Skip to content

Commit

Permalink
api: lua support in EnvoyExtensionPolicy
Browse files Browse the repository at this point in the history
Signed-off-by: Rudrakh Panigrahi <[email protected]>
  • Loading branch information
rudrakhp committed Dec 18, 2024
1 parent ca2d80b commit 3af71fd
Show file tree
Hide file tree
Showing 7 changed files with 431 additions and 7 deletions.
15 changes: 11 additions & 4 deletions api/v1alpha1/envoyextensionypolicy_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -32,16 +32,15 @@ type EnvoyExtensionPolicy struct {
Status gwapiv1a2.PolicyStatus `json:"status,omitempty"`
}

// +kubebuilder:validation:XValidation:rule="(has(self.targetRef) && !has(self.targetRefs)) || (!has(self.targetRef) && has(self.targetRefs)) || (has(self.targetSelectors) && self.targetSelectors.size() > 0) ", message="either targetRef or targetRefs must be used"
// EnvoyExtensionPolicySpec defines the desired state of EnvoyExtensionPolicy.
//
// +kubebuilder:validation:XValidation:rule="(has(self.targetRef) && !has(self.targetRefs)) || (!has(self.targetRef) && has(self.targetRefs)) || (has(self.targetSelectors) && self.targetSelectors.size() > 0) ", message="either targetRef or targetRefs must be used"
// +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? self.targetRef.group == 'gateway.networking.k8s.io' : true", message="this policy can only have a targetRef.group of gateway.networking.k8s.io"
// +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? self.targetRef.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute'] : true", message="this policy can only have a targetRef.kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
// +kubebuilder:validation:XValidation:rule="has(self.targetRef) ? !has(self.targetRef.sectionName) : true",message="this policy does not yet support the sectionName field"
// +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, ref.group == 'gateway.networking.k8s.io') : true ", message="this policy can only have a targetRefs[*].group of gateway.networking.k8s.io"
// +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, ref.kind in ['Gateway', 'HTTPRoute', 'GRPCRoute', 'UDPRoute', 'TCPRoute', 'TLSRoute']) : true ", message="this policy can only have a targetRefs[*].kind of Gateway/HTTPRoute/GRPCRoute/TCPRoute/UDPRoute/TLSRoute"
// +kubebuilder:validation:XValidation:rule="has(self.targetRefs) ? self.targetRefs.all(ref, !has(ref.sectionName)) : true",message="this policy does not yet support the sectionName field"
//
// EnvoyExtensionPolicySpec defines the desired state of EnvoyExtensionPolicy.
type EnvoyExtensionPolicySpec struct {
PolicyTargetReferences `json:",inline"`

Expand All @@ -54,11 +53,19 @@ type EnvoyExtensionPolicySpec struct {
Wasm []Wasm `json:"wasm,omitempty"`

// ExtProc is an ordered list of external processing filters
// that should added to the envoy filter chain
// that should be added to the envoy filter chain
//
// +kubebuilder:validation:MaxItems=16
// +optional
ExtProc []ExtProc `json:"extProc,omitempty"`

// Lua is an ordered list of Lua filters
// that should be added to the envoy filter chain
//
// +kubebuilder:validation:MaxItems=16
// +optional
// +notImplementedHide
Lua []Lua `json:"lua,omitempty"`
}

//+kubebuilder:object:root=true
Expand Down
44 changes: 44 additions & 0 deletions api/v1alpha1/lua_types.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
// Copyright Envoy Gateway Authors
// SPDX-License-Identifier: Apache-2.0
// The full text of the Apache license is available in the LICENSE file at
// the root of the repo.

package v1alpha1

import gwapiv1 "sigs.k8s.io/gateway-api/apis/v1"

// Lua defines a Lua extension
// Only one of Source or Disabled must be set
//
// +kubebuilder:validation:XValidation:rule="has(self.source) ? (!has(self.disabled) || self.disabled == false) : (has(self.disabled) && self.disabled == true)",message="Exactly one of source or disabled must be set."
type Lua struct {
// Source is the LuaSource that will be executed for this extension.
//
// +optional
Source *LuaSource `json:"source"`
// Disabled is the status of the extension.
// Used for disabling Lua extensions at a route level.
//
// +optional
Disabled *bool `json:"disabled,omitempty"`
}

// LuaSource contains source code information for a user defined Lua script
// Only one of Inline or ValueRef must be set
//
// +kubebuilder:validation:XValidation:rule="has(self.inline) ? !has(self.valueRef) : has(self.valueRef)",message="Exactly one of inline or valueRef must be set."
type LuaSource struct {
// Inline contains the value as an inline string.
//
// +optional
Inline *string `json:"inline,omitempty"`
// ValueRef contains the contents of the body
// specified as a local object reference.
// Only a reference to ConfigMap is supported.
// The value of key `lua` in the ConfigMap will be used as the LuaSource.
// If the key is not found, the first value in the ConfigMap will be used.
//
// +kubebuilder:validation:XValidation:rule="self.kind == 'ConfigMap' && (!has(self.group) || self.group == '')",message="Only a reference to an object of kind ConfigMap belonging to default core API group is supported."
// +optional
ValueRef *gwapiv1.LocalObjectReference `json:"valueRef,omitempty"`
}
57 changes: 57 additions & 0 deletions api/v1alpha1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ spec:
extProc:
description: |-
ExtProc is an ordered list of external processing filters
that should added to the envoy filter chain
that should be added to the envoy filter chain
items:
description: ExtProc defines the configuration for External Processing
filter.
Expand Down Expand Up @@ -973,6 +973,75 @@ spec:
== "" || f.group == ''gateway.envoyproxy.io'')) : true'
maxItems: 16
type: array
lua:
description: |-
Lua is an ordered list of Lua filters
that should be added to the envoy filter chain
items:
description: |-
Lua defines a Lua extension
Only one of Source or Disabled must be set
properties:
disabled:
description: |-
Disabled is the status of the extension.
Used for disabling Lua extensions at a route level.
type: boolean
source:
description: Source is the LuaSource that will be executed for
this extension.
properties:
inline:
description: Inline contains the value as an inline string.
type: string
valueRef:
description: |-
ValueRef contains the contents of the body
specified as a local object reference.
Only a reference to ConfigMap is supported.
The value of key `lua` in the ConfigMap will be used as the LuaSource.
If the key is not found, the first value in the ConfigMap will be used.
properties:
group:
description: |-
Group is the group of the referent. For example, "gateway.networking.k8s.io".
When unspecified or empty string, core API group is inferred.
maxLength: 253
pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
type: string
kind:
description: Kind is kind of the referent. For example
"HTTPRoute" or "Service".
maxLength: 63
minLength: 1
pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
type: string
name:
description: Name is the name of the referent.
maxLength: 253
minLength: 1
type: string
required:
- group
- kind
- name
type: object
x-kubernetes-validations:
- message: Only a reference to an object of kind ConfigMap
belonging to default core API group is supported.
rule: self.kind == 'ConfigMap' && (!has(self.group) ||
self.group == '')
type: object
x-kubernetes-validations:
- message: Exactly one of inline or valueRef must be set.
rule: 'has(self.inline) ? !has(self.valueRef) : has(self.valueRef)'
type: object
x-kubernetes-validations:
- message: Exactly one of source or disabled must be set.
rule: 'has(self.source) ? (!has(self.disabled) || self.disabled
== false) : (has(self.disabled) && self.disabled == true)'
maxItems: 16
type: array
targetRef:
description: |-
TargetRef is the name of the resource this policy is being attached to.
Expand Down
34 changes: 33 additions & 1 deletion site/content/en/latest/api/extension_types.md
Original file line number Diff line number Diff line change
Expand Up @@ -980,7 +980,7 @@ _Appears in:_
| `targetRefs` | _[LocalPolicyTargetReferenceWithSectionName](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReferenceWithSectionName) array_ | true | TargetRefs are the names of the Gateway resources this policy<br />is being attached to. |
| `targetSelectors` | _[TargetSelector](#targetselector) array_ | true | TargetSelectors allow targeting resources for this policy based on labels |
| `wasm` | _[Wasm](#wasm) array_ | false | Wasm is a list of Wasm extensions to be loaded by the Gateway.<br />Order matters, as the extensions will be loaded in the order they are<br />defined in this list. |
| `extProc` | _[ExtProc](#extproc) array_ | false | ExtProc is an ordered list of external processing filters<br />that should added to the envoy filter chain |
| `extProc` | _[ExtProc](#extproc) array_ | false | ExtProc is an ordered list of external processing filters<br />that should be added to the envoy filter chain |


#### EnvoyFilter
Expand Down Expand Up @@ -2738,6 +2738,38 @@ _Appears in:_
| `error` | LogLevelError defines the "Error" logging level.<br /> |


#### Lua



Lua defines a Lua extension
Only one of Source or Disabled must be set

_Appears in:_
- [EnvoyExtensionPolicySpec](#envoyextensionpolicyspec)

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `source` | _[LuaSource](#luasource)_ | false | Source is the LuaSource that will be executed for this extension. |
| `disabled` | _boolean_ | false | Disabled is the status of the extension.<br />Used for disabling Lua extensions at a route level. |


#### LuaSource



LuaSource contains source code information for a user defined Lua script
Only one of Inline or ValueRef must be set

_Appears in:_
- [Lua](#lua)

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `inline` | _string_ | false | Inline contains the value as an inline string. |
| `valueRef` | _[LocalObjectReference](#localobjectreference)_ | false | ValueRef contains the contents of the body<br />specified as a local object reference.<br />Only a reference to ConfigMap is supported.<br />The value of key `lua` in the ConfigMap will be used as the LuaSource.<br />If the key is not found, the first value in the ConfigMap will be used. |


#### MergeType

_Underlying type:_ _string_
Expand Down
34 changes: 33 additions & 1 deletion site/content/zh/latest/api/extension_types.md
Original file line number Diff line number Diff line change
Expand Up @@ -980,7 +980,7 @@ _Appears in:_
| `targetRefs` | _[LocalPolicyTargetReferenceWithSectionName](https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1alpha2.LocalPolicyTargetReferenceWithSectionName) array_ | true | TargetRefs are the names of the Gateway resources this policy<br />is being attached to. |
| `targetSelectors` | _[TargetSelector](#targetselector) array_ | true | TargetSelectors allow targeting resources for this policy based on labels |
| `wasm` | _[Wasm](#wasm) array_ | false | Wasm is a list of Wasm extensions to be loaded by the Gateway.<br />Order matters, as the extensions will be loaded in the order they are<br />defined in this list. |
| `extProc` | _[ExtProc](#extproc) array_ | false | ExtProc is an ordered list of external processing filters<br />that should added to the envoy filter chain |
| `extProc` | _[ExtProc](#extproc) array_ | false | ExtProc is an ordered list of external processing filters<br />that should be added to the envoy filter chain |


#### EnvoyFilter
Expand Down Expand Up @@ -2738,6 +2738,38 @@ _Appears in:_
| `error` | LogLevelError defines the "Error" logging level.<br /> |


#### Lua



Lua defines a Lua extension
Only one of Source or Disabled must be set

_Appears in:_
- [EnvoyExtensionPolicySpec](#envoyextensionpolicyspec)

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `source` | _[LuaSource](#luasource)_ | false | Source is the LuaSource that will be executed for this extension. |
| `disabled` | _boolean_ | false | Disabled is the status of the extension.<br />Used for disabling Lua extensions at a route level. |


#### LuaSource



LuaSource contains source code information for a user defined Lua script
Only one of Inline or ValueRef must be set

_Appears in:_
- [Lua](#lua)

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `inline` | _string_ | false | Inline contains the value as an inline string. |
| `valueRef` | _[LocalObjectReference](#localobjectreference)_ | false | ValueRef contains the contents of the body<br />specified as a local object reference.<br />Only a reference to ConfigMap is supported.<br />The value of key `lua` in the ConfigMap will be used as the LuaSource.<br />If the key is not found, the first value in the ConfigMap will be used. |


#### MergeType

_Underlying type:_ _string_
Expand Down
Loading

0 comments on commit 3af71fd

Please sign in to comment.