "round-robin", "consistent-hashing", "least-connections", "latency". enum: - round-robin - consistent-hashing @@ -783,14 +904,15 @@ spec: - latency type: string hash_fallback: - description: 'HashFallback defines What to use as hashing input if - the primary hash_on does not return a hash. Accepted values are: - "none", "consumer", "ip", "header", "cookie".' + description: |- + HashFallback defines What to use as hashing input + if the primary hash_on does not return a hash. + Accepted values are: "none", "consumer", "ip", "header", "cookie". type: string hash_fallback_header: - description: HashFallbackHeader is the header name to take the value - from as hash input. Only required when "hash_fallback" is set to - "header". + description: |- + HashFallbackHeader is the header name to take the value from as hash input. + Only required when "hash_fallback" is set to "header". type: string hash_fallback_query_arg: description: HashFallbackQueryArg is the "hash_fallback" version of @@ -801,29 +923,33 @@ spec: of HashOnURICapture. type: string hash_on: - description: 'HashOn defines what to use as hashing input. Accepted - values are: "none", "consumer", "ip", "header", "cookie", "path", - "query_arg", "uri_capture".' + description: |- + HashOn defines what to use as hashing input. + Accepted values are: "none", "consumer", "ip", "header", "cookie", "path", "query_arg", "uri_capture". type: string hash_on_cookie: - description: The cookie name to take the value from as hash input. + description: |- + The cookie name to take the value from as hash input. Only required when "hash_on" or "hash_fallback" is set to "cookie". type: string hash_on_cookie_path: - description: The cookie path to set in the response headers. Only - required when "hash_on" or "hash_fallback" is set to "cookie". + description: |- + The cookie path to set in the response headers. + Only required when "hash_on" or "hash_fallback" is set to "cookie". type: string hash_on_header: - description: HashOnHeader defines the header name to take the value - from as hash input. Only required when "hash_on" is set to "header". + description: |- + HashOnHeader defines the header name to take the value from as hash input. + Only required when "hash_on" is set to "header". type: string hash_on_query_arg: description: HashOnQueryArg is the query string parameter whose value is the hash input when "hash_on" is set to "query_arg". type: string hash_on_uri_capture: - description: HashOnURICapture is the name of the capture group whose - value is the hash input when "hash_on" is set to "uri_capture". + description: |- + HashOnURICapture is the name of the capture group whose value is the hash input when "hash_on" is set to + "uri_capture". type: string healthchecks: description: Healthchecks defines the health check configurations @@ -843,8 +969,9 @@ spec: type: array type: object healthy: - description: Healthy configures thresholds and HTTP status - codes to mark targets healthy for an upstream. + description: |- + Healthy configures thresholds and HTTP status codes + to mark targets healthy for an upstream. properties: http_statuses: items: @@ -870,8 +997,9 @@ spec: type: type: string unhealthy: - description: Unhealthy configures thresholds and HTTP status - codes to mark targets unhealthy. + description: |- + Unhealthy configures thresholds and HTTP status codes + to mark targets unhealthy. properties: http_failures: minimum: 0 @@ -892,12 +1020,14 @@ spec: type: object type: object passive: - description: PassiveHealthcheck configures passive checks around + description: |- + PassiveHealthcheck configures passive checks around passive health checks. properties: healthy: - description: Healthy configures thresholds and HTTP status - codes to mark targets healthy for an upstream. + description: |- + Healthy configures thresholds and HTTP status codes + to mark targets healthy for an upstream. properties: http_statuses: items: @@ -913,8 +1043,9 @@ spec: type: type: string unhealthy: - description: Unhealthy configures thresholds and HTTP status - codes to mark targets unhealthy. + description: |- + Unhealthy configures thresholds and HTTP status codes + to mark targets unhealthy. properties: http_failures: minimum: 0 @@ -938,7 +1069,8 @@ spec: type: number type: object host_header: - description: HostHeader is The hostname to be used as Host header + description: |- + HostHeader is The hostname to be used as Host header when proxying requests through Kong. type: string slots: @@ -963,7 +1095,220 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 + name: konglicenses.configuration.konghq.com +spec: + group: configuration.konghq.com + names: + categories: + - kong-ingress-controller + kind: KongLicense + listKind: KongLicenseList + plural: konglicenses + shortNames: + - kl + singular: konglicense + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Enabled to configure on Kong gateway instances + jsonPath: .enabled + name: Enabled + type: boolean + name: v1alpha1 + schema: + openAPIV3Schema: + description: KongLicense stores a Kong enterprise license to apply to managed + Kong gateway instances. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + enabled: + default: true + description: |- + Enabled is set to true to let controllers (like KIC or KGO) to reconcile it. + Default value is true to apply the license by default. + type: boolean + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + rawLicenseString: + description: RawLicenseString is a string with the raw content of the + license. + type: string + status: + description: Status is the status of the KongLicense being processed by + controllers. + properties: + controllers: + items: + description: |- + KongLicenseControllerStatus is the status of owning KongLicense being processed + identified by the controllerName field. + properties: + conditions: + default: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: Waiting for controller + reason: Pending + status: Unknown + type: Programmed + description: Conditions describe the current conditions of the + KongLicense on the controller. + items: + description: "Condition contains details for one aspect of + the current state of this API Resource.\n---\nThis struct + is intended for direct use as an array at the field path + .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // + +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + maxItems: 8 + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + controllerName: + description: |- + ControllerName is an identifier of the controller to reconcile this KongLicense. + Should be unique in the list of controller statuses. + type: string + controllerRef: + description: |- + ControllerRef is the reference of the controller to reconcile this KongLicense. + It is usually the name of (KIC/KGO) pod that reconciles it. + properties: + group: + description: |- + Group is the group of referent. + It should be empty if the referent is in "core" group (like pod). + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + description: |- + Kind is the kind of the referent. + By default the nil kind means kind Pod. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: Name is the name of the referent. + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace is the namespace of the referent. + It should be empty if the referent is cluster scoped. + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + required: + - name + type: object + required: + - controllerName + type: object + type: array + x-kubernetes-list-map-keys: + - controllerName + x-kubernetes-list-type: map + type: object + required: + - enabled + - rawLicenseString + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 name: kongplugins.configuration.konghq.com spec: group: configuration.konghq.com @@ -1006,25 +1351,28 @@ spec: description: KongPlugin is the Schema for the kongplugins API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string config: - description: Config contains the plugin configuration. It's a list of - keys and values required to configure the plugin. Please read the documentation - of the plugin being configured to set values in here. For any plugin - in Kong, anything that goes in the `config` JSON key in the Admin API - request, goes into this property. Only one of `config` or `configFrom` - may be used in a KongPlugin, not both at once. + description: |- + Config contains the plugin configuration. It's a list of keys and values + required to configure the plugin. + Please read the documentation of the plugin being configured to set values + in here. For any plugin in Kong, anything that goes in the `config` JSON + key in the Admin API request, goes into this property. + Only one of `config` or `configFrom` may be used in a KongPlugin, not both at once. type: object x-kubernetes-preserve-unknown-fields: true configFrom: - description: ConfigFrom references a secret containing the plugin configuration. - This should be used when the plugin configuration contains sensitive - information, such as AWS credentials in the Lambda plugin or the client - secret in the OIDC plugin. Only one of `config` or `configFrom` may - be used in a KongPlugin, not both at once. + description: |- + ConfigFrom references a secret containing the plugin configuration. + This should be used when the plugin configuration contains sensitive information, + such as AWS credentials in the Lambda plugin or the client secret in the OIDC plugin. + Only one of `config` or `configFrom` may be used in a KongPlugin, not both at once. properties: secretKeyRef: description: Specifies a name and a key of a secret to refer to. The @@ -1040,7 +1388,54 @@ spec: - key - name type: object + required: + - secretKeyRef type: object + configPatches: + description: |- + ConfigPatches represents JSON patches to the configuration of the plugin. + Each item means a JSON patch to add something in the configuration, + where path is specified in `path` and value is in `valueFrom` referencing + a key in a secret. + When Config is specified, patches will be applied to the configuration in Config. + Otherwise, patches will be applied to an empty object. + items: + description: |- + ConfigPatch is a JSON patch (RFC6902) to add values from Secret to the generated configuration. + It is an equivalent of the following patch: + `{"op": "add", "path": {.Path}, "value": {.ComputedValueFrom}}`. + properties: + path: + description: Path is the JSON-Pointer value (RFC6901) that references + a location within the target configuration. + type: string + valueFrom: + description: ValueFrom is the reference to a key of a secret where + the patched value comes from. + properties: + secretKeyRef: + description: Specifies a name and a key of a secret to refer + to. The namespace is implicitly set to the one of referring + object. + properties: + key: + description: The key containing the value. + type: string + name: + description: The secret containing the key. + type: string + required: + - key + - name + type: object + required: + - secretKeyRef + type: object + required: + - path + - valueFrom + type: object + type: array consumerRef: description: ConsumerRef is a reference to a particular consumer. type: string @@ -1048,25 +1443,27 @@ spec: description: Disabled set if the plugin is disabled or not. type: boolean instance_name: - description: InstanceName is an optional custom name to identify an instance - of the plugin. This is useful when running the same plugin in multiple - contexts, for example, on multiple services. + description: |- + InstanceName is an optional custom name to identify an instance of the plugin. This is useful when running the + same plugin in multiple contexts, for example, on multiple services. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object ordering: - description: 'Ordering overrides the normal plugin execution order. It''s - only available on Kong Enterprise. `` is a request processing - phase (for example, `access` or `body_filter`) and `` is the - name of the plugin that will run before or after the KongPlugin. For - example, a KongPlugin with `plugin: rate-limiting` and `before.access: - ["key-auth"]` will create a rate limiting plugin that limits requests - _before_ they are authenticated.' + description: |- + Ordering overrides the normal plugin execution order. It's only available on Kong Enterprise. + `` is a request processing phase (for example, `access` or `body_filter`) and + `` is the name of the plugin that will run before or after the KongPlugin. + For example, a KongPlugin with `plugin: rate-limiting` and `before.access: ["key-auth"]` + will create a rate limiting plugin that limits requests _before_ they are authenticated. properties: after: additionalProperties: @@ -1090,11 +1487,13 @@ spec: config. type: string protocols: - description: Protocols configures plugin to run on requests received on - specific protocols. + description: |- + Protocols configures plugin to run on requests received on specific + protocols. items: - description: KongProtocol is a valid Kong protocol. This alias is necessary - to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342 + description: |- + KongProtocol is a valid Kong protocol. + This alias is necessary to deal with https://github.com/kubernetes-sigs/controller-tools/issues/342 enum: - http - https @@ -1106,8 +1505,9 @@ spec: type: string type: array run_on: - description: RunOn configures the plugin to run on the first or the second - or both nodes in case of a service mesh deployment. + description: |- + RunOn configures the plugin to run on the first or the second or both + nodes in case of a service mesh deployment. enum: - first - second @@ -1123,46 +1523,52 @@ spec: reason: Pending status: Unknown type: Programmed - description: "Conditions describe the current conditions of the KongPluginStatus. - \n Known condition types are: \n * \"Programmed\"" + description: |- + Conditions describe the current conditions of the KongPluginStatus. + + + Known condition types are: + + + * "Programmed" items: description: "Condition contains details for one aspect of the current - state of this API Resource. --- This struct is intended for direct - use as an array at the field path .status.conditions. For example, - \n type FooStatus struct{ // Represents the observations of a - foo's current state. // Known .status.conditions.type are: \"Available\", - \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge - // +listType=map // +listMapKey=type Conditions []metav1.Condition - `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" - protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }" + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" properties: lastTransitionTime: - description: lastTransitionTime is the last time the condition - transitioned from one status to another. This should be when - the underlying condition changed. If that is not known, then - using the time when the API field changed is acceptable. + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. format: date-time type: string message: - description: message is a human readable message indicating - details about the transition. This may be an empty string. + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. maxLength: 32768 type: string observedGeneration: - description: observedGeneration represents the .metadata.generation - that the condition was set based upon. For instance, if .metadata.generation - is currently 12, but the .status.conditions[x].observedGeneration - is 9, the condition is out of date with respect to the current - state of the instance. + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. format: int64 minimum: 0 type: integer reason: - description: reason contains a programmatic identifier indicating - the reason for the condition's last transition. Producers - of specific condition types may define expected values and - meanings for this field, and whether the values are considered - a guaranteed API. The value should be a CamelCase string. + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. This field may not be empty. maxLength: 1024 minLength: 1 @@ -1176,11 +1582,12 @@ spec: - Unknown type: string type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - --- Many .condition.type values are consistent across resources - like Available, but because arbitrary conditions can be useful - (see .node.status.conditions), the ability to deconflict is - important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1200,6 +1607,13 @@ spec: required: - plugin type: object + x-kubernetes-validations: + - message: Using both config and configFrom fields is not allowed. + rule: '!(has(self.config) && has(self.configFrom))' + - message: Using both configFrom and configPatches fields is not allowed. + rule: '!(has(self.configFrom) && has(self.configPatches))' + - message: The plugin field is immutable + rule: self.plugin == oldSelf.plugin served: true storage: true subresources: @@ -1209,7 +1623,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 labels: gateway.networking.k8s.io/policy: direct name: kongupstreampolicies.configuration.konghq.com @@ -1229,33 +1643,45 @@ spec: - name: v1beta1 schema: openAPIV3Schema: - description: "KongUpstreamPolicy allows configuring algorithm that should - be used for load balancing traffic between Kong Upstream's Targets. It also - allows configuring health checks for Kong Upstream's Targets. \n Its configuration - is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), - and it is applied to Kong Upstream objects created by the controller. \n - It can be attached to Services. To attach it to a Service, it has to be - annotated with `konghq.com/upstream-policy: `, where `` is the - name of the KongUpstreamPolicy object in the same namespace as the Service. - \n When attached to a Service, it will affect all Kong Upstreams created - for the Service. \n When attached to a Service used in a Gateway API *Route - rule with multiple BackendRefs, all of its Services MUST be configured with - the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the - KongUpstreamPolicy. \n Note: KongUpstreamPolicy doesn't implement Gateway - API's GEP-713 strictly. In particular, it doesn't use the TargetRef for - attaching to Services and Gateway API *Routes - annotations are used instead. - This is to allow reusing the same KongUpstreamPolicy for multiple Services - and Gateway API *Routes." + description: |- + KongUpstreamPolicy allows configuring algorithm that should be used for load balancing traffic between Kong + Upstream's Targets. It also allows configuring health checks for Kong Upstream's Targets. + + + Its configuration is similar to Kong Upstream object (https://docs.konghq.com/gateway/latest/admin-api/#upstream-object), + and it is applied to Kong Upstream objects created by the controller. + + + It can be attached to Services. To attach it to a Service, it has to be annotated with + `konghq.com/upstream-policy: `, where `` is the name of the KongUpstreamPolicy + object in the same namespace as the Service. + + + When attached to a Service, it will affect all Kong Upstreams created for the Service. + + + When attached to a Service used in a Gateway API *Route rule with multiple BackendRefs, all of its Services MUST + be configured with the same KongUpstreamPolicy. Otherwise, the controller will *ignore* the KongUpstreamPolicy. + + + Note: KongUpstreamPolicy doesn't implement Gateway API's GEP-713 strictly. + In particular, it doesn't use the TargetRef for attaching to Services and Gateway API *Routes - annotations are + used instead. This is to allow reusing the same KongUpstreamPolicy for multiple Services and Gateway API *Routes. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1263,9 +1689,9 @@ spec: description: Spec contains the configuration of the Kong upstream. properties: algorithm: - description: 'Algorithm is the load balancing algorithm to use. Accepted - values are: "round-robin", "consistent-hashing", "least-connections", - "latency".' + description: |- + Algorithm is the load balancing algorithm to use. + Accepted values are: "round-robin", "consistent-hashing", "least-connections", "latency". enum: - round-robin - consistent-hashing @@ -1273,9 +1699,9 @@ spec: - latency type: string hashOn: - description: HashOn defines how to calculate hash for consistent-hashing - load balancing algorithm. Algorithm must be set to "consistent-hashing" - for this field to have effect. + description: |- + HashOn defines how to calculate hash for consistent-hashing load balancing algorithm. + Algorithm must be set to "consistent-hashing" for this field to have effect. properties: cookie: description: Cookie is the name of the cookie to use as hash input. @@ -1288,9 +1714,9 @@ spec: description: Header is the name of the header to use as hash input. type: string input: - description: Input allows using one of the predefined inputs (ip, - consumer, path). For other parametrized inputs, use one of the - fields below. + description: |- + Input allows using one of the predefined inputs (ip, consumer, path). + For other parametrized inputs, use one of the fields below. enum: - ip - consumer @@ -1306,9 +1732,10 @@ spec: type: string type: object hashOnFallback: - description: HashOnFallback defines how to calculate hash for consistent-hashing - load balancing algorithm if the primary hash function fails. Algorithm - must be set to "consistent-hashing" for this field to have effect. + description: |- + HashOnFallback defines how to calculate hash for consistent-hashing load balancing algorithm if the primary hash + function fails. + Algorithm must be set to "consistent-hashing" for this field to have effect. properties: cookie: description: Cookie is the name of the cookie to use as hash input. @@ -1321,9 +1748,9 @@ spec: description: Header is the name of the header to use as hash input. type: string input: - description: Input allows using one of the predefined inputs (ip, - consumer, path). For other parametrized inputs, use one of the - fields below. + description: |- + Input allows using one of the predefined inputs (ip, consumer, path). + For other parametrized inputs, use one of the fields below. enum: - ip - consumer @@ -1401,8 +1828,8 @@ spec: minimum: 0 type: integer type: - description: Type determines whether to perform active health - checks using HTTP or HTTPS, or just attempt a TCP connection. + description: |- + Type determines whether to perform active health checks using HTTP or HTTPS, or just attempt a TCP connection. Accepted values are "http", "https", "tcp", "grpc", "grpcs". enum: - http @@ -1476,10 +1903,10 @@ spec: type: integer type: object type: - description: Type determines whether to perform passive health - checks interpreting HTTP/HTTPS statuses, or just check for - TCP connection success. Accepted values are "http", "https", - "tcp", "grpc", "grpcs". + description: |- + Type determines whether to perform passive health checks interpreting HTTP/HTTPS statuses, + or just check for TCP connection success. + Accepted values are "http", "https", "tcp", "grpc", "grpcs". enum: - http - https @@ -1524,18 +1951,367 @@ spec: type: object type: object threshold: - description: Threshold is the minimum percentage of the upstream’s - targets’ weight that must be available for the whole upstream - to be considered healthy. + description: |- + Threshold is the minimum percentage of the upstream’s targets’ weight that must be available for the whole + upstream to be considered healthy. type: integer type: object slots: - description: Slots is the number of slots in the load balancer algorithm. + description: |- + Slots is the number of slots in the load balancer algorithm. If not set, the default value in Kong for the algorithm is used. maximum: 65536 minimum: 10 type: integer type: object + status: + description: Status defines the current state of KongUpstreamPolicy + properties: + ancestors: + description: |- + Ancestors is a list of ancestor resources (usually Gateways) that are + associated with the policy, and the status of the policy with respect to + each ancestor. When this policy attaches to a parent, the controller that + manages the parent and the ancestors MUST add an entry to this list when + the controller first sees the policy and SHOULD update the entry as + appropriate when the relevant ancestor is modified. + + + Note that choosing the relevant ancestor is left to the Policy designers; + an important part of Policy design is designing the right object level at + which to namespace this status. + + + Note also that implementations MUST ONLY populate ancestor status for + the Ancestor resources they are responsible for. Implementations MUST + use the ControllerName field to uniquely identify the entries in this list + that they are responsible for. + + + Note that to achieve this, the list of PolicyAncestorStatus structs + MUST be treated as a map with a composite key, made up of the AncestorRef + and ControllerName fields combined. + + + A maximum of 16 ancestors will be represented in this list. An empty list + means the Policy is not relevant for any ancestors. + + + If this slice is full, implementations MUST NOT add further entries. + Instead they MUST consider the policy unimplementable and signal that + on any related resources such as the ancestor that would be referenced + here. For example, if this list was full on BackendTLSPolicy, no + additional Gateways would be able to reference the Service targeted by + the BackendTLSPolicy. + items: + description: |- + PolicyAncestorStatus describes the status of a route with respect to an + associated Ancestor. + + + Ancestors refer to objects that are either the Target of a policy or above it + in terms of object hierarchy. For example, if a policy targets a Service, the + Policy's Ancestors are, in order, the Service, the HTTPRoute, the Gateway, and + the GatewayClass. Almost always, in this hierarchy, the Gateway will be the most + useful object to place Policy status on, so we recommend that implementations + SHOULD use Gateway as the PolicyAncestorStatus object unless the designers + have a _very_ good reason otherwise. + + + In the context of policy attachment, the Ancestor is used to distinguish which + resource results in a distinct application of this policy. For example, if a policy + targets a Service, it may have a distinct result per attached Gateway. + + + Policies targeting the same resource may have different effects depending on the + ancestors of those resources. For example, different Gateways targeting the same + Service may have different capabilities, especially if they have different underlying + implementations. + + + For example, in BackendTLSPolicy, the Policy attaches to a Service that is + used as a backend in a HTTPRoute that is itself attached to a Gateway. + In this case, the relevant object for status is the Gateway, and that is the + ancestor object referred to in this status. + + + Note that a parent is also an ancestor, so for objects where the parent is the + relevant object for status, this struct SHOULD still be used. + + + This struct is intended to be used in a slice that's effectively a map, + with a composite key made up of the AncestorRef and the ControllerName. + properties: + ancestorRef: + description: |- + AncestorRef corresponds with a ParentRef in the spec that this + PolicyAncestorStatus struct describes the status of. + properties: + group: + default: gateway.networking.k8s.io + description: |- + Group is the group of the referent. + When unspecified, "gateway.networking.k8s.io" is inferred. + To set the core API group (such as for a "Service" kind referent), + Group must be explicitly set to "" (empty string). + + + Support: Core + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + kind: + default: Gateway + description: |- + Kind is kind of the referent. + + + There are two kinds of parent resources with "Core" support: + + + * Gateway (Gateway conformance profile) + * Service (Mesh conformance profile, experimental, ClusterIP Services only) + + + Support for other resources is Implementation-Specific. + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + type: string + name: + description: |- + Name is the name of the referent. + + + Support: Core + maxLength: 253 + minLength: 1 + type: string + namespace: + description: |- + Namespace is the namespace of the referent. When unspecified, this refers + to the local namespace of the Route. + + + Note that there are specific rules for ParentRefs which cross namespace + boundaries. Cross-namespace references are only valid if they are explicitly + allowed by something in the namespace they are referring to. For example: + Gateway has the AllowedRoutes field, and ReferenceGrant provides a + generic way to enable any other kind of cross-namespace reference. + + + + ParentRefs from a Route to a Service in the same namespace are "producer" + routes, which apply default routing rules to inbound connections from + any namespace to the Service. + + + ParentRefs from a Route to a Service in a different namespace are + "consumer" routes, and these routing rules are only applied to outbound + connections originating from the same namespace as the Route, for which + the intended destination of the connections are a Service targeted as a + ParentRef of the Route. + + + + Support: Core + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + type: string + port: + description: |- + Port is the network port this Route targets. It can be interpreted + differently based on the type of parent resource. + + + When the parent resource is a Gateway, this targets all listeners + listening on the specified port that also support this kind of Route(and + select this Route). It's not recommended to set `Port` unless the + networking behaviors specified in a Route must apply to a specific port + as opposed to a listener(s) whose port(s) may be changed. When both Port + and SectionName are specified, the name and port of the selected listener + must match both specified values. + + + + When the parent resource is a Service, this targets a specific port in the + Service spec. When both Port (experimental) and SectionName are specified, + the name and port of the selected port must match both specified values. + + + + Implementations MAY choose to support other parent resources. + Implementations supporting other types of parent resources MUST clearly + document how/if Port is interpreted. + + + For the purpose of status, an attachment is considered successful as + long as the parent resource accepts it partially. For example, Gateway + listeners can restrict which Routes can attach to them by Route kind, + namespace, or hostname. If 1 of 2 Gateway listeners accept attachment + from the referencing Route, the Route MUST be considered successfully + attached. If no Gateway listeners accept attachment from this Route, + the Route MUST be considered detached from the Gateway. + + + Support: Extended + + + + format: int32 + maximum: 65535 + minimum: 1 + type: integer + sectionName: + description: |- + SectionName is the name of a section within the target resource. In the + following resources, SectionName is interpreted as the following: + + + * Gateway: Listener Name. When both Port (experimental) and SectionName + are specified, the name and port of the selected listener must match + both specified values. + * Service: Port Name. When both Port (experimental) and SectionName + are specified, the name and port of the selected listener must match + both specified values. Note that attaching Routes to Services as Parents + is part of experimental Mesh support and is not supported for any other + purpose. + + + Implementations MAY choose to support attaching Routes to other resources. + If that is the case, they MUST clearly document how SectionName is + interpreted. + + + When unspecified (empty string), this will reference the entire resource. + For the purpose of status, an attachment is considered successful if at + least one section in the parent resource accepts it. For example, Gateway + listeners can restrict which Routes can attach to them by Route kind, + namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + the referencing Route, the Route MUST be considered successfully + attached. If no Gateway listeners accept attachment from this Route, the + Route MUST be considered detached from the Gateway. + + + Support: Core + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + type: string + required: + - name + type: object + conditions: + description: Conditions describes the status of the Policy with + respect to the given Ancestor. + items: + description: "Condition contains details for one aspect of + the current state of this API Resource.\n---\nThis struct + is intended for direct use as an array at the field path + .status.conditions. For example,\n\n\n\ttype FooStatus + struct{\n\t // Represents the observations of a foo's + current state.\n\t // Known .status.conditions.type are: + \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // + +listType=map\n\t // +listMapKey=type\n\t Conditions + []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" + patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, + Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + maxItems: 8 + minItems: 1 + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + controllerName: + description: |- + ControllerName is a domain/path string that indicates the name of the + controller that wrote this status. This corresponds with the + controllerName field on GatewayClass. + + + Example: "example.net/gateway-controller". + + + The format of this field is DOMAIN "/" PATH, where DOMAIN and PATH are + valid Kubernetes names + (https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names). + + + Controllers MUST populate this field when writing status. Controllers should ensure that + entries to status populated with their ControllerName are cleaned up when they are no + longer necessary. + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*\/[A-Za-z0-9\/\-._~%!$&'()*+,;=:]+$ + type: string + required: + - ancestorRef + - controllerName + type: object + maxItems: 16 + type: array + required: + - ancestors + type: object type: object x-kubernetes-validations: - message: Only one of spec.hashOn.(input|cookie|header|uriCapture|queryArg) @@ -1590,7 +2366,204 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 + name: kongvaults.configuration.konghq.com +spec: + group: configuration.konghq.com + names: + categories: + - kong-ingress-controller + kind: KongVault + listKind: KongVaultList + plural: kongvaults + shortNames: + - kv + singular: kongvault + scope: Cluster + versions: + - additionalPrinterColumns: + - description: Name of the backend of the vault + jsonPath: .spec.backend + name: Backend Type + type: string + - description: Prefix of vault URI to reference the values in the vault + jsonPath: .spec.prefix + name: Prefix + type: string + - description: Age + jsonPath: .metadata.creationTimestamp + name: Age + type: date + - description: Description + jsonPath: .spec.description + name: Description + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Programmed")].status + name: Programmed + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: |- + KongVault is the schema for kongvaults API which defines a custom Kong vault. + A Kong vault is a storage to store sensitive data, where the values can be referenced in configuration of plugins. + See: https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/ + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: KongVaultSpec defines specification of a custom Kong vault. + properties: + backend: + description: |- + Backend is the type of the backend storing the secrets in the vault. + The supported backends of Kong is listed here: + https://docs.konghq.com/gateway/latest/kong-enterprise/secrets-management/backends/ + minLength: 1 + type: string + config: + description: Config is the configuration of the vault. Varies for + different backends. + x-kubernetes-preserve-unknown-fields: true + description: + description: Description is the additional information about the vault. + type: string + prefix: + description: |- + Prefix is the prefix of vault URI for referencing values in the vault. + It is immutable after created. + minLength: 1 + type: string + required: + - backend + - prefix + type: object + status: + description: KongVaultStatus represents the current status of the KongVault + resource. + properties: + conditions: + default: + - lastTransitionTime: "1970-01-01T00:00:00Z" + message: Waiting for controller + reason: Pending + status: Unknown + type: Programmed + description: |- + Conditions describe the current conditions of the KongVaultStatus. + + + Known condition types are: + + + * "Programmed" + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + maxItems: 8 + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + required: + - conditions + type: object + required: + - spec + type: object + x-kubernetes-validations: + - message: The spec.prefix field is immutable + rule: self.spec.prefix == oldSelf.spec.prefix + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 name: tcpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1618,14 +2591,19 @@ spec: description: TCPIngress is the Schema for the tcpingresses API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1635,13 +2613,14 @@ spec: rules: description: A list of rules used to configure the Ingress. items: - description: IngressRule represents a rule to apply against incoming - requests. Matching is performed based on an (optional) SNI and - port. + description: |- + IngressRule represents a rule to apply against incoming requests. + Matching is performed based on an (optional) SNI and port. properties: backend: - description: Backend defines the referenced service endpoint - to which the traffic will be forwarded to. + description: |- + Backend defines the referenced service endpoint to which the traffic + will be forwarded to. properties: serviceName: description: Specifies the name of the referenced service. @@ -1658,19 +2637,20 @@ spec: - servicePort type: object host: - description: Host is the fully qualified domain name of a network - host, as defined by RFC 3986. If a Host is not specified, - then port-based TCP routing is performed. Kong doesn't care - about the content of the TCP stream in this case. If a Host - is specified, the protocol must be TLS over TCP. A plain-text - TCP request cannot be routed based on Host. It can only be - routed based on Port. + description: |- + Host is the fully qualified domain name of a network host, as defined + by RFC 3986. + If a Host is not specified, then port-based TCP routing is performed. Kong + doesn't care about the content of the TCP stream in this case. + If a Host is specified, the protocol must be TLS over TCP. + A plain-text TCP request cannot be routed based on Host. It can only + be routed based on Port. type: string port: - description: Port is the port on which to accept TCP or TLS - over TCP sessions and route. It is a required field. If a - Host is not specified, the requested are routed based only - on Port. + description: |- + Port is the port on which to accept TCP or TLS over TCP sessions and + route. It is a required field. If a Host is not specified, the requested + are routed based only on Port. format: int32 maximum: 65535 minimum: 1 @@ -1681,19 +2661,22 @@ spec: type: object type: array tls: - description: TLS configuration. This is similar to the `tls` section - in the Ingress resource in networking.v1beta1 group. The mapping - of SNIs to TLS cert-key pair defined here will be used for HTTP - Ingress rules as well. Once can define the mapping in this resource - or the original Ingress resource, both have the same effect. + description: |- + TLS configuration. This is similar to the `tls` section in the + Ingress resource in networking.v1beta1 group. + The mapping of SNIs to TLS cert-key pair defined here will be + used for HTTP Ingress rules as well. Once can define the mapping in + this resource or the original Ingress resource, both have the same + effect. items: description: IngressTLS describes the transport layer security. properties: hosts: - description: Hosts are a list of hosts included in the TLS certificate. - The values in this list must match the name/s used in the - tlsSecret. Defaults to the wildcard host setting for the loadbalancer - controller fulfilling this Ingress, if left unspecified. + description: |- + Hosts are a list of hosts included in the TLS certificate. The values in + this list must match the name/s used in the tlsSecret. Defaults to the + wildcard host setting for the loadbalancer controller fulfilling this + Ingress, if left unspecified. items: type: string type: array @@ -1711,37 +2694,49 @@ spec: description: LoadBalancer contains the current status of the load-balancer. properties: ingress: - description: Ingress is a list containing ingress points for the - load-balancer. Traffic intended for the service should be sent - to these ingress points. + description: |- + Ingress is a list containing ingress points for the load-balancer. + Traffic intended for the service should be sent to these ingress points. items: - description: 'LoadBalancerIngress represents the status of a - load-balancer ingress point: traffic intended for the service - should be sent to an ingress point.' + description: |- + LoadBalancerIngress represents the status of a load-balancer ingress point: + traffic intended for the service should be sent to an ingress point. properties: hostname: - description: Hostname is set for load-balancer ingress points - that are DNS based (typically AWS load-balancers) + description: |- + Hostname is set for load-balancer ingress points that are DNS based + (typically AWS load-balancers) type: string ip: - description: IP is set for load-balancer ingress points - that are IP based (typically GCE or OpenStack load-balancers) + description: |- + IP is set for load-balancer ingress points that are IP based + (typically GCE or OpenStack load-balancers) + type: string + ipMode: + description: |- + IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. + Setting this to "VIP" indicates that traffic is delivered to the node with + the destination set to the load-balancer's IP and port. + Setting this to "Proxy" indicates that traffic is delivered to the node or pod with + the destination set to the node's IP and node port or the pod's IP and port. + Service implementations may use this information to adjust traffic routing. type: string ports: - description: Ports is a list of records of service ports - If used, every port defined in the service should have - an entry in it + description: |- + Ports is a list of records of service ports + If used, every port defined in the service should have an entry in it items: properties: error: - description: 'Error is to record the problem with - the service port The format of the error shall comply - with the following rules: - built-in error values - shall be specified in this file and those shall - use CamelCase names - cloud provider specific error - values must have names that comply with the format - foo.example.com/CamelCase. --- The regex it matches - is (dns1123SubdomainFmt/)?(qualifiedNameFmt)' + description: |- + Error is to record the problem with the service port + The format of the error shall comply with the following rules: + - built-in error values shall be specified in this file and those shall use + CamelCase names + - cloud provider specific error values must have names that comply with the + format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1752,9 +2747,9 @@ spec: type: integer protocol: default: TCP - description: 'Protocol is the protocol of the service - port of which status is recorded here The supported - values are: "TCP", "UDP", "SCTP"' + description: |- + Protocol is the protocol of the service port of which status is recorded here + The supported values are: "TCP", "UDP", "SCTP" type: string required: - port @@ -1776,7 +2771,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.13.0 + controller-gen.kubebuilder.io/version: v0.14.0 name: udpingresses.configuration.konghq.com spec: group: configuration.konghq.com @@ -1804,14 +2799,19 @@ spec: description: UDPIngress is the Schema for the udpingresses API. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -1821,13 +2821,15 @@ spec: rules: description: A list of rules used to configure the Ingress. items: - description: UDPIngressRule represents a rule to apply against incoming - requests wherein no Host matching is available for request routing, - only the port is used to match requests. + description: |- + UDPIngressRule represents a rule to apply against incoming requests + wherein no Host matching is available for request routing, only the port + is used to match requests. properties: backend: - description: Backend defines the Kubernetes service which accepts - traffic from the listening Port defined above. + description: |- + Backend defines the Kubernetes service which accepts traffic from the + listening Port defined above. properties: serviceName: description: Specifies the name of the referenced service. @@ -1844,9 +2846,9 @@ spec: - servicePort type: object port: - description: Port indicates the port for the Kong proxy to accept - incoming traffic on, which will then be routed to the service - Backend. + description: |- + Port indicates the port for the Kong proxy to accept incoming traffic + on, which will then be routed to the service Backend. format: int32 maximum: 65535 minimum: 1 @@ -1864,37 +2866,49 @@ spec: description: LoadBalancer contains the current status of the load-balancer. properties: ingress: - description: Ingress is a list containing ingress points for the - load-balancer. Traffic intended for the service should be sent - to these ingress points. + description: |- + Ingress is a list containing ingress points for the load-balancer. + Traffic intended for the service should be sent to these ingress points. items: - description: 'LoadBalancerIngress represents the status of a - load-balancer ingress point: traffic intended for the service - should be sent to an ingress point.' + description: |- + LoadBalancerIngress represents the status of a load-balancer ingress point: + traffic intended for the service should be sent to an ingress point. properties: hostname: - description: Hostname is set for load-balancer ingress points - that are DNS based (typically AWS load-balancers) + description: |- + Hostname is set for load-balancer ingress points that are DNS based + (typically AWS load-balancers) type: string ip: - description: IP is set for load-balancer ingress points - that are IP based (typically GCE or OpenStack load-balancers) + description: |- + IP is set for load-balancer ingress points that are IP based + (typically GCE or OpenStack load-balancers) + type: string + ipMode: + description: |- + IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. + Setting this to "VIP" indicates that traffic is delivered to the node with + the destination set to the load-balancer's IP and port. + Setting this to "Proxy" indicates that traffic is delivered to the node or pod with + the destination set to the node's IP and node port or the pod's IP and port. + Service implementations may use this information to adjust traffic routing. type: string ports: - description: Ports is a list of records of service ports - If used, every port defined in the service should have - an entry in it + description: |- + Ports is a list of records of service ports + If used, every port defined in the service should have an entry in it items: properties: error: - description: 'Error is to record the problem with - the service port The format of the error shall comply - with the following rules: - built-in error values - shall be specified in this file and those shall - use CamelCase names - cloud provider specific error - values must have names that comply with the format - foo.example.com/CamelCase. --- The regex it matches - is (dns1123SubdomainFmt/)?(qualifiedNameFmt)' + description: |- + Error is to record the problem with the service port + The format of the error shall comply with the following rules: + - built-in error values shall be specified in this file and those shall use + CamelCase names + - cloud provider specific error values must have names that comply with the + format foo.example.com/CamelCase. + --- + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -1905,9 +2919,9 @@ spec: type: integer protocol: default: TCP - description: 'Protocol is the protocol of the service - port of which status is recorded here The supported - values are: "TCP", "UDP", "SCTP"' + description: |- + Protocol is the protocol of the service port of which status is recorded here + The supported values are: "TCP", "UDP", "SCTP" type: string required: - port diff --git a/charts/kong/values.yaml b/charts/kong/values.yaml index 1d0f8c0d5..a8b699cd1 100644 --- a/charts/kong/values.yaml +++ b/charts/kong/values.yaml @@ -130,7 +130,7 @@ extraLabels: {} # Specify Kong's Docker image and repository details here image: repository: kong - tag: "3.5" + tag: "3.6" # Kong Enterprise # repository: kong/kong-gateway # tag: "3.5" @@ -525,7 +525,7 @@ ingressController: enabled: true image: repository: kong/kubernetes-ingress-controller - tag: "3.0" + tag: "3.1" # Optionally set a semantic version for version-gated features. This can normally # be left unset. You only need to set this if your tag is not a semver string, # such as when you are using a "next" tag. Set this to the effective semantic